Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          K8ZMKlPHM9XjDOk9Q6c9e2gFqkd/YJBxbUUVCGIQt/w=
Subject key identifier:   82:F9:C3:C3:76:7D:D4:88:73:61:A1:1F:FB:10:25:90:2A:AE:71:AA
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       019A71B7B5E3AF420253D71D0CF37D5AFCB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          088F
Signing time:             Tue 11 Nov 2025 07:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:56 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: rdQKfHgFMCn7s/a6rZlzW6rqp/RNUY6sVrzwEzoG5UI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:b5:e3:af:42:02:53:d7:1d:0c:f3:7d:5a:fc:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Nov 11 07:00:56 2025 GMT
            Not After : Nov 12 07:00:56 2025 GMT
        Subject: CN=82f9c3c3767dd4887361a11ffb1025902aae71aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7c:c4:cc:d0:3f:7c:fb:d1:57:2d:e5:7c:9a:
                    5d:b5:bd:4f:ce:8e:5d:f5:5c:a9:ef:6e:3b:a2:8a:
                    7a:bc:a9:43:c9:f4:2c:ac:de:ee:8e:9d:4b:e3:79:
                    ac:6b:7d:e5:59:d8:d9:4f:67:58:14:d6:b7:ea:51:
                    1d:90:59:fb:27:e4:01:9a:f8:a9:f1:d2:7f:68:f2:
                    f0:29:cf:b9:6a:21:de:11:44:59:9e:1a:9e:76:5f:
                    e1:4a:8a:cb:59:07:76:30:49:96:13:f7:6e:7e:eb:
                    4d:d0:02:b4:41:0e:6a:6e:6f:3a:48:d4:62:c6:37:
                    b4:b4:ac:69:67:1d:06:37:a7:5e:84:5c:ce:7e:bf:
                    ac:26:23:65:b7:2f:3f:f4:7d:05:5e:68:90:57:6d:
                    38:1d:a2:f2:2b:b5:f6:fe:1b:88:52:92:df:02:ae:
                    62:a7:e3:11:fd:d5:18:28:f7:ae:c7:26:39:fd:5f:
                    24:3a:47:43:42:d1:f7:4a:f5:41:c6:d4:75:d8:98:
                    aa:d9:97:30:3e:d2:d4:88:7b:9e:f8:74:dc:94:d8:
                    f3:37:4c:72:d5:5f:b5:2a:72:5c:d4:dd:61:a5:39:
                    6c:18:bc:86:8b:9a:f1:70:26:98:bd:9c:2d:80:57:
                    2e:8b:f7:a1:df:48:49:93:6e:bd:1f:cf:8b:bf:dd:
                    f2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F9:C3:C3:76:7D:D4:88:73:61:A1:1F:FB:10:25:90:2A:AE:71:AA
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:6e:b4:b2:fa:07:20:da:04:c3:50:5a:c3:f4:55:f1:cc:a4:
         59:c7:c1:e1:11:9c:71:a6:09:89:ef:28:c6:fb:97:e1:75:8b:
         b8:be:dd:e3:5b:df:a8:71:a3:a2:56:18:9d:04:eb:b6:8b:7b:
         37:81:88:ac:a2:7b:05:5a:8f:51:1e:dd:e8:17:65:7a:d0:18:
         4b:c5:78:4c:52:65:ac:78:fc:11:ca:6e:01:39:7e:8b:b3:72:
         e4:c8:ec:d1:95:78:9e:ae:f3:b6:cd:08:b7:29:c1:2d:0d:c6:
         96:69:ad:d9:f5:f5:6a:5d:f6:c3:14:a9:4a:47:40:b7:ee:bf:
         18:25:e2:fe:2a:4e:60:b4:22:b4:1f:93:62:a2:b5:af:95:70:
         8d:99:64:3c:f4:f8:fd:46:54:64:f6:11:60:6e:c5:79:78:5a:
         3a:14:54:57:1f:02:96:ac:93:9f:6a:3d:14:1f:d6:5b:9b:e0:
         fe:ab:04:69:b2:89:8d:57:67:29:07:f9:c4:13:f6:29:6b:66:
         bd:d3:de:4a:60:71:0b:96:63:3f:dc:67:aa:12:b6:1b:a8:d5:
         0c:0c:8a:6f:cc:22:73:8c:4c:d7:a6:4f:9a:3b:fc:5c:e0:e1:
         2c:10:41:3b:03:dd:16:40:08:80:56:0d:c6:c8:01:87:d8:71:
         0e:ef:85:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7Xjr0ICU9cdDPN9Wvy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUxMTExMDcwMDU2WhcNMjUxMTEyMDcwMDU2WjAzMTEwLwYDVQQD
Eyg4MmY5YzNjMzc2N2RkNDg4NzM2MWExMWZmYjEwMjU5MDJhYWU3MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunzEzNA/fPvRVy3lfJpdtb1Pzo5d
9Vyp7247oop6vKlDyfQsrN7ujp1L43msa33lWdjZT2dYFNa36lEdkFn7J+QBmvip
8dJ/aPLwKc+5aiHeEURZnhqedl/hSorLWQd2MEmWE/dufutN0AK0QQ5qbm86SNRi
xje0tKxpZx0GN6dehFzOfr+sJiNlty8/9H0FXmiQV204HaLyK7X2/huIUpLfAq5i
p+MR/dUYKPeuxyY5/V8kOkdDQtH3SvVBxtR12Jiq2ZcwPtLUiHue+HTclNjzN0xy
1V+1KnJc1N1hpTlsGLyGi5rxcCaYvZwtgFcui/eh30hJk269H8+Lv93yKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIL5w8N2fdSIc2GhH/sQJZAqrnGqMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkG60svoH
INoEw1Baw/RV8cykWcfB4RGccaYJie8oxvuX4XWLuL7d41vfqHGjolYYnQTrtot7
N4GIrKJ7BVqPUR7d6BdletAYS8V4TFJlrHj8EcpuATl+i7Ny5Mjs0ZV4nq7zts0I
tynBLQ3Glmmt2fX1al32wxSpSkdAt+6/GCXi/ipOYLQitB+TYqK1r5VwjZlkPPT4
/UZUZPYRYG7FeXhaOhRUVx8ClqyTn2o9FB/WW5vg/qsEabKJjVdnKQf5xBP2KWtm
vdPeSmBxC5ZjP9xnqhK2G6jVDAyKb8wic4xM16ZPmjv8XODhLBBBOwPdFkAIgFYN
xsgBh9hxDu+FWw==
-----END CERTIFICATE-----