Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          jSH5YdwZd4Kt4P/DTjmmGpf9dvBuX2wDzg7yeAmuy/g=
Subject key identifier:   F3:F3:80:16:7C:08:18:4F:75:05:DD:24:62:0F:33:1D:D8:84:D4:7E
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       019A71134A4FC2A07C9F9C0BDC16584A626B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          03F0
Signing time:             Tue 11 Nov 2025 04:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:20 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: y+Udp+7r1IdyD44YitLeBv235cD3WvCHV3QCt4QNtSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:4a:4f:c2:a0:7c:9f:9c:0b:dc:16:58:4a:62:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Nov 11 04:01:20 2025 GMT
            Not After : Nov 12 04:01:20 2025 GMT
        Subject: CN=f3f380167c08184f7505dd24620f331dd884d47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2e:b0:a5:30:42:cb:64:1e:50:b4:23:f1:03:
                    eb:72:5b:86:a2:5a:ae:cf:4d:4c:ec:25:11:11:c5:
                    b5:bc:ad:05:a5:a4:8d:2a:ef:ff:7f:5a:94:92:80:
                    4e:74:fb:9e:26:88:e2:5e:79:94:d9:71:26:cf:85:
                    8b:82:ef:3f:a1:a4:3c:d3:2b:41:50:f3:d8:98:fd:
                    ac:d5:04:fa:ee:3d:34:16:30:25:60:f6:24:24:c5:
                    f1:f6:a8:80:aa:01:ea:e9:73:48:4b:29:8e:ce:5d:
                    7e:1f:a4:58:fd:18:8d:27:db:0c:f0:52:e9:33:e9:
                    0d:7c:a0:47:c8:95:83:74:82:e2:4f:02:26:29:1b:
                    3a:87:43:9c:eb:c3:e6:85:45:07:c5:82:2b:20:82:
                    a3:9f:1a:ed:0d:4d:cf:a1:27:7c:44:b8:c6:c7:fb:
                    74:97:6e:e6:3d:72:26:ba:d0:0d:93:ce:50:2e:e3:
                    66:1f:5d:3e:d3:b4:bc:51:43:4d:95:3c:22:55:dd:
                    7a:e5:a7:03:ec:7d:23:6f:95:c2:42:94:61:02:66:
                    5e:4c:e2:ea:83:67:58:90:f3:93:ac:ec:18:d1:c2:
                    58:22:76:d8:1a:b5:c5:a0:57:da:0c:52:0e:d6:55:
                    41:51:48:21:6d:88:b6:d3:fe:63:67:8f:98:94:95:
                    bd:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:F3:80:16:7C:08:18:4F:75:05:DD:24:62:0F:33:1D:D8:84:D4:7E
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:84:09:04:1d:7f:f8:a6:d7:b1:e7:05:95:55:42:f5:c6:04:
         14:a8:28:c8:3b:45:49:89:64:99:73:73:6b:71:8a:cb:50:2c:
         dc:42:c8:3c:4f:3d:8c:1d:62:50:2e:d8:86:e7:c1:88:fa:ac:
         f4:6f:56:ed:d7:8e:89:08:5e:bd:ee:fa:02:11:ed:92:2d:c1:
         a5:2b:a0:74:c3:42:1a:28:cb:28:05:90:99:98:2b:ab:34:6e:
         40:f9:66:37:ac:bc:7b:b0:4a:1d:3e:d4:3a:de:b8:79:5c:0b:
         ea:9f:c6:c6:8e:82:7a:a0:02:75:ed:02:62:cc:a8:42:75:6e:
         73:8e:1b:3d:af:b5:dc:c9:a4:4f:8f:62:21:01:47:7b:cb:ed:
         02:8e:83:7f:02:5a:d9:85:15:4c:92:36:b6:b2:1c:99:ab:26:
         33:30:cd:df:bc:13:5f:c8:03:21:a3:0a:68:3b:3a:b3:b3:2d:
         bd:c8:12:35:32:4c:4c:2f:43:02:58:da:d2:33:b5:e4:e0:88:
         38:09:d0:17:4d:19:b9:ff:9b:d6:e2:4a:37:58:e4:3d:4a:50:
         4b:f2:db:2e:eb:89:1a:d5:e8:dc:98:f1:3b:8f:05:9a:28:a7:
         f0:cd:8a:91:dd:b2:22:0f:32:66:77:05:ee:c7:84:00:a6:0a:
         c0:8e:dc:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0pPwqB8n5wL3BZYSmJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUxMTExMDQwMTIwWhcNMjUxMTEyMDQwMTIwWjAzMTEwLwYDVQQD
EyhmM2YzODAxNjdjMDgxODRmNzUwNWRkMjQ2MjBmMzMxZGQ4ODRkNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC6wpTBCy2QeULQj8QPrcluGolqu
z01M7CUREcW1vK0FpaSNKu//f1qUkoBOdPueJojiXnmU2XEmz4WLgu8/oaQ80ytB
UPPYmP2s1QT67j00FjAlYPYkJMXx9qiAqgHq6XNISymOzl1+H6RY/RiNJ9sM8FLp
M+kNfKBHyJWDdILiTwImKRs6h0Oc68PmhUUHxYIrIIKjnxrtDU3PoSd8RLjGx/t0
l27mPXImutANk85QLuNmH10+07S8UUNNlTwiVd165acD7H0jb5XCQpRhAmZeTOLq
g2dYkPOTrOwY0cJYInbYGrXFoFfaDFIO1lVBUUghbYi20/5jZ4+YlJW9xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPzgBZ8CBhPdQXdJGIPMx3YhNR+MB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVIQJBB1/
+KbXsecFlVVC9cYEFKgoyDtFSYlkmXNza3GKy1As3ELIPE89jB1iUC7YhufBiPqs
9G9W7deOiQheve76AhHtki3BpSugdMNCGijLKAWQmZgrqzRuQPlmN6y8e7BKHT7U
Ot64eVwL6p/Gxo6CeqACde0CYsyoQnVuc44bPa+13MmkT49iIQFHe8vtAo6DfwJa
2YUVTJI2trIcmasmMzDN37wTX8gDIaMKaDs6s7MtvcgSNTJMTC9DAlja0jO15OCI
OAnQF00Zuf+b1uJKN1jkPUpQS/LbLuuJGtXo3JjxO48Fmiin8M2Kkd2yIg8yZncF
7seEAKYKwI7cIw==
-----END CERTIFICATE-----