Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft
File:                     UpJ4MtOYUOhR7staBRFpKZHdpdk.mft (raw, json)
Hash identifier:          AsiGmSrMGx8vDu8VQXIpSMz9CpS6Cy6zOzzAwddcO0Y=
Subject key identifier:   0F:29:27:6C:7F:B7:C2:6B:DE:97:89:0A:E7:F0:E7:2C:D8:8D:62:6F
Authority key identifier: 52:92:78:32:D3:98:50:E8:51:EE:CB:5A:05:11:69:29:91:DD:A5:D9
Certificate issuer:       /CN=52927832d39850e851eecb5a0511692991dda5d9
Certificate serial:       019A71B8F08FE88AAC8BAC9D8026EA6511BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:16 +0000
Files and hashes:         1: UpJ4MtOYUOhR7staBRFpKZHdpdk.crl (hash: +YV3w9VGktmZJy+FqcREwF+eCNCqQGYl2YnjTCXe/K8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f0:8f:e8:8a:ac:8b:ac:9d:80:26:ea:65:11:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52927832d39850e851eecb5a0511692991dda5d9
        Validity
            Not Before: Nov 11 07:02:16 2025 GMT
            Not After : Nov 12 07:02:16 2025 GMT
        Subject: CN=0f29276c7fb7c26bde97890ae7f0e72cd88d626f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1c:2e:57:45:05:1c:7f:5d:84:dc:39:0f:6b:
                    0e:97:50:5a:3c:bc:a4:2f:2b:39:11:fd:c0:49:58:
                    7e:db:2b:d5:9d:fe:b7:68:cd:d3:4e:70:79:4f:1d:
                    e9:c6:ad:bd:d5:e0:39:2d:8a:05:86:b9:42:e8:22:
                    45:a0:a3:47:41:8a:19:12:9f:a4:40:fb:80:f9:2a:
                    c7:98:7a:9a:eb:66:c1:15:c6:16:a5:a5:fb:e5:c4:
                    11:31:4d:f6:45:4c:11:84:21:f7:6d:07:c8:06:e6:
                    84:8f:77:d6:b9:c1:00:a1:dd:56:91:fd:91:57:1e:
                    b5:34:41:87:51:b7:38:ea:40:73:77:02:d6:1a:64:
                    33:75:b7:27:de:22:d6:09:4d:a9:7a:fd:f2:43:4b:
                    e7:3b:ff:f2:6b:bf:6e:15:52:c1:f0:62:f9:be:78:
                    d5:ac:ae:e1:1d:5f:e5:3f:22:6c:d2:33:f6:91:9b:
                    41:8b:54:f2:2c:22:e5:3c:1a:87:9d:f7:80:89:07:
                    d5:44:d6:09:85:d9:14:28:8d:95:32:4c:dd:68:c5:
                    b4:c7:c3:eb:2b:7f:1d:c3:24:85:8f:b0:6d:e5:7e:
                    af:1e:3d:8f:93:b5:ac:84:05:9b:50:54:41:69:95:
                    e3:43:d7:56:9e:f9:6e:8a:5b:a9:79:35:da:a3:f3:
                    a0:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:29:27:6C:7F:B7:C2:6B:DE:97:89:0A:E7:F0:E7:2C:D8:8D:62:6F
            X509v3 Authority Key Identifier:
