Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          fhI3l3xTTJT1ztlqe+e9UpdJvSR+aEKOLp7cXVUPHmg=
Subject key identifier:   B1:4A:50:E7:90:8F:A4:C2:50:6A:D8:EE:FC:2A:F3:C9:F6:17:84:86
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       019A71B8AB6BC410BC6D0A32C8852895555E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          0508
Signing time:             Tue 11 Nov 2025 07:01:59 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:59 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:59 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: selggGKJPmXXudNLMlwX1GJLW71FaEb2bAkrvIrj7gU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ab:6b:c4:10:bc:6d:0a:32:c8:85:28:95:55:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Nov 11 07:01:59 2025 GMT
            Not After : Nov 12 07:01:59 2025 GMT
        Subject: CN=b14a50e7908fa4c2506ad8eefc2af3c9f6178486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:64:27:c2:1f:74:4c:c2:36:fd:94:c0:60:6c:
                    a4:eb:f6:65:7f:0e:e7:7a:11:09:fc:f9:8c:ad:f2:
                    c8:e6:d2:e9:2d:53:b8:65:97:d8:2c:68:20:ba:81:
                    25:52:24:2f:ae:e9:6a:03:ee:df:6e:28:cd:d2:06:
                    f8:5e:91:03:f0:c6:1e:b2:d1:bd:ee:3d:48:ee:46:
                    3f:05:9b:e3:99:c8:29:c3:bb:24:6d:a4:f4:88:1c:
                    bb:e6:91:a0:4c:25:02:af:37:e3:77:9c:26:5d:ad:
                    cc:cd:b5:5f:e4:40:3d:e5:03:7b:61:ee:8a:dc:2d:
                    4f:67:db:04:e4:0c:e5:2e:53:7c:fe:f6:ca:de:2d:
                    9f:6f:0a:c2:6a:b3:28:e8:c1:2a:b4:ce:75:ae:73:
                    56:99:84:8a:7e:cc:ef:40:33:b2:57:80:6c:0c:46:
                    53:05:51:8e:24:48:04:5f:36:06:ac:6f:7c:8f:4b:
                    a9:63:f5:cb:9a:e6:39:f5:91:c7:43:2e:b4:48:54:
                    f9:fe:b2:6d:dc:17:d0:7e:46:2c:38:70:07:ed:85:
                    11:d1:43:ac:d1:9b:56:b1:f8:c0:ba:4d:9d:a3:39:
                    05:fe:fe:ed:87:bb:99:34:2e:60:40:c8:fb:80:08:
                    e5:b6:6d:be:2c:0e:a7:54:9d:31:f4:60:92:99:16:
                    34:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4A:50:E7:90:8F:A4:C2:50:6A:D8:EE:FC:2A:F3:C9:F6:17:84:86
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:f0:92:4d:ad:49:99:1d:02:5e:de:09:8c:b7:67:30:0c:17:
         29:04:bd:a7:a7:77:85:3e:29:17:3e:a5:28:07:dd:45:f0:1a:
         f6:bc:5f:8c:73:12:19:ad:c7:dc:f1:77:d4:3c:7e:2a:ea:0f:
         9c:fe:d5:29:a3:fb:09:55:a5:b3:f5:53:e2:b4:fb:b4:68:e2:
         7c:14:bf:06:60:1f:e2:cc:e0:ac:dd:2a:f8:30:ec:8b:22:7e:
         fd:f6:75:1f:d0:a2:3e:69:bc:56:d7:19:ec:c3:18:f8:3a:c7:
         99:c3:fa:56:30:8e:56:d0:3a:40:8b:75:49:07:e3:5e:b8:12:
         7b:bb:95:34:86:cb:49:00:0d:0a:6e:1e:2e:7c:ff:41:40:86:
         a8:a3:d9:22:ca:25:9c:08:2e:25:34:14:d9:b0:f1:87:a0:d6:
         38:8e:46:39:3a:3c:a9:f1:ef:8e:5f:b4:60:d3:d6:dd:6c:33:
         64:ce:93:70:f2:bb:f2:a6:3c:d0:15:a4:c8:db:96:f3:d2:8e:
         80:21:6c:49:0f:f2:59:be:73:b2:eb:7d:6e:45:a1:67:27:97:
         a1:4c:f8:ec:b8:cf:4d:ad:71:21:0d:f5:a1:78:9c:fb:d1:18:
         e7:31:2f:63:15:d9:f5:c8:70:0e:8a:4c:ec:9d:1e:76:4f:7c:
         59:13:20:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKtrxBC8bQoyyIUolVVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjUxMTExMDcwMTU5WhcNMjUxMTEyMDcwMTU5WjAzMTEwLwYDVQQD
EyhiMTRhNTBlNzkwOGZhNGMyNTA2YWQ4ZWVmYzJhZjNjOWY2MTc4NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmQnwh90TMI2/ZTAYGyk6/Zlfw7n
ehEJ/PmMrfLI5tLpLVO4ZZfYLGgguoElUiQvrulqA+7fbijN0gb4XpED8MYestG9
7j1I7kY/BZvjmcgpw7skbaT0iBy75pGgTCUCrzfjd5wmXa3MzbVf5EA95QN7Ye6K
3C1PZ9sE5AzlLlN8/vbK3i2fbwrCarMo6MEqtM51rnNWmYSKfszvQDOyV4BsDEZT
BVGOJEgEXzYGrG98j0upY/XLmuY59ZHHQy60SFT5/rJt3BfQfkYsOHAH7YUR0UOs
0ZtWsfjAuk2dozkF/v7th7uZNC5gQMj7gAjltm2+LA6nVJ0x9GCSmRY0jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFKUOeQj6TCUGrY7vwq88n2F4SGMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPvCSTa1J
mR0CXt4JjLdnMAwXKQS9p6d3hT4pFz6lKAfdRfAa9rxfjHMSGa3H3PF31Dx+KuoP
nP7VKaP7CVWls/VT4rT7tGjifBS/BmAf4szgrN0q+DDsiyJ+/fZ1H9CiPmm8VtcZ
7MMY+DrHmcP6VjCOVtA6QIt1SQfjXrgSe7uVNIbLSQANCm4eLnz/QUCGqKPZIsol
nAguJTQU2bDxh6DWOI5GOTo8qfHvjl+0YNPW3WwzZM6TcPK78qY80BWkyNuW89KO
gCFsSQ/yWb5zsut9bkWhZyeXoUz47LjPTa1xIQ31oXic+9EY5zEvYxXZ9chwDopM
7J0edk98WRMgYw==
-----END CERTIFICATE-----