Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
File:                     UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json)
Hash identifier:          wx0u9OS+CjwkMU/4fOPym9ntYM0HqRmJyVGZpqBmWro=
Subject key identifier:   A3:81:20:1E:C5:5D:0A:3B:7E:02:C5:D0:44:A8:A1:8A:1B:64:9F:0F
Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2
Certificate issuer:       /CN=5205f586d8263bb06d64050f8f484c14e803c4b2
Certificate serial:       019A71B7ACC4522A101A1B8C32207AB129EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
Manifest number:          0D5D
Signing time:             Tue 11 Nov 2025 07:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:54 +0000
Files and hashes:         1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: 99XISB2kkuSFsnv6ryMJhYCU64lRT3e8vIE1u3q1x5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ac:c4:52:2a:10:1a:1b:8c:32:20:7a:b1:29:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2
        Validity
            Not Before: Nov 11 07:00:54 2025 GMT
            Not After : Nov 12 07:00:54 2025 GMT
        Subject: CN=a381201ec55d0a3b7e02c5d044a8a18a1b649f0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9c:a6:c8:d1:c1:6e:54:44:9a:fb:bb:30:b7:
                    5d:0c:d5:1e:d2:6b:84:45:a8:e2:d6:f9:65:cb:7f:
                    36:c5:05:f5:10:84:40:6d:a2:36:0d:08:71:01:49:
                    6a:96:3b:d3:20:41:df:b4:6a:87:13:6d:66:2c:31:
                    4d:62:ba:68:89:ae:19:a2:4d:5f:d3:40:2e:7e:9d:
                    b6:3f:22:91:54:bb:c7:10:41:75:84:33:e7:85:a1:
                    4c:34:79:02:fb:21:25:66:66:64:e7:5e:ae:8a:83:
                    57:25:fe:ca:4a:6a:11:ec:4a:9b:ab:a9:e0:4c:80:
                    ca:66:22:06:e7:cc:da:de:e0:74:e4:2a:86:66:f4:
                    66:aa:b5:8d:ef:96:96:47:7c:01:c0:ff:22:f9:70:
                    d4:62:df:e9:cf:80:e8:de:a6:0f:5b:dd:22:3d:5e:
                    29:76:d3:ef:2a:49:42:62:47:fe:d7:fd:d5:20:ca:
                    9a:24:c9:73:4a:b8:58:d3:8e:40:4a:12:ca:07:a3:
                    ec:b8:24:2c:b8:f1:02:90:88:78:eb:29:87:0c:30:
                    a5:d4:46:3b:ff:fd:b7:25:75:0a:3c:ec:b0:e4:5a:
                    f0:35:4f:a3:54:98:51:4e:91:45:3c:d2:c8:f0:e2:
                    a2:38:b7:2e:07:eb:76:a4:58:0b:2a:83:f6:c7:cb:
                    d4:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:81:20:1E:C5:5D:0A:3B:7E:02:C5:D0:44:A8:A1:8A:1B:64:9F:0F
            X509v3 Authority Key Identifier:
                keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:01:58:f7:ec:78:03:02:77:40:3f:da:99:c7:e8:73:03:ca:
         94:a8:2d:b3:0c:ed:7f:ba:37:a8:eb:32:f3:9a:d1:a1:d8:2e:
         f4:45:55:bd:c5:33:dd:1b:d1:59:65:14:af:f3:a4:28:e7:b0:
         c4:55:67:b2:21:8e:c9:71:09:2a:e5:90:64:f4:13:38:b0:0c:
         20:70:e9:36:49:e5:94:d6:10:ef:89:36:1f:3a:50:4d:0a:7b:
         3d:b6:0b:1d:37:c0:d9:13:a8:91:7e:60:3c:e1:e5:e9:ed:5e:
         14:47:6a:38:d7:8c:d8:88:44:25:5b:18:c3:c0:68:3d:12:d0:
         8f:be:fe:13:7b:3d:38:c8:6b:df:f8:bc:12:c1:f5:3d:46:ab:
         34:93:b6:11:f8:b4:6d:f2:d6:11:ad:71:65:86:46:bb:5c:76:
         53:da:ae:ff:8d:c4:b2:00:db:33:43:fe:2a:b9:93:65:18:91:
         50:17:f9:aa:3b:f7:a9:b9:40:81:cf:c2:1f:ac:56:0a:57:d0:
         b3:28:b2:a3:07:bf:03:76:c5:d6:35:b2:20:a9:27:71:37:f4:
         83:86:07:a5:96:2f:03:c1:d2:79:ae:68:70:b2:82:c1:9b:01:
         cd:7d:d2:e9:f4:9f:02:41:f6:5b:e5:c0:98:70:59:38:25:f7:
         ea:7e:1d:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6zEUioQGhuMMiB6sSnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw
M2M0YjIwHhcNMjUxMTExMDcwMDU0WhcNMjUxMTEyMDcwMDU0WjAzMTEwLwYDVQQD
EyhhMzgxMjAxZWM1NWQwYTNiN2UwMmM1ZDA0NGE4YTE4YTFiNjQ5ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZymyNHBblREmvu7MLddDNUe0muE
Raji1vlly382xQX1EIRAbaI2DQhxAUlqljvTIEHftGqHE21mLDFNYrpoia4Zok1f
00Aufp22PyKRVLvHEEF1hDPnhaFMNHkC+yElZmZk516uioNXJf7KSmoR7Eqbq6ng
TIDKZiIG58za3uB05CqGZvRmqrWN75aWR3wBwP8i+XDUYt/pz4Do3qYPW90iPV4p
dtPvKklCYkf+1/3VIMqaJMlzSrhY045AShLKB6PsuCQsuPECkIh46ymHDDCl1EY7
//23JXUKPOyw5FrwNU+jVJhRTpFFPNLI8OKiOLcuB+t2pFgLKoP2x8vU/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOBIB7FXQo7fgLF0ESooYobZJ8PMB8GA1UdIwQY
MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt
MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0
LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXAFY9+x4
AwJ3QD/amcfocwPKlKgtswztf7o3qOsy85rRodgu9EVVvcUz3RvRWWUUr/OkKOew
xFVnsiGOyXEJKuWQZPQTOLAMIHDpNknllNYQ74k2HzpQTQp7PbYLHTfA2ROokX5g
POHl6e1eFEdqONeM2IhEJVsYw8BoPRLQj77+E3s9OMhr3/i8EsH1PUarNJO2Efi0
bfLWEa1xZYZGu1x2U9qu/43EsgDbM0P+KrmTZRiRUBf5qjv3qblAgc/CH6xWClfQ
syiyowe/A3bF1jWyIKkncTf0g4YHpZYvA8HSea5ocLKCwZsBzX3S6fSfAkH2W+XA
mHBZOCX36n4djA==
-----END CERTIFICATE-----