                keyid:52:92:78:32:D3:98:50:E8:51:EE:CB:5A:05:11:69:29:91:DD:A5:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:09:d0:fa:6f:04:76:e1:83:24:cc:87:a2:84:fe:48:62:f4:
         93:8a:a6:4e:bf:fd:2e:a0:41:84:7c:4a:2a:38:bd:2c:0a:ce:
         05:96:be:cd:3c:92:9c:cd:c8:0d:53:0b:10:4f:42:9f:f0:95:
         d0:48:27:84:18:c1:46:7f:bc:84:2b:9a:ef:b0:af:5e:91:06:
         14:df:4c:70:d4:0f:53:c4:0a:96:ec:17:3f:06:52:d5:72:55:
         d6:ac:dd:3b:8e:e0:42:5f:40:c3:94:33:ff:fc:d2:be:b0:bb:
         9c:7b:20:bf:1e:8f:d0:67:3b:a9:fd:6b:19:0c:87:6c:3f:72:
         29:97:1c:3d:1a:f8:e0:c9:10:99:a9:cc:e6:e7:2a:66:0e:a5:
         8f:05:67:ef:08:1e:d0:b5:09:34:af:78:43:29:89:44:4d:3d:
         87:86:b3:38:8a:4d:f5:de:5e:eb:5a:cd:e0:0e:55:53:cb:77:
         8d:0b:ed:cc:c9:1e:09:28:39:af:62:46:76:f4:30:6b:2c:cc:
         0e:a6:db:f6:20:ff:22:87:40:c7:4b:ec:26:ab:6e:52:d7:ac:
         8a:99:23:a9:f8:f2:60:4e:9f:53:37:5a:93:4d:bd:50:36:6e:
         21:f7:15:c9:fb:ee:85:b6:09:29:7f:a6:ee:13:bc:8e:34:fa:
         86:70:b4:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPCP6Iqsi6ydgCbqZRG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOTI3ODMyZDM5ODUwZTg1MWVlY2I1YTA1MTE2OTI5OTFk
ZGE1ZDkwHhcNMjUxMTExMDcwMjE2WhcNMjUxMTEyMDcwMjE2WjAzMTEwLwYDVQQD
EygwZjI5Mjc2YzdmYjdjMjZiZGU5Nzg5MGFlN2YwZTcyY2Q4OGQ2MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthwuV0UFHH9dhNw5D2sOl1BaPLyk
Lys5Ef3ASVh+2yvVnf63aM3TTnB5Tx3pxq291eA5LYoFhrlC6CJFoKNHQYoZEp+k
QPuA+SrHmHqa62bBFcYWpaX75cQRMU32RUwRhCH3bQfIBuaEj3fWucEAod1Wkf2R
Vx61NEGHUbc46kBzdwLWGmQzdbcn3iLWCU2pev3yQ0vnO//ya79uFVLB8GL5vnjV
rK7hHV/lPyJs0jP2kZtBi1TyLCLlPBqHnfeAiQfVRNYJhdkUKI2VMkzdaMW0x8Pr
K38dwySFj7Bt5X6vHj2Pk7WshAWbUFRBaZXjQ9dWnvluilupeTXao/Og0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8pJ2x/t8Jr3peJCufw5yzYjWJvMB8GA1UdIwQY
MBaAFFKSeDLTmFDoUe7LWgURaSmR3aXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMDQyOWItODA0OS00N2EyLWFiOTkt
MjU2ZGIzZWQ4MzM1LzEvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xMDQyOWItODA0OS00N2EyLWFiOTktMjU2ZGIzZWQ4MzM1
LzEvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAnQ+m8E
duGDJMyHooT+SGL0k4qmTr/9LqBBhHxKKji9LArOBZa+zTySnM3IDVMLEE9Cn/CV
0EgnhBjBRn+8hCua77CvXpEGFN9McNQPU8QKluwXPwZS1XJV1qzdO47gQl9Aw5Qz
//zSvrC7nHsgvx6P0Gc7qf1rGQyHbD9yKZccPRr44MkQmanM5ucqZg6ljwVn7wge
0LUJNK94QymJRE09h4azOIpN9d5e61rN4A5VU8t3jQvtzMkeCSg5r2JGdvQwayzM
Dqbb9iD/IodAx0vsJqtuUtesipkjqfjyYE6fUzdak029UDZuIfcVyfvuhbYJKX+m
7hO8jjT6hnC0wA==
-----END CERTIFICATE-----