Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          bj8a/1NwQ+coGtUyjBlQFroQF13MKtftg6PaEymJ+xs=
Subject key identifier:   7B:DC:78:CB:6B:FE:0C:97:B9:D3:1D:9E:33:22:14:D4:51:29:76:38
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019A71B7DD5F994502936D1F91B15459B367
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          0739
Signing time:             Tue 11 Nov 2025 07:01:06 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:06 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:06 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: 2BTtQyMh0I7GR8lDmDHBc7YyLjdI7mkrAVXjI5kwRm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:dd:5f:99:45:02:93:6d:1f:91:b1:54:59:b3:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Nov 11 07:01:06 2025 GMT
            Not After : Nov 12 07:01:06 2025 GMT
        Subject: CN=7bdc78cb6bfe0c97b9d31d9e332214d451297638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:83:ab:1b:5d:8e:56:4e:d6:09:6c:b0:b2:b2:
                    29:c9:b9:d1:42:31:78:f9:e9:54:2c:f1:72:d9:2e:
                    19:78:27:57:1b:b4:47:4d:6f:59:36:4d:d1:c1:85:
                    21:5b:81:a2:b1:11:ad:fe:1c:bf:e7:ea:61:51:46:
                    0d:e3:27:6f:8e:a5:47:c2:85:a5:7f:41:98:48:58:
                    26:98:d1:5a:3b:0d:17:3c:76:56:b1:46:3d:58:c3:
                    0e:ee:25:1a:b2:84:f8:ca:f5:3f:2b:54:30:3a:f0:
                    7b:15:86:b4:37:75:9b:6d:67:14:97:0c:9d:5c:08:
                    db:60:fc:87:28:39:ab:b7:0f:ac:cd:3d:41:96:96:
                    d0:0d:4f:21:c3:88:c2:03:d8:46:38:eb:56:9b:96:
                    d0:a3:f0:87:34:32:61:0d:f2:51:c3:cc:30:e0:c2:
                    e2:66:05:a0:d9:80:8f:14:f9:bb:0f:ee:50:87:32:
                    2a:46:b4:7f:ce:96:2c:88:4e:2d:00:82:a8:b1:67:
                    4e:f9:cc:4e:0f:e6:f4:14:69:b3:a6:4c:b9:98:3a:
                    b6:76:93:8c:dd:69:0a:f4:43:67:0d:24:ca:ea:30:
                    3c:33:38:31:c7:dc:a6:b4:23:f9:43:a1:13:79:c8:
                    75:e0:1e:c5:48:5d:41:a0:34:72:29:03:77:6b:57:
                    a0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:DC:78:CB:6B:FE:0C:97:B9:D3:1D:9E:33:22:14:D4:51:29:76:38
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:d4:e4:37:8a:c1:53:d2:84:c0:13:06:e7:ef:3b:eb:56:2f:
         8f:af:51:b6:b4:ba:51:9c:b0:aa:18:40:ce:22:01:11:9f:1b:
         80:c9:be:58:18:26:aa:94:6b:72:6a:a3:2b:6a:56:b4:73:0a:
         bb:2b:59:02:a3:e8:02:59:47:1e:38:3c:b8:1c:75:88:8f:e2:
         41:05:fb:18:05:db:a0:58:35:bc:8c:87:c2:13:23:7c:9c:19:
         7e:9f:73:6c:29:41:61:83:79:32:31:9e:72:04:ae:c9:e0:cc:
         7e:64:26:ba:31:c1:79:ae:38:64:7a:3f:fb:4a:b8:bf:7e:bf:
         d3:01:91:6a:ef:be:6b:20:69:5d:88:ce:5e:09:4d:fa:c4:3e:
         86:ce:ca:6c:20:f0:b0:b0:03:1e:b4:9a:f2:f6:c3:49:3c:cf:
         cf:af:06:8f:48:3f:ff:d6:02:09:b8:44:1d:a1:90:48:c7:43:
         79:c2:e0:73:5c:82:1a:3f:87:ec:48:0c:cc:e5:03:3d:d6:45:
         77:91:1a:2d:69:f8:d4:87:0e:e8:04:94:c0:5f:0e:7e:5f:14:
         0f:4b:1c:0a:1c:13:9b:ac:22:1a:79:f2:9d:b5:c7:12:38:3b:
         5b:48:ae:a8:cf:68:b2:03:9d:c6:5c:0b:7b:13:45:7a:3f:b7:
         20:2e:11:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt91fmUUCk20fkbFUWbNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUxMTExMDcwMTA2WhcNMjUxMTEyMDcwMTA2WjAzMTEwLwYDVQQD
Eyg3YmRjNzhjYjZiZmUwYzk3YjlkMzFkOWUzMzIyMTRkNDUxMjk3NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54OrG12OVk7WCWywsrIpybnRQjF4
+elULPFy2S4ZeCdXG7RHTW9ZNk3RwYUhW4GisRGt/hy/5+phUUYN4ydvjqVHwoWl
f0GYSFgmmNFaOw0XPHZWsUY9WMMO7iUasoT4yvU/K1QwOvB7FYa0N3WbbWcUlwyd
XAjbYPyHKDmrtw+szT1BlpbQDU8hw4jCA9hGOOtWm5bQo/CHNDJhDfJRw8ww4MLi
ZgWg2YCPFPm7D+5QhzIqRrR/zpYsiE4tAIKosWdO+cxOD+b0FGmzpky5mDq2dpOM
3WkK9ENnDSTK6jA8Mzgxx9ymtCP5Q6ETech14B7FSF1BoDRyKQN3a1egVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvceMtr/gyXudMdnjMiFNRRKXY4MB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntTkN4rB
U9KEwBMG5+8761Yvj69RtrS6UZywqhhAziIBEZ8bgMm+WBgmqpRrcmqjK2pWtHMK
uytZAqPoAllHHjg8uBx1iI/iQQX7GAXboFg1vIyHwhMjfJwZfp9zbClBYYN5MjGe
cgSuyeDMfmQmujHBea44ZHo/+0q4v36/0wGRau++ayBpXYjOXglN+sQ+hs7KbCDw
sLADHrSa8vbDSTzPz68Gj0g//9YCCbhEHaGQSMdDecLgc1yCGj+H7EgMzOUDPdZF
d5EaLWn41IcO6ASUwF8Ofl8UD0scChwTm6wiGnnynbXHEjg7W0iuqM9osgOdxlwL
exNFej+3IC4R5w==
-----END CERTIFICATE-----