Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          DZkWYG96FIehx9WZcnt5MrKXXp89eZUN/yu+7TqjfvA=
Subject key identifier:   C9:1D:95:AF:7F:32:B4:4C:0E:73:76:8A:96:D5:ED:FD:CC:EF:66:84
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019A7113201E629E3BE9C503F23FD161C5F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0DFE
Signing time:             Tue 11 Nov 2025 04:01:09 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:09 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:09 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: tiniHsrjSJcXVMd+Y9BhKx0dARAWk7XyxD4KWOy32V8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:20:1e:62:9e:3b:e9:c5:03:f2:3f:d1:61:c5:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Nov 11 04:01:09 2025 GMT
            Not After : Nov 12 04:01:09 2025 GMT
        Subject: CN=c91d95af7f32b44c0e73768a96d5edfdccef6684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7b:d2:fc:44:fb:91:21:95:ff:e9:79:e1:16:
                    04:45:09:10:2c:b8:8f:9f:d2:45:4d:cf:e8:1e:08:
                    70:e7:71:5e:ea:66:50:ce:a8:05:75:a9:15:77:45:
                    7a:7a:e1:82:30:1a:fd:2d:00:75:66:22:c5:70:70:
                    34:a3:ee:0a:06:1a:24:56:40:c9:04:6a:ca:0b:23:
                    48:73:a7:1c:d9:25:90:2a:61:50:28:9d:c6:30:25:
                    23:73:11:66:62:c7:ec:21:33:89:66:ad:8a:8b:b1:
                    82:2e:f9:50:0d:02:73:39:45:bc:55:e0:1e:ac:34:
                    96:94:a5:17:e4:47:aa:2a:1d:1b:7a:b6:da:bf:a9:
                    18:37:fb:a0:6d:5b:11:32:89:20:1c:05:7b:4e:4e:
                    ee:5a:d5:c5:97:24:43:83:d4:1b:89:98:bf:ab:d0:
                    76:96:42:94:25:b2:da:80:55:8b:8c:8a:c8:b5:db:
                    7b:0d:86:1f:17:d5:bc:d3:72:d2:ac:d8:81:bf:c8:
                    5e:83:20:d3:0a:ce:5b:d1:78:8a:37:37:ef:5c:35:
                    a5:b1:0d:69:37:eb:54:f7:f2:19:eb:8a:b0:7e:7f:
                    c4:da:e6:d8:d4:76:6d:c6:a3:e3:69:b8:4e:02:ae:
                    40:3e:a2:07:e0:4a:9b:ae:7d:b5:ab:a1:54:ab:0d:
                    e5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:1D:95:AF:7F:32:B4:4C:0E:73:76:8A:96:D5:ED:FD:CC:EF:66:84
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:78:48:22:20:e5:fd:4d:63:71:79:cf:7a:cb:53:df:ac:37:
         94:6d:d7:22:ca:fa:1a:28:c9:f9:fa:7f:66:ec:c7:9d:b5:e8:
         21:1d:50:b8:0e:49:5d:49:4f:a1:fa:91:0f:b5:55:94:99:8a:
         94:f5:8b:80:5a:06:ce:b7:09:ac:5a:8b:b5:ac:0e:9d:58:4c:
         22:db:ae:e2:74:35:fb:80:dc:81:1a:12:d0:f8:f6:96:c8:a7:
         8b:1c:43:22:2a:17:bf:ef:7b:da:a3:a5:1e:0a:c4:9e:9d:9d:
         42:8f:1c:32:66:b4:9d:75:30:2b:b7:cd:67:75:de:f3:f9:6d:
         21:2c:69:44:d8:92:f2:42:4d:77:3a:ac:b4:0b:34:17:cc:36:
         58:63:92:b9:c4:a2:96:35:78:a2:7a:7d:49:13:69:d2:af:30:
         79:8a:38:44:1a:a3:07:c2:0e:cd:eb:0b:6a:7f:10:96:b9:9a:
         02:93:f3:4e:07:a0:ad:2b:a7:89:31:19:d3:9d:bd:16:39:64:
         9a:46:e9:bf:bc:a3:9e:87:f9:ce:3b:32:9a:8b:a6:06:fc:d2:
         cb:fd:1d:32:b5:90:1f:9c:6e:3b:c6:2c:a9:bb:36:9e:55:a7:
         8c:2b:78:d3:20:bd:c5:f6:78:ba:04:76:07:fd:7f:a4:ac:02:
         d0:4f:f0:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyAeYp476cUD8j/RYcXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUxMTExMDQwMTA5WhcNMjUxMTEyMDQwMTA5WjAzMTEwLwYDVQQD
EyhjOTFkOTVhZjdmMzJiNDRjMGU3Mzc2OGE5NmQ1ZWRmZGNjZWY2Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HvS/ET7kSGV/+l54RYERQkQLLiP
n9JFTc/oHghw53Fe6mZQzqgFdakVd0V6euGCMBr9LQB1ZiLFcHA0o+4KBhokVkDJ
BGrKCyNIc6cc2SWQKmFQKJ3GMCUjcxFmYsfsITOJZq2Ki7GCLvlQDQJzOUW8VeAe
rDSWlKUX5EeqKh0berbav6kYN/ugbVsRMokgHAV7Tk7uWtXFlyRDg9QbiZi/q9B2
lkKUJbLagFWLjIrItdt7DYYfF9W803LSrNiBv8hegyDTCs5b0XiKNzfvXDWlsQ1p
N+tU9/IZ64qwfn/E2ubY1HZtxqPjabhOAq5APqIH4Eqbrn21q6FUqw3lhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkdla9/MrRMDnN2ipbV7f3M72aEMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXhIIiDl
/U1jcXnPestT36w3lG3XIsr6GijJ+fp/ZuzHnbXoIR1QuA5JXUlPofqRD7VVlJmK
lPWLgFoGzrcJrFqLtawOnVhMItuu4nQ1+4DcgRoS0Pj2lsinixxDIioXv+972qOl
HgrEnp2dQo8cMma0nXUwK7fNZ3Xe8/ltISxpRNiS8kJNdzqstAs0F8w2WGOSucSi
ljV4onp9SRNp0q8weYo4RBqjB8IOzesLan8QlrmaApPzTgegrSuniTEZ0529Fjlk
mkbpv7yjnof5zjsymoumBvzSy/0dMrWQH5xuO8Ysqbs2nlWnjCt40yC9xfZ4ugR2
B/1/pKwC0E/w5A==
-----END CERTIFICATE-----