Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
File:                     ypfglEx3smswKXwtScO-ausnNxE.mft (raw, json)
Hash identifier:          IURuLID0UAqtaEynyheJcQntEe2M9J5w8NaNvSNgPdQ=
Subject key identifier:   DB:B7:37:21:E1:9A:31:CB:7A:15:35:C1:E6:75:2C:6A:D6:16:7C:98
Authority key identifier: CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11
Certificate issuer:       /CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
Certificate serial:       019A71B8DC642BC663976C8BE79F7D2D84AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
Manifest number:          0434
Signing time:             Tue 11 Nov 2025 07:02:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:11 +0000
Files and hashes:         1: ypfglEx3smswKXwtScO-ausnNxE.crl (hash: 0vm8Sz+AI2VTQ62ea7g0m0ugOEl4eJAs49Lw9fU8WMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:dc:64:2b:c6:63:97:6c:8b:e7:9f:7d:2d:84:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
        Validity
            Not Before: Nov 11 07:02:11 2025 GMT
            Not After : Nov 12 07:02:11 2025 GMT
        Subject: CN=dbb73721e19a31cb7a1535c1e6752c6ad6167c98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:3c:80:ee:f2:11:08:5c:c9:92:ff:af:d4:bc:
                    29:dd:27:6f:11:6f:24:45:ad:a0:f0:22:ac:cd:20:
                    80:aa:d7:79:df:88:df:39:5a:58:b5:04:72:45:81:
                    f6:83:80:c3:16:bd:96:bc:dc:e0:67:c1:16:20:e1:
                    80:f9:67:87:db:45:4c:b3:1b:44:de:48:dc:45:43:
                    0e:e3:e7:a6:29:43:5e:96:07:47:5e:42:58:fa:21:
                    4e:fe:a5:11:bf:10:f5:da:76:27:6e:27:ca:b7:07:
                    02:33:f3:51:24:73:29:23:09:a1:41:f6:c6:a2:22:
                    67:ab:f5:7f:55:71:86:e2:d8:9b:88:00:4d:dc:89:
                    ff:d4:28:82:f1:e4:5c:18:3c:1b:0d:ef:58:20:97:
                    7d:b0:4f:01:bf:67:df:a8:ae:35:fe:1a:e4:c3:d0:
                    42:45:53:63:2a:ea:b8:92:61:86:b1:5e:8d:0d:cf:
                    83:b8:8a:bb:11:29:f8:8e:f7:e1:e2:49:77:3f:a4:
                    6b:d4:a9:51:82:e9:01:11:5e:ed:46:82:c4:7f:d3:
                    b5:17:ee:90:42:0c:ec:84:9f:23:62:ae:31:94:9f:
                    29:4b:9d:9d:ee:7c:d8:c8:b3:b5:c7:4d:54:89:c8:
                    7e:51:59:f6:f1:f6:77:34:6e:49:3b:94:ea:8b:98:
                    92:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:B7:37:21:E1:9A:31:CB:7A:15:35:C1:E6:75:2C:6A:D6:16:7C:98
            X509v3 Authority Key Identifier:
                keyid:CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:4d:16:fd:9f:51:ce:a3:f7:23:de:ea:ae:18:9c:ea:3f:13:
         2b:f8:ce:19:d5:a8:71:cf:45:ed:fc:ae:89:ee:4b:fa:46:db:
         37:2c:66:90:ec:3b:1d:65:2d:49:0c:29:7f:0c:72:d4:12:3f:
         6f:e8:83:46:9f:08:91:c0:74:da:be:19:35:da:c9:f8:b8:72:
         47:a6:59:b2:44:a4:03:b1:9c:31:0d:14:d5:a2:c9:49:a5:18:
         23:8e:8f:3d:e6:91:f1:5e:6d:6e:81:56:bb:f1:3b:d1:8b:5c:
         00:9a:9a:64:a5:e0:b8:91:a2:6e:2d:27:90:19:04:82:04:2c:
         1b:30:77:cd:3f:d0:60:a8:d3:41:e3:81:c5:cf:92:57:30:b0:
         9f:c6:fa:13:70:53:c0:fe:8d:76:db:a1:29:f2:2d:c0:42:85:
         8a:03:08:b0:58:b6:e3:7f:16:d7:a1:03:80:6f:6b:67:89:f2:
         87:18:43:3b:49:ff:e7:df:8c:b9:62:7a:db:14:1d:33:78:94:
         e2:4b:11:5e:18:15:07:3e:44:ba:6b:06:6a:e6:fe:95:25:4c:
         6c:56:ee:66:45:90:1e:89:bc:d9:5a:7f:55:cc:b6:69:5f:8b:
         5f:b8:39:d6:12:db:18:76:e6:89:c2:54:2a:c4:81:ea:2e:6b:
         95:1c:2f:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNxkK8Zjl2yL5599LYSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTdlMDk0NGM3N2IyNmIzMDI5N2MyZDQ5YzNiZTZhZWIy
NzM3MTEwHhcNMjUxMTExMDcwMjExWhcNMjUxMTEyMDcwMjExWjAzMTEwLwYDVQQD
EyhkYmI3MzcyMWUxOWEzMWNiN2ExNTM1YzFlNjc1MmM2YWQ2MTY3Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TyA7vIRCFzJkv+v1Lwp3SdvEW8k
Ra2g8CKszSCAqtd534jfOVpYtQRyRYH2g4DDFr2WvNzgZ8EWIOGA+WeH20VMsxtE
3kjcRUMO4+emKUNelgdHXkJY+iFO/qURvxD12nYnbifKtwcCM/NRJHMpIwmhQfbG
oiJnq/V/VXGG4tibiABN3In/1CiC8eRcGDwbDe9YIJd9sE8Bv2ffqK41/hrkw9BC
RVNjKuq4kmGGsV6NDc+DuIq7ESn4jvfh4kl3P6Rr1KlRgukBEV7tRoLEf9O1F+6Q
QgzshJ8jYq4xlJ8pS52d7nzYyLO1x01Uich+UVn28fZ3NG5JO5Tqi5iS9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNu3NyHhmjHLehU1weZ1LGrWFnyYMB8GA1UdIwQY
MBaAFMqX4JRMd7JrMCl8LUnDvmrrJzcRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQt
ZTY4NzY3YzE4ZjAyLzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQtZTY4NzY3YzE4ZjAy
LzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT00W/Z9R
zqP3I97qrhic6j8TK/jOGdWocc9F7fyuie5L+kbbNyxmkOw7HWUtSQwpfwxy1BI/
b+iDRp8IkcB02r4ZNdrJ+LhyR6ZZskSkA7GcMQ0U1aLJSaUYI46PPeaR8V5tboFW
u/E70YtcAJqaZKXguJGibi0nkBkEggQsGzB3zT/QYKjTQeOBxc+SVzCwn8b6E3BT
wP6NdtuhKfItwEKFigMIsFi2438W16EDgG9rZ4nyhxhDO0n/59+MuWJ62xQdM3iU
4ksRXhgVBz5EumsGaub+lSVMbFbuZkWQHom82Vp/Vcy2aV+LX7g51hLbGHbmicJU
KsSB6i5rlRwvsA==
-----END CERTIFICATE-----