Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
File:                     0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft (raw, json)
Hash identifier:          C+yO7yNdaibDbP3kLxPBBRdDgcNnpVqvJC9aRh6Liik=
Subject key identifier:   89:C5:80:FA:F3:72:86:33:00:8E:60:52:43:A0:68:CC:38:D4:74:5C
Authority key identifier: D2:26:1D:EE:6D:54:DD:53:6E:F7:00:F2:D9:D8:19:7C:86:09:39:66
Certificate issuer:       /CN=d2261dee6d54dd536ef700f2d9d8197c86093966
Certificate serial:       019A71B8A0500B9C4E03F8058120E7D7E801
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
Manifest number:          16AE
Signing time:             Tue 11 Nov 2025 07:01:56 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:56 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:56 +0000
Files and hashes:         1: 0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl (hash: 9NaYX+QtBJvcpYC9zJrgXM8SdOR+fmmBToEHfV41z3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a0:50:0b:9c:4e:03:f8:05:81:20:e7:d7:e8:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2261dee6d54dd536ef700f2d9d8197c86093966
        Validity
            Not Before: Nov 11 07:01:56 2025 GMT
            Not After : Nov 12 07:01:56 2025 GMT
        Subject: CN=89c580faf3728633008e605243a068cc38d4745c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c6:b0:0d:6b:70:ba:42:af:7a:3d:1d:e3:44:
                    83:03:fe:2a:22:83:af:c4:cc:5f:d8:59:df:17:54:
                    9a:c6:c5:76:8f:be:a6:51:bc:5f:7b:6c:c3:ef:d4:
                    8b:c1:e0:4a:b9:25:54:39:d5:f0:a8:07:aa:69:a9:
                    46:82:e6:30:90:f5:78:4e:6b:ee:14:10:a6:4b:6d:
                    f2:dc:49:d9:5b:d3:83:3b:66:29:2d:ba:2f:89:2a:
                    ad:bf:a0:c6:1b:f7:61:12:78:0c:3c:04:26:80:6e:
                    c9:08:63:bf:9a:84:b4:e5:41:42:67:f1:0d:80:47:
                    c8:3f:74:e6:46:f6:ee:cc:21:21:d3:dc:35:38:42:
                    f1:24:88:bf:43:ee:95:0f:5e:14:1f:b1:93:97:67:
                    1a:67:00:e7:1b:a3:f2:61:24:6c:74:77:7f:52:23:
                    ef:86:e8:b3:a6:4e:09:86:37:54:b9:37:fa:b8:3c:
                    48:a2:d4:13:1a:03:dc:9b:c5:50:da:ce:c0:73:b7:
                    c7:ab:64:e9:ae:c6:81:fa:40:5a:76:92:dc:22:3b:
                    66:a2:09:d3:53:09:5f:77:eb:24:02:4c:82:e5:a3:
                    23:60:20:fb:a2:34:26:08:81:03:fd:de:98:89:45:
                    db:81:34:8b:67:53:e4:f7:2d:27:cc:1a:0f:0b:e4:
                    8b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:C5:80:FA:F3:72:86:33:00:8E:60:52:43:A0:68:CC:38:D4:74:5C
            X509v3 Authority Key Identifier:
                keyid:D2:26:1D:EE:6D:54:DD:53:6E:F7:00:F2:D9:D8:19:7C:86:09:39:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:e7:d9:3c:0c:1d:b8:16:f5:11:eb:2e:e7:cf:33:c6:c2:65:
         14:69:f1:b2:51:72:bc:4b:d8:93:cd:e6:b5:b4:16:4c:16:e8:
         e5:4d:b5:b4:13:fe:d6:40:17:f1:10:89:e1:b5:44:85:26:fc:
         54:d6:06:10:4d:d1:47:0a:14:38:96:85:df:dc:ee:5b:26:d7:
         55:79:f1:8c:c9:78:e2:3f:1f:be:14:a8:33:d4:03:9b:bc:94:
         db:38:1b:cb:eb:e3:1f:26:bf:cc:43:30:42:68:1d:9d:a7:1f:
         46:db:d9:dd:a7:f6:44:16:8d:57:97:5a:94:c0:ff:dd:df:e3:
         9f:8e:64:eb:72:f7:b6:37:97:1e:b1:d2:2a:c9:36:48:bc:3b:
         e3:63:7b:d8:cb:fa:40:5e:c5:3e:98:16:c6:64:91:f3:97:8a:
         c2:55:0f:5a:35:e7:c3:ec:e7:4a:c8:64:76:63:5b:3a:d4:ab:
         6d:b9:7a:a8:00:1d:07:82:27:80:dd:82:20:d3:a8:b5:76:49:
         9b:70:e6:63:13:7a:40:82:f3:1c:3d:97:96:1d:ed:4e:3c:ce:
         49:bc:11:41:97:11:74:87:65:42:42:8f:b4:56:a6:29:3b:68:
         97:82:16:22:88:ab:52:75:80:2a:a8:90:06:af:46:a6:52:e0:
         4c:cc:e0:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKBQC5xOA/gFgSDn1+gBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjYxZGVlNmQ1NGRkNTM2ZWY3MDBmMmQ5ZDgxOTdjODYw
OTM5NjYwHhcNMjUxMTExMDcwMTU2WhcNMjUxMTEyMDcwMTU2WjAzMTEwLwYDVQQD
Eyg4OWM1ODBmYWYzNzI4NjMzMDA4ZTYwNTI0M2EwNjhjYzM4ZDQ3NDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8awDWtwukKvej0d40SDA/4qIoOv
xMxf2FnfF1SaxsV2j76mUbxfe2zD79SLweBKuSVUOdXwqAeqaalGguYwkPV4Tmvu
FBCmS23y3EnZW9ODO2YpLboviSqtv6DGG/dhEngMPAQmgG7JCGO/moS05UFCZ/EN
gEfIP3TmRvbuzCEh09w1OELxJIi/Q+6VD14UH7GTl2caZwDnG6PyYSRsdHd/UiPv
huizpk4JhjdUuTf6uDxIotQTGgPcm8VQ2s7Ac7fHq2TprsaB+kBadpLcIjtmognT
Uwlfd+skAkyC5aMjYCD7ojQmCIED/d6YiUXbgTSLZ1Pk9y0nzBoPC+SLdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInFgPrzcoYzAI5gUkOgaMw41HRcMB8GA1UdIwQY
MBaAFNImHe5tVN1TbvcA8tnYGXyGCTlmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iYWNlYzMtNDkxYi00NDBiLThiNDgt
NmYwZjQ2ZjRkNGI0LzEvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iYWNlYzMtNDkxYi00NDBiLThiNDgtNmYwZjQ2ZjRkNGI0
LzEvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVefZPAwd
uBb1Eesu588zxsJlFGnxslFyvEvYk83mtbQWTBbo5U21tBP+1kAX8RCJ4bVEhSb8
VNYGEE3RRwoUOJaF39zuWybXVXnxjMl44j8fvhSoM9QDm7yU2zgby+vjHya/zEMw
QmgdnacfRtvZ3af2RBaNV5dalMD/3d/jn45k63L3tjeXHrHSKsk2SLw742N72Mv6
QF7FPpgWxmSR85eKwlUPWjXnw+znSshkdmNbOtSrbbl6qAAdB4IngN2CINOotXZJ
m3DmYxN6QILzHD2Xlh3tTjzOSbwRQZcRdIdlQkKPtFamKTtol4IWIoirUnWAKqiQ
Bq9GplLgTMzgpg==
-----END CERTIFICATE-----