Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft
File:                     YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft (raw, json)
Hash identifier:          T6dD8txaWZt7hhVWwaWfo9hXXdIjyYy1mPVosEtsi4g=
Subject key identifier:   76:7F:44:6B:17:00:95:AE:33:0E:18:A1:81:55:37:31:1C:84:05:2A
Authority key identifier: 62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55
Certificate issuer:       /CN=62719c6d8b9950378a7489315fb078111a18ad55
Certificate serial:       019A706E5B9F6D9329D7D6A9404921B77BC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft
Manifest number:          35
Signing time:             Tue 11 Nov 2025 01:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:11 +0000
Files and hashes:         1: YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl (hash: p+5gWpNieheUfxnqSKzrG+PqXMqbWTwcNcpdDuDkTvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:5b:9f:6d:93:29:d7:d6:a9:40:49:21:b7:7b:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62719c6d8b9950378a7489315fb078111a18ad55
        Validity
            Not Before: Nov 11 01:01:11 2025 GMT
            Not After : Nov 12 01:01:11 2025 GMT
        Subject: CN=767f446b170095ae330e18a1815537311c84052a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:24:59:81:e7:3c:4d:60:3a:fb:80:b0:62:03:
                    4c:bc:60:06:31:6e:8c:75:15:30:fe:c3:2d:a1:46:
                    0b:9f:2f:41:d8:9a:ad:a6:36:2e:5a:2f:6b:19:7b:
                    a0:c0:a7:8c:75:94:5a:02:c5:96:29:7b:32:0c:d0:
                    69:a7:e7:e6:94:62:67:df:2e:8e:8d:fb:c9:9f:29:
                    fe:00:2b:80:49:4d:9a:38:af:c0:6b:f8:fa:5f:8a:
                    e8:7f:d7:fb:ee:ce:7f:74:cc:d9:21:82:4e:cc:82:
                    32:5f:c5:67:9c:7a:70:ea:26:52:3b:21:9f:3d:df:
                    d5:71:2b:87:4a:86:8c:72:12:fd:08:dd:e9:ad:8c:
                    e0:c0:fc:6d:65:16:d9:74:eb:1a:a8:9a:05:4a:16:
                    31:9d:92:c1:be:fd:ba:09:3d:d8:28:07:39:f3:c6:
                    b4:bd:eb:68:48:e6:14:d4:ff:16:4a:d2:f5:d4:d2:
                    7b:d2:c1:a7:7f:92:e1:a9:17:d7:7e:02:6e:2e:98:
                    21:54:3f:70:aa:b4:ce:86:87:0a:87:a7:eb:b9:03:
                    77:31:36:7e:c7:dc:7f:a1:39:e1:68:39:73:9c:b4:
                    c0:11:e7:e8:be:f5:12:3c:2f:44:d5:be:c5:17:34:
                    8b:4c:20:1f:da:1b:8d:4e:7b:d5:27:40:2c:a9:1b:
                    33:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:7F:44:6B:17:00:95:AE:33:0E:18:A1:81:55:37:31:1C:84:05:2A
            X509v3 Authority Key Identifier:
                keyid:62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:46:44:b5:b0:b6:e0:75:4d:ea:92:c1:bd:0d:a8:48:f6:a8:
         cb:28:e9:7a:5c:5d:62:23:d3:4b:cd:00:20:02:90:28:0f:f7:
         5d:38:20:c9:4a:e8:bb:db:8c:c2:fd:f0:77:95:53:2f:ff:77:
         c3:38:3e:d2:fa:d0:5b:2b:bc:eb:c2:c0:60:af:ba:cb:ea:89:
         01:d1:e5:c1:34:b6:da:16:91:82:7b:34:3d:6b:74:f9:d0:94:
         e6:c9:78:93:0d:4a:b8:94:45:08:7e:35:85:1f:2f:64:c4:55:
         b1:bc:24:2a:31:b2:2b:b5:86:11:39:a3:d7:88:dd:f9:c8:0a:
         74:df:03:57:74:8a:d8:82:38:ca:1b:06:59:1b:4e:52:21:b3:
         b5:64:5c:6d:5a:2a:02:4b:66:a4:53:3e:2d:1b:9c:c1:21:4b:
         2b:ae:59:c4:94:36:e9:e0:a3:e7:ce:5a:95:f1:22:f4:96:15:
         ce:1c:44:59:4e:72:05:14:33:3f:0a:65:f9:00:c6:65:a3:ba:
         4a:e2:38:06:b6:e2:1d:0d:5f:47:36:95:92:70:12:17:3b:6e:
         33:40:1f:f6:1e:68:e6:c4:6c:75:99:fc:be:ca:e3:43:06:1e:
         2e:64:e6:91:95:71:b0:63:19:19:76:4e:58:27:55:4a:b0:ad:
         5f:34:4d:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwblufbZMp19apQEkht3vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzE5YzZkOGI5OTUwMzc4YTc0ODkzMTVmYjA3ODExMWEx
OGFkNTUwHhcNMjUxMTExMDEwMTExWhcNMjUxMTEyMDEwMTExWjAzMTEwLwYDVQQD
Eyg3NjdmNDQ2YjE3MDA5NWFlMzMwZTE4YTE4MTU1MzczMTFjODQwNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiRZgec8TWA6+4CwYgNMvGAGMW6M
dRUw/sMtoUYLny9B2JqtpjYuWi9rGXugwKeMdZRaAsWWKXsyDNBpp+fmlGJn3y6O
jfvJnyn+ACuASU2aOK/Aa/j6X4rof9f77s5/dMzZIYJOzIIyX8VnnHpw6iZSOyGf
Pd/VcSuHSoaMchL9CN3prYzgwPxtZRbZdOsaqJoFShYxnZLBvv26CT3YKAc588a0
vetoSOYU1P8WStL11NJ70sGnf5LhqRfXfgJuLpghVD9wqrTOhocKh6fruQN3MTZ+
x9x/oTnhaDlznLTAEefovvUSPC9E1b7FFzSLTCAf2huNTnvVJ0AsqRszRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZ/RGsXAJWuMw4YoYFVNzEchAUqMB8GA1UdIwQY
MBaAFGJxnG2LmVA3inSJMV+weBEaGK1VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQt
NzVmYTI5NTQxMWY1LzEvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQtNzVmYTI5NTQxMWY1
LzEvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvEZEtbC2
4HVN6pLBvQ2oSPaoyyjpelxdYiPTS80AIAKQKA/3XTggyUrou9uMwv3wd5VTL/93
wzg+0vrQWyu868LAYK+6y+qJAdHlwTS22haRgns0PWt0+dCU5sl4kw1KuJRFCH41
hR8vZMRVsbwkKjGyK7WGETmj14jd+cgKdN8DV3SK2II4yhsGWRtOUiGztWRcbVoq
AktmpFM+LRucwSFLK65ZxJQ26eCj585alfEi9JYVzhxEWU5yBRQzPwpl+QDGZaO6
SuI4BrbiHQ1fRzaVknASFztuM0Af9h5o5sRsdZn8vsrjQwYeLmTmkZVxsGMZGXZO
WCdVSrCtXzRNoA==
-----END CERTIFICATE-----