Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
File:                     Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft (raw, json)
Hash identifier:          2RRD8D56N3mB7jnq/4NWv0SMx5tVMFiDiRaZHZ0Nywo=
Subject key identifier:   83:12:59:13:5C:40:49:E0:AE:4F:2E:16:23:36:92:B3:9B:2A:39:76
Authority key identifier: 62:8F:E2:D2:34:3C:F2:8E:22:7B:54:F8:04:B2:CE:03:2D:3D:18:95
Certificate issuer:       /CN=628fe2d2343cf28e227b54f804b2ce032d3d1895
Certificate serial:       019A72CA8BC168120F4B01521096A2B43B58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
Manifest number:          0176
Signing time:             Tue 11 Nov 2025 12:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:07 +0000
Files and hashes:         1: Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl (hash: hpW2QzrCGqa3i6kXBa6ZlfHiMicLqsX512jWkhAHZXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:8b:c1:68:12:0f:4b:01:52:10:96:a2:b4:3b:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=628fe2d2343cf28e227b54f804b2ce032d3d1895
        Validity
            Not Before: Nov 11 12:01:07 2025 GMT
            Not After : Nov 12 12:01:07 2025 GMT
        Subject: CN=831259135c4049e0ae4f2e16233692b39b2a3976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:4e:cd:f4:4d:2c:5a:fe:b0:b8:c7:59:b6:fb:
                    47:c8:6f:d6:46:13:3b:d7:cf:f7:69:7c:de:19:4b:
                    6b:33:1b:a5:7c:de:ba:1f:ca:fd:f6:b2:48:81:28:
                    e9:a9:f1:67:4d:1e:50:79:b8:e4:21:8b:c2:81:e0:
                    68:b5:64:cc:92:b7:6f:97:fd:63:0d:55:16:cf:dd:
                    10:49:67:92:65:0b:3b:35:ad:6e:63:8d:1d:f6:b4:
                    c7:5f:6b:17:67:05:47:fd:c0:4b:2d:5f:2b:77:1c:
                    24:9a:75:18:9f:c9:52:24:2d:67:6a:46:b5:9d:8b:
                    4d:de:7a:ac:65:71:95:bd:5c:e1:33:e9:63:b6:b9:
                    57:ee:a2:e1:ec:65:80:5e:db:7b:1a:dd:4d:43:a0:
                    b1:94:ab:98:63:e5:8a:31:a8:df:65:0d:1e:0f:0a:
                    19:15:02:3e:00:7f:1a:7e:66:75:86:e1:1c:5d:f4:
                    96:69:96:95:7e:f8:d2:88:b9:ce:34:3c:f1:02:d1:
                    a5:18:13:d6:7f:0d:63:b6:66:ff:52:74:dc:74:b5:
                    77:7f:e6:61:22:f9:aa:f3:56:3d:d7:fd:fe:1b:07:
                    fc:31:c1:49:7e:ae:f1:b2:f3:0d:9e:63:bf:6f:85:
                    e5:64:33:a6:d7:5e:e8:32:f6:6d:78:a9:bc:14:0c:
                    5b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:12:59:13:5C:40:49:E0:AE:4F:2E:16:23:36:92:B3:9B:2A:39:76
            X509v3 Authority Key Identifier:
                keyid:62:8F:E2:D2:34:3C:F2:8E:22:7B:54:F8:04:B2:CE:03:2D:3D:18:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:70:01:8c:3a:8a:08:eb:19:d4:f7:5a:f2:ab:ae:03:12:15:
         c8:24:62:c5:b0:67:2d:26:8c:f2:96:31:0e:5d:06:40:19:76:
         e8:f3:16:cc:a6:9e:61:8b:f8:e5:8a:6f:87:a6:01:8f:43:9a:
         fa:dc:24:c8:2b:fb:09:03:cf:b8:e3:34:50:66:08:c4:52:d4:
         b2:14:ce:dd:56:6a:7c:b2:42:f8:de:cb:4e:11:e5:8b:50:fd:
         f1:ea:c6:02:eb:e6:e9:f5:3d:46:38:e7:1a:7c:88:b1:90:3d:
         d9:34:ea:df:c9:2e:9f:57:a3:cb:99:12:df:2f:aa:b7:a1:e7:
         57:25:dd:89:e2:66:6c:c4:69:93:b6:39:80:8b:a9:71:3d:c3:
         e1:04:96:61:41:83:c8:81:db:71:4a:93:c0:30:ab:e0:7b:55:
         8f:21:b3:ee:42:42:2d:db:85:58:07:c8:d8:9a:fb:87:bc:a8:
         6d:41:f9:3a:b8:c1:5b:54:96:a4:cb:c9:87:d0:ff:72:ab:88:
         c0:04:c5:3f:b6:53:e6:f0:6a:1b:0f:8f:ea:16:36:ee:d2:97:
         b0:32:79:76:9f:5f:71:27:a5:78:42:f0:b4:c7:b2:0f:9b:04:
         85:37:38:67:f4:aa:aa:0d:2e:8e:92:d3:f0:9f:ac:03:8a:23:
         48:0e:46:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyovBaBIPSwFSEJaitDtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGZlMmQyMzQzY2YyOGUyMjdiNTRmODA0YjJjZTAzMmQz
ZDE4OTUwHhcNMjUxMTExMTIwMTA3WhcNMjUxMTEyMTIwMTA3WjAzMTEwLwYDVQQD
Eyg4MzEyNTkxMzVjNDA0OWUwYWU0ZjJlMTYyMzM2OTJiMzliMmEzOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8k7N9E0sWv6wuMdZtvtHyG/WRhM7
18/3aXzeGUtrMxulfN66H8r99rJIgSjpqfFnTR5QebjkIYvCgeBotWTMkrdvl/1j
DVUWz90QSWeSZQs7Na1uY40d9rTHX2sXZwVH/cBLLV8rdxwkmnUYn8lSJC1naka1
nYtN3nqsZXGVvVzhM+ljtrlX7qLh7GWAXtt7Gt1NQ6CxlKuYY+WKMajfZQ0eDwoZ
FQI+AH8afmZ1huEcXfSWaZaVfvjSiLnONDzxAtGlGBPWfw1jtmb/UnTcdLV3f+Zh
Ivmq81Y91/3+Gwf8McFJfq7xsvMNnmO/b4XlZDOm117oMvZteKm8FAxbowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMSWRNcQEngrk8uFiM2krObKjl2MB8GA1UdIwQY
MBaAFGKP4tI0PPKOIntU+ASyzgMtPRiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85YWRiZTQtMzM2My00NTIzLTkyNzgt
MmY4MTIxYTI4YmYwLzEvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85YWRiZTQtMzM2My00NTIzLTkyNzgtMmY4MTIxYTI4YmYw
LzEvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnABjDqK
COsZ1Pda8quuAxIVyCRixbBnLSaM8pYxDl0GQBl26PMWzKaeYYv45Ypvh6YBj0Oa
+twkyCv7CQPPuOM0UGYIxFLUshTO3VZqfLJC+N7LThHli1D98erGAuvm6fU9Rjjn
GnyIsZA92TTq38kun1ejy5kS3y+qt6HnVyXdieJmbMRpk7Y5gIupcT3D4QSWYUGD
yIHbcUqTwDCr4HtVjyGz7kJCLduFWAfI2Jr7h7yobUH5OrjBW1SWpMvJh9D/cquI
wATFP7ZT5vBqGw+P6hY27tKXsDJ5dp9fcSeleELwtMeyD5sEhTc4Z/Sqqg0ujpLT
8J+sA4ojSA5GIg==
-----END CERTIFICATE-----