Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          q8B2kp5esx+dvBS4HicKQZQuOrZ5Lzst1MPluwLOZQk=
Subject key identifier:   D9:33:5E:28:F0:DF:3E:54:A7:33:7D:84:2C:F6:60:F1:44:46:1A:3D
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019A71B871B9612F21A07B30CCF6B0BD2FA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          0A3A
Signing time:             Tue 11 Nov 2025 07:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:44 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: DylmYMG6MGxH22zjg+cl41P3cyxuLVoBzQSDSoaQWZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:71:b9:61:2f:21:a0:7b:30:cc:f6:b0:bd:2f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Nov 11 07:01:44 2025 GMT
            Not After : Nov 12 07:01:44 2025 GMT
        Subject: CN=d9335e28f0df3e54a7337d842cf660f144461a3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fe:a4:ca:ce:13:22:73:a7:dd:cb:47:d3:9e:
                    57:5c:0b:79:83:b4:05:f2:f1:52:81:c7:0f:28:67:
                    76:e7:85:4e:46:98:4d:77:c2:09:ea:19:2f:10:18:
                    16:b1:47:ae:bc:ea:f8:9a:48:c6:f2:70:bb:a7:1e:
                    b1:02:39:f1:29:ea:bb:18:fe:6e:22:de:27:7c:c7:
                    d5:49:a7:e5:0b:d2:40:27:00:60:be:30:6f:04:1d:
                    66:f3:96:da:35:b9:62:03:b6:4f:54:08:2a:8b:30:
                    a7:3d:03:b3:90:71:5b:bf:5f:1c:06:a2:d3:50:b9:
                    6e:55:3d:cd:99:f1:e1:f7:bf:cd:1d:52:7b:7c:90:
                    ff:f4:f6:98:b7:f8:20:5a:be:e5:7d:d5:46:e6:36:
                    7f:20:2b:00:03:9f:e4:3e:19:8d:57:c8:ff:27:14:
                    63:69:8c:30:cb:ec:33:0e:19:57:eb:b2:ca:f8:fe:
                    a5:31:6d:03:9d:e7:7c:10:db:02:ed:e0:68:eb:f8:
                    01:25:1d:79:e6:da:66:dd:4c:5d:17:55:1a:1a:aa:
                    9b:7a:26:aa:de:22:1d:49:d0:7b:aa:a7:c2:6b:09:
                    68:cb:8c:7d:1b:ab:c0:5a:8e:ff:b8:34:9f:42:ea:
                    7f:c5:01:46:c3:3a:a0:60:0c:a3:ec:8a:8e:8f:3b:
                    66:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:33:5E:28:F0:DF:3E:54:A7:33:7D:84:2C:F6:60:F1:44:46:1A:3D
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:df:aa:f2:41:bb:84:ac:24:71:56:79:27:81:8b:7d:bf:9a:
         84:d6:63:5d:cf:dc:9a:1b:37:76:e8:1e:73:2e:af:6d:15:9b:
         83:5b:a4:c1:f4:be:2a:81:cf:be:67:e8:e4:da:57:b2:22:4c:
         9c:bf:6d:eb:b3:a5:f7:18:66:7c:42:8c:4d:dc:5c:d7:a6:e4:
         7c:30:19:1c:3c:47:00:36:f4:d8:51:ec:7d:e6:73:0c:d3:22:
         f8:93:9d:49:ea:3e:7b:61:01:b2:84:df:ee:a6:ad:43:05:fc:
         a2:15:45:b3:f7:48:1d:9f:f0:6b:72:24:9c:b8:f7:db:59:00:
         1f:47:bc:d3:96:4b:0f:5c:41:2c:e4:3d:5f:97:63:cb:b2:3d:
         b0:dd:71:f2:ae:b5:b9:7f:d4:92:c2:2c:3d:58:a3:ca:03:1e:
         2e:d2:bd:fe:bf:b1:19:df:12:15:93:b1:9e:70:83:f0:25:30:
         8f:51:ca:98:7f:8d:4d:33:85:76:9d:94:d2:64:5c:91:96:5a:
         b6:44:ca:90:9c:81:7c:a8:6a:2d:4f:cf:2b:26:0f:07:94:fc:
         df:e7:ce:bd:7b:39:f8:16:e6:93:80:6f:45:6a:eb:15:33:f4:
         e9:de:2d:9b:9f:13:5d:70:e8:89:d7:7e:79:f4:1c:e6:81:95:
         2b:8a:cd:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHG5YS8hoHswzPawvS+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjUxMTExMDcwMTQ0WhcNMjUxMTEyMDcwMTQ0WjAzMTEwLwYDVQQD
EyhkOTMzNWUyOGYwZGYzZTU0YTczMzdkODQyY2Y2NjBmMTQ0NDYxYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf6kys4TInOn3ctH055XXAt5g7QF
8vFSgccPKGd254VORphNd8IJ6hkvEBgWsUeuvOr4mkjG8nC7px6xAjnxKeq7GP5u
It4nfMfVSaflC9JAJwBgvjBvBB1m85baNbliA7ZPVAgqizCnPQOzkHFbv18cBqLT
ULluVT3NmfHh97/NHVJ7fJD/9PaYt/ggWr7lfdVG5jZ/ICsAA5/kPhmNV8j/JxRj
aYwwy+wzDhlX67LK+P6lMW0Dned8ENsC7eBo6/gBJR155tpm3UxdF1UaGqqbeiaq
3iIdSdB7qqfCawloy4x9G6vAWo7/uDSfQup/xQFGwzqgYAyj7IqOjztmsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkzXijw3z5UpzN9hCz2YPFERho9MB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9+q8kG7
hKwkcVZ5J4GLfb+ahNZjXc/cmhs3dugecy6vbRWbg1ukwfS+KoHPvmfo5NpXsiJM
nL9t67Ol9xhmfEKMTdxc16bkfDAZHDxHADb02FHsfeZzDNMi+JOdSeo+e2EBsoTf
7qatQwX8ohVFs/dIHZ/wa3IknLj321kAH0e805ZLD1xBLOQ9X5djy7I9sN1x8q61
uX/UksIsPVijygMeLtK9/r+xGd8SFZOxnnCD8CUwj1HKmH+NTTOFdp2U0mRckZZa
tkTKkJyBfKhqLU/PKyYPB5T83+fOvXs5+Bbmk4BvRWrrFTP06d4tm58TXXDoidd+
efQc5oGVK4rN/g==
-----END CERTIFICATE-----