Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          nbX5IER3GvQHz9PdfJhi9Iz8GQRB11bM9yloIAx1tKU=
Subject key identifier:   69:BD:88:12:12:DB:E3:55:A0:CE:66:56:74:F1:9B:CD:48:29:B7:5D
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019A72936E150D1B9C844F527BB96ADEDE86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 11:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:55 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: v6wYgosoijCFKwYr0ASjCMJwBdC6WijwLwPSsPrYXPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:6e:15:0d:1b:9c:84:4f:52:7b:b9:6a:de:de:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Nov 11 11:00:55 2025 GMT
            Not After : Nov 12 11:00:55 2025 GMT
        Subject: CN=69bd881212dbe355a0ce665674f19bcd4829b75d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:80:b9:87:bf:5e:79:7e:56:bf:6e:36:ef:85:
                    50:e6:e4:c3:f9:8d:7b:54:0d:2f:26:f0:85:c1:e8:
                    71:b7:94:13:22:32:15:20:a1:44:0c:16:eb:ea:63:
                    2b:b8:ef:c2:a7:75:23:8d:77:2e:0d:49:a5:bb:81:
                    d3:92:6a:4e:3a:d3:9d:53:c8:02:39:30:19:47:a1:
                    fd:75:02:e6:ca:3b:53:54:3e:3f:db:8e:c1:1f:32:
                    c8:49:c6:14:8c:c0:87:e1:91:01:44:66:d8:07:81:
                    8d:aa:ea:61:a3:68:c8:04:50:92:95:7c:a3:06:1a:
                    d7:31:7d:bc:e2:70:35:83:b5:39:ad:98:d7:dc:4e:
                    ce:8d:64:88:a9:85:46:8a:74:f8:24:f4:ec:a1:13:
                    e1:81:6c:bb:48:cb:db:b0:66:6e:b6:38:6a:4b:81:
                    08:e0:c6:ef:b9:46:cc:aa:42:8d:58:52:3a:b7:03:
                    5e:ab:e8:a9:6f:7e:12:fe:1d:a7:8f:ec:a9:2e:51:
                    97:6f:81:f7:3d:3b:7a:7b:9d:fa:59:2d:54:e6:26:
                    93:10:31:2a:6d:27:11:a8:66:44:b3:2d:bb:f1:c7:
                    52:4a:ab:f7:fc:8c:fe:ff:24:69:df:ad:a4:66:1b:
                    6c:16:80:2e:7c:23:5f:43:91:0a:7e:66:c8:7d:7a:
                    a8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BD:88:12:12:DB:E3:55:A0:CE:66:56:74:F1:9B:CD:48:29:B7:5D
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:75:78:a6:f9:ff:d2:e9:07:6c:cf:22:f4:17:a0:ec:43:62:
         1a:87:e5:3a:bf:ad:43:af:1b:34:27:44:7d:c7:c0:a3:c8:87:
         93:cd:46:00:f7:1d:83:de:ff:eb:2f:69:bd:3c:d2:d5:53:4b:
         aa:7c:2a:6c:e2:1a:9e:70:b9:69:71:f7:5e:63:cb:5d:da:d4:
         b0:42:c5:2a:26:dd:80:5d:2a:1b:a0:6e:f9:ab:ae:75:7b:ee:
         b3:f1:41:04:be:fc:67:01:e0:cc:2a:8d:43:18:e2:cc:1a:f4:
         32:da:27:e4:02:75:03:fb:67:ce:7e:0d:c9:c5:5d:d8:58:e7:
         a0:a2:8c:a3:d3:fb:1f:3f:7b:74:3f:fa:26:05:04:bb:53:08:
         37:be:c7:51:3a:88:16:4e:f0:91:c0:4f:24:a9:79:a3:ab:6f:
         b3:aa:86:84:56:df:f5:6a:4f:20:7e:a2:7d:20:9f:f4:de:81:
         dc:46:09:85:f4:e3:29:d4:fe:ae:65:c2:a3:8c:f9:34:2e:1f:
         50:62:7b:23:0d:0f:a0:27:02:e0:2f:3e:23:68:84:01:67:9d:
         60:dc:dd:5a:c7:12:fc:52:3c:89:b5:36:98:8f:bf:88:06:cc:
         f6:5b:12:9d:df:06:4b:88:cd:3e:4b:04:c8:89:32:57:bd:fe:
         62:dd:37:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk24VDRuchE9Se7lq3t6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUxMTExMTEwMDU1WhcNMjUxMTEyMTEwMDU1WjAzMTEwLwYDVQQD
Eyg2OWJkODgxMjEyZGJlMzU1YTBjZTY2NTY3NGYxOWJjZDQ4MjliNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoC5h79eeX5Wv24274VQ5uTD+Y17
VA0vJvCFwehxt5QTIjIVIKFEDBbr6mMruO/Cp3UjjXcuDUmlu4HTkmpOOtOdU8gC
OTAZR6H9dQLmyjtTVD4/247BHzLIScYUjMCH4ZEBRGbYB4GNqupho2jIBFCSlXyj
BhrXMX284nA1g7U5rZjX3E7OjWSIqYVGinT4JPTsoRPhgWy7SMvbsGZutjhqS4EI
4MbvuUbMqkKNWFI6twNeq+ipb34S/h2nj+ypLlGXb4H3PTt6e536WS1U5iaTEDEq
bScRqGZEsy278cdSSqv3/Iz+/yRp362kZhtsFoAufCNfQ5EKfmbIfXqorQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGm9iBIS2+NVoM5mVnTxm81IKbddMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3V4pvn/
0ukHbM8i9Beg7ENiGoflOr+tQ68bNCdEfcfAo8iHk81GAPcdg97/6y9pvTzS1VNL
qnwqbOIannC5aXH3XmPLXdrUsELFKibdgF0qG6Bu+auudXvus/FBBL78ZwHgzCqN
QxjizBr0Mton5AJ1A/tnzn4NycVd2FjnoKKMo9P7Hz97dD/6JgUEu1MIN77HUTqI
Fk7wkcBPJKl5o6tvs6qGhFbf9WpPIH6ifSCf9N6B3EYJhfTjKdT+rmXCo4z5NC4f
UGJ7Iw0PoCcC4C8+I2iEAWedYNzdWscS/FI8ibU2mI+/iAbM9lsSnd8GS4jNPksE
yIkyV73+Yt03Gg==
-----END CERTIFICATE-----