Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          wegbv7NYK8k5e3Ok66LfgvFBK/ykpuBvI72dq7zmauI=
Subject key identifier:   DD:4F:0A:2A:CB:D9:99:AF:4D:6B:D1:6E:A4:1F:4D:97:7C:83:12:C0
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019A71B86C81A9D9707399DD8650014CC8F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0C40
Signing time:             Tue 11 Nov 2025 07:01:42 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:42 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:42 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: Etjk0IL4q2YS7r3z/atL2RnJBSS2u6G1gUWNLU+H/2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6c:81:a9:d9:70:73:99:dd:86:50:01:4c:c8:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Nov 11 07:01:42 2025 GMT
            Not After : Nov 12 07:01:42 2025 GMT
        Subject: CN=dd4f0a2acbd999af4d6bd16ea41f4d977c8312c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2a:b1:77:57:b1:a2:75:8a:99:c5:73:67:ba:
                    e2:c4:9a:b7:f2:ca:a4:56:be:77:4f:a7:a2:05:80:
                    52:37:90:d5:d2:47:c7:df:06:bd:2c:14:df:1f:71:
                    58:14:44:95:bf:49:02:3a:76:ee:3c:7c:9c:9c:21:
                    ed:6d:6a:31:9f:33:68:87:df:3f:73:c3:ec:d9:82:
                    d9:22:5c:4d:90:64:40:c8:76:39:f6:2f:af:d9:2c:
                    24:05:ec:76:d6:06:f4:b5:31:cb:22:e0:7c:1d:9a:
                    b2:ae:2f:6b:60:83:88:24:6c:a3:96:f7:e0:95:dd:
                    83:64:30:93:3a:63:ab:e3:3b:60:e1:31:05:34:0b:
                    21:cb:7a:3c:74:8e:5d:ea:ce:97:74:62:f0:8f:02:
                    2f:96:d3:96:b9:1a:81:78:4a:5a:9e:ca:b1:1e:9c:
                    77:f6:b6:6e:54:63:13:b5:44:1a:5f:74:62:c2:78:
                    0c:72:1b:2c:b2:df:13:64:c0:3f:a4:7f:12:06:a7:
                    b9:73:21:8e:56:71:98:c8:03:4d:c7:47:e5:5f:04:
                    42:38:ad:24:13:60:b4:e3:7b:21:e7:e6:d8:af:8e:
                    4d:28:ec:90:e7:f7:0e:41:8b:dd:35:ed:cb:b3:e8:
                    bc:01:74:70:d7:fc:81:38:6c:c5:88:de:5f:ae:79:
                    4b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:4F:0A:2A:CB:D9:99:AF:4D:6B:D1:6E:A4:1F:4D:97:7C:83:12:C0
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:54:52:7e:e7:52:11:c5:11:85:ca:65:72:0f:f1:48:9c:ee:
         00:e0:ab:7d:54:c3:b2:a1:04:e3:46:8b:5a:2b:7d:28:a1:49:
         c1:3c:8b:6b:fd:1f:9a:42:ba:bf:4d:eb:a6:5b:b3:90:69:2f:
         6f:71:03:f4:03:fd:76:f6:ba:9f:63:54:1f:cf:d4:a5:85:66:
         e7:85:d2:26:d7:4d:c9:b0:5e:a7:ad:bd:e7:d0:0a:63:04:0e:
         bb:bb:5a:b8:ff:4a:e4:10:6c:4c:cb:c5:26:ad:18:5b:2e:f9:
         08:bf:bb:af:c4:3e:e6:64:1c:7f:ae:72:e2:7a:21:39:31:f3:
         69:9b:60:14:c7:69:d5:ef:98:15:d9:70:c4:5d:8e:14:19:c3:
         2a:0e:5b:41:d2:62:a8:20:40:61:0a:17:b6:fa:07:f7:e4:14:
         fd:df:be:4a:eb:a6:b9:da:65:9d:48:cb:c3:cb:50:b7:02:91:
         8f:28:10:3e:75:87:22:c6:8c:d7:b7:20:98:ab:f0:d8:9a:34:
         97:3b:19:05:22:9c:a0:af:4d:a8:62:90:20:93:4f:71:6b:8f:
         d9:44:97:2a:3a:80:e8:d1:41:97:21:02:eb:c7:53:e4:d5:c8:
         1f:6b:a9:7d:65:b3:35:08:0f:d7:3b:72:63:2e:ed:3e:20:9b:
         19:02:a7:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGyBqdlwc5ndhlABTMj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
EyhkZDRmMGEyYWNiZDk5OWFmNGQ2YmQxNmVhNDFmNGQ5NzdjODMxMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCqxd1exonWKmcVzZ7rixJq38sqk
Vr53T6eiBYBSN5DV0kfH3wa9LBTfH3FYFESVv0kCOnbuPHycnCHtbWoxnzNoh98/
c8Ps2YLZIlxNkGRAyHY59i+v2SwkBex21gb0tTHLIuB8HZqyri9rYIOIJGyjlvfg
ld2DZDCTOmOr4ztg4TEFNAshy3o8dI5d6s6XdGLwjwIvltOWuRqBeEpansqxHpx3
9rZuVGMTtUQaX3RiwngMchssst8TZMA/pH8SBqe5cyGOVnGYyANNx0flXwRCOK0k
E2C043sh5+bYr45NKOyQ5/cOQYvdNe3Ls+i8AXRw1/yBOGzFiN5frnlLPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1PCirL2ZmvTWvRbqQfTZd8gxLAMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlRSfudS
EcURhcplcg/xSJzuAOCrfVTDsqEE40aLWit9KKFJwTyLa/0fmkK6v03rpluzkGkv
b3ED9AP9dva6n2NUH8/UpYVm54XSJtdNybBep62959AKYwQOu7tauP9K5BBsTMvF
Jq0YWy75CL+7r8Q+5mQcf65y4nohOTHzaZtgFMdp1e+YFdlwxF2OFBnDKg5bQdJi
qCBAYQoXtvoH9+QU/d++SuumudplnUjLw8tQtwKRjygQPnWHIsaM17cgmKvw2Jo0
lzsZBSKcoK9NqGKQIJNPcWuP2USXKjqA6NFBlyEC68dT5NXIH2upfWWzNQgP1zty
Yy7tPiCbGQKnKw==
-----END CERTIFICATE-----