Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          DA7M8Xx7AeYDDWR1zlopspiEc0R+2AlqrKqQWrmwwWA=
Subject key identifier:   6F:EE:6D:7F:73:CD:53:B6:CD:67:CE:2B:E1:99:01:2B:34:F0:4F:C8
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       019A72257A370D8C9D86D574739C1AF1D816
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          12FB
Signing time:             Tue 11 Nov 2025 09:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:49 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: w4kz7ktS2LeHp5FkJ6tOpEebN9i4XUjpOIPLSWs2xt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:7a:37:0d:8c:9d:86:d5:74:73:9c:1a:f1:d8:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Nov 11 09:00:49 2025 GMT
            Not After : Nov 12 09:00:49 2025 GMT
        Subject: CN=6fee6d7f73cd53b6cd67ce2be199012b34f04fc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:62:76:43:72:64:54:11:d6:6c:d1:d1:f2:e1:
                    64:e4:55:1a:47:1b:c1:1e:be:c0:bd:8f:5f:f3:63:
                    53:b3:d2:fb:18:95:7e:ba:d0:68:1a:46:80:f8:16:
                    4c:ad:da:5d:b5:c5:71:cc:67:cf:59:9e:74:a5:f9:
                    96:ca:2c:05:58:c8:39:af:7d:a8:e3:97:bd:d9:bc:
                    1b:e9:e9:82:3b:c2:60:d2:bd:3c:a9:83:04:88:87:
                    07:cf:f6:38:99:83:f6:c6:14:96:e5:41:f0:59:eb:
                    9f:98:a5:cb:be:14:36:0e:25:c6:e2:d7:b6:93:d8:
                    94:16:e2:72:94:1e:fb:3f:c3:7c:60:4c:e3:83:62:
                    b4:ef:3d:7a:62:26:fc:07:d5:1d:65:1e:a8:4d:80:
                    02:b7:0e:da:3f:d3:dc:d0:06:23:e0:ec:d8:91:b8:
                    cd:b1:3b:a0:db:bd:b6:ff:54:85:ed:ca:0a:88:02:
                    da:72:a1:c8:2d:6d:63:21:05:96:d2:60:38:70:52:
                    2a:66:b0:f9:b9:5a:bb:e9:a2:3b:a0:b6:1f:ec:d1:
                    1b:b4:8c:b5:be:d1:4b:16:94:60:97:c4:c6:8d:0c:
                    95:cd:3a:e9:ed:7b:bc:75:2e:e0:3e:1c:a2:7b:32:
                    ce:23:fb:24:42:ae:e8:a3:87:91:ac:39:b5:ad:52:
                    8e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:EE:6D:7F:73:CD:53:B6:CD:67:CE:2B:E1:99:01:2B:34:F0:4F:C8
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:4b:0b:c2:a1:53:1d:25:1d:98:be:50:21:e2:c8:fd:4d:56:
         15:dd:66:36:3b:ce:96:75:a8:1a:5f:b9:1e:e4:77:81:48:5f:
         f4:d6:6a:25:ca:8d:8a:df:31:9a:08:3c:89:4e:d8:d8:e3:5c:
         dc:fa:63:cd:20:a4:fc:35:4a:e9:10:b7:6f:e7:40:d0:ea:ac:
         ec:16:83:39:ca:a5:d4:7f:64:61:71:65:c0:da:ba:bd:4c:9d:
         c1:4b:1c:ec:7e:0c:7c:cf:cc:af:66:f4:3a:02:11:b4:98:2d:
         de:42:c1:69:f0:d3:71:69:5f:73:ef:87:a4:26:d6:74:78:80:
         f1:b5:10:6c:33:72:54:dc:2c:8f:b2:c9:33:6e:b0:bd:19:c9:
         67:06:f6:c9:39:65:79:55:96:3f:85:f1:d9:cf:b3:05:e8:b8:
         10:bd:58:2a:5c:8a:dd:8b:7d:db:84:70:95:8a:48:6b:89:09:
         13:3c:ba:60:e9:62:b6:06:df:86:b3:77:df:75:04:e4:c1:e8:
         91:82:6d:80:49:6e:53:8d:47:9e:12:cb:5f:01:8f:da:59:9b:
         a8:c1:6a:fa:ea:07:70:8b:82:a1:a2:5b:f8:14:f2:2e:84:95:
         42:02:c8:b3:4e:3a:3a:0f:d6:a2:b9:f9:54:31:0d:4e:f3:ec:
         24:b6:8a:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXo3DYydhtV0c5wa8dgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjUxMTExMDkwMDQ5WhcNMjUxMTEyMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg2ZmVlNmQ3ZjczY2Q1M2I2Y2Q2N2NlMmJlMTk5MDEyYjM0ZjA0ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWJ2Q3JkVBHWbNHR8uFk5FUaRxvB
Hr7AvY9f82NTs9L7GJV+utBoGkaA+BZMrdpdtcVxzGfPWZ50pfmWyiwFWMg5r32o
45e92bwb6emCO8Jg0r08qYMEiIcHz/Y4mYP2xhSW5UHwWeufmKXLvhQ2DiXG4te2
k9iUFuJylB77P8N8YEzjg2K07z16Yib8B9UdZR6oTYACtw7aP9Pc0AYj4OzYkbjN
sTug2722/1SF7coKiALacqHILW1jIQWW0mA4cFIqZrD5uVq76aI7oLYf7NEbtIy1
vtFLFpRgl8TGjQyVzTrp7Xu8dS7gPhyiezLOI/skQq7oo4eRrDm1rVKOUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/ubX9zzVO2zWfOK+GZASs08E/IMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEsLwqFT
HSUdmL5QIeLI/U1WFd1mNjvOlnWoGl+5HuR3gUhf9NZqJcqNit8xmgg8iU7Y2ONc
3PpjzSCk/DVK6RC3b+dA0Oqs7BaDOcql1H9kYXFlwNq6vUydwUsc7H4MfM/Mr2b0
OgIRtJgt3kLBafDTcWlfc++HpCbWdHiA8bUQbDNyVNwsj7LJM26wvRnJZwb2yTll
eVWWP4Xx2c+zBei4EL1YKlyK3Yt924RwlYpIa4kJEzy6YOlitgbfhrN333UE5MHo
kYJtgEluU41HnhLLXwGP2lmbqMFq+uoHcIuCoaJb+BTyLoSVQgLIs046Og/Worn5
VDENTvPsJLaKOQ==
-----END CERTIFICATE-----