Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          6EMwrjZ5uvkemjm3UfLF0DLomBkyQV1YOD6Vrg16goc=
Subject key identifier:   5B:E7:B5:29:71:DB:00:A2:DF:F9:61:C7:FE:45:7E:1C:58:E4:DF:FC
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019A71B8CB3408436B32CB8E99FD8FF2905A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          16AE
Signing time:             Tue 11 Nov 2025 07:02:07 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:07 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:07 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: NlKYTYv7A2jdiwAHHwvZ8CFWUOwuDdf6F1kYS3AUb+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:cb:34:08:43:6b:32:cb:8e:99:fd:8f:f2:90:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Nov 11 07:02:07 2025 GMT
            Not After : Nov 12 07:02:07 2025 GMT
        Subject: CN=5be7b52971db00a2dff961c7fe457e1c58e4dffc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ea:13:40:6e:27:2a:73:0b:83:92:b3:4b:a3:
                    d8:34:a1:d4:0a:0f:27:22:08:67:0a:6b:22:f1:01:
                    a5:8b:ec:6b:21:0b:14:69:b6:0a:a0:1c:05:46:00:
                    7f:9e:d6:af:69:c5:3e:20:a9:f6:19:d4:ca:5a:ff:
                    a3:05:a2:19:b3:06:06:6f:f2:5d:98:e0:5a:6e:cb:
                    86:53:b2:3f:1e:2e:52:66:9e:99:9c:6a:76:f6:04:
                    73:43:03:8a:e8:cb:da:18:b3:7e:11:c5:cb:b9:c2:
                    21:80:39:63:fe:56:f1:15:38:cb:fd:0f:d4:ff:0a:
                    b0:a0:d4:fe:d2:a5:77:31:b3:1d:b5:4d:92:a1:c8:
                    d8:93:8a:e6:da:d4:7d:86:81:89:7b:7a:5a:e4:c6:
                    cc:11:95:c5:f4:87:e2:e1:c0:fb:6c:41:f3:e1:7e:
                    67:37:7d:07:56:b1:a2:5b:df:40:7b:26:76:b8:50:
                    ee:85:49:23:1d:39:97:82:0e:e1:50:69:38:f4:72:
                    17:41:e8:fb:ea:a1:9e:dc:e7:d9:03:29:2d:9e:15:
                    4c:df:b9:c9:96:76:0c:54:5e:79:36:2c:5b:51:61:
                    23:fe:10:1a:9f:35:69:0e:94:6c:9f:95:38:39:bd:
                    cf:95:0e:01:0b:12:b7:15:7c:0b:96:3d:6d:8c:a2:
                    74:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E7:B5:29:71:DB:00:A2:DF:F9:61:C7:FE:45:7E:1C:58:E4:DF:FC
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:f9:9a:3a:07:be:c1:fc:cd:33:9b:58:69:ab:5d:9b:91:f7:
         3d:ad:d8:fc:94:8e:52:57:74:bc:bc:f3:9a:1f:7c:de:48:6d:
         8e:a0:ce:bf:07:a4:ac:24:9a:54:1c:02:fe:3e:b3:1f:2f:96:
         c5:b5:b6:03:38:a1:1b:d0:4f:1e:23:73:5c:31:34:f4:b2:a3:
         5b:14:3f:4b:61:94:ab:57:db:79:f3:a4:5b:71:61:7f:a5:86:
         cc:fe:5b:8f:47:2f:49:f3:24:bb:af:84:78:ca:5f:0e:7f:1a:
         66:ea:77:77:48:9b:90:22:c3:b4:8e:bb:b5:25:06:ed:92:e7:
         27:e2:e1:b4:06:6f:53:bb:a1:10:f3:fa:bd:f6:5a:5e:34:d5:
         34:b3:37:32:1a:f1:f7:ca:c0:59:45:1a:9b:86:f9:da:0b:c3:
         ad:e2:37:d5:21:ef:ac:d4:2a:10:d3:7f:ca:b2:0b:37:54:54:
         3b:92:33:fe:27:70:2b:71:79:7b:ba:3c:ca:12:d7:4e:f3:e9:
         43:41:c8:8f:61:48:bc:64:f1:83:cf:5b:2c:de:a4:89:e2:14:
         21:a8:20:25:f8:ac:3b:14:db:13:51:02:81:95:5e:fc:86:02:
         63:38:a1:82:bd:98:76:3c:3c:b6:f3:d6:5b:1a:ce:14:79:2a:
         54:4b:db:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMs0CENrMsuOmf2P8pBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUxMTExMDcwMjA3WhcNMjUxMTEyMDcwMjA3WjAzMTEwLwYDVQQD
Eyg1YmU3YjUyOTcxZGIwMGEyZGZmOTYxYzdmZTQ1N2UxYzU4ZTRkZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+oTQG4nKnMLg5KzS6PYNKHUCg8n
IghnCmsi8QGli+xrIQsUabYKoBwFRgB/ntavacU+IKn2GdTKWv+jBaIZswYGb/Jd
mOBabsuGU7I/Hi5SZp6ZnGp29gRzQwOK6MvaGLN+EcXLucIhgDlj/lbxFTjL/Q/U
/wqwoNT+0qV3MbMdtU2SocjYk4rm2tR9hoGJe3pa5MbMEZXF9Ifi4cD7bEHz4X5n
N30HVrGiW99AeyZ2uFDuhUkjHTmXgg7hUGk49HIXQej76qGe3OfZAyktnhVM37nJ
lnYMVF55NixbUWEj/hAanzVpDpRsn5U4Ob3PlQ4BCxK3FXwLlj1tjKJ0XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvntSlx2wCi3/lhx/5FfhxY5N/8MB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvmaOge+
wfzNM5tYaatdm5H3Pa3Y/JSOUld0vLzzmh983khtjqDOvwekrCSaVBwC/j6zHy+W
xbW2AzihG9BPHiNzXDE09LKjWxQ/S2GUq1fbefOkW3Fhf6WGzP5bj0cvSfMku6+E
eMpfDn8aZup3d0ibkCLDtI67tSUG7ZLnJ+LhtAZvU7uhEPP6vfZaXjTVNLM3Mhrx
98rAWUUam4b52gvDreI31SHvrNQqENN/yrILN1RUO5Iz/idwK3F5e7o8yhLXTvPp
Q0HIj2FIvGTxg89bLN6kieIUIaggJfisOxTbE1ECgZVe/IYCYzihgr2Ydjw8tvPW
WxrOFHkqVEvbag==
-----END CERTIFICATE-----