Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          UfxGza5H6KyInc2R/wkeSCbRdAjXeE0AQqKwNkzNi/0=
Subject key identifier:   05:96:95:75:7F:D9:EC:81:0F:8B:0E:FE:21:5E:DC:87:A8:4E:B1:2C
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       019A71B90A6E968ABCFC9641621B6D7D246D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:02:23 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:23 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:23 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: oLgQfiwOaaMacGHBYlt/RXga8LGUhgnQwA9y/aeGOZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:0a:6e:96:8a:bc:fc:96:41:62:1b:6d:7d:24:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Nov 11 07:02:23 2025 GMT
            Not After : Nov 12 07:02:23 2025 GMT
        Subject: CN=059695757fd9ec810f8b0efe215edc87a84eb12c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:38:44:d8:ea:49:cb:23:0b:80:1a:ae:57:f6:
                    76:86:66:a1:f9:43:0e:0b:cc:61:ec:de:f1:c0:28:
                    0d:f4:74:e0:a0:4e:a1:b7:d3:b5:be:32:b6:58:3e:
                    80:ed:ea:bb:b2:12:46:d0:ab:9e:96:e3:77:19:dd:
                    eb:63:6d:6a:7a:76:31:ff:ae:13:81:7e:dd:25:b5:
                    fc:d1:35:0b:11:60:3c:9c:a4:93:a3:ca:d3:93:4d:
                    35:95:11:89:31:0e:b1:88:58:b7:7f:7e:1f:c6:63:
                    85:f2:eb:82:d0:e5:7d:85:7e:b5:2a:e8:41:22:39:
                    ea:7e:73:5d:c7:39:ab:88:57:f8:da:db:9f:22:88:
                    84:a0:27:45:93:ab:be:c8:0d:cd:7d:d0:4d:ea:d1:
                    a3:18:41:9b:fe:56:c7:4c:ef:c1:c1:ee:9c:7f:f9:
                    81:15:e5:30:52:5d:82:49:cc:a0:21:61:d9:d5:10:
                    1d:02:55:67:27:49:2e:87:2d:7b:5b:97:d2:67:d9:
                    32:ca:3b:08:e7:8d:90:da:fb:25:e2:fd:3b:90:08:
                    0e:c4:59:55:ab:f4:84:fc:dc:6c:b9:ba:2b:8b:f7:
                    78:66:bc:29:07:38:b0:c9:28:a2:8b:72:59:83:4d:
                    9e:99:39:77:6e:34:fb:37:26:e2:c7:77:35:53:7b:
                    c4:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:96:95:75:7F:D9:EC:81:0F:8B:0E:FE:21:5E:DC:87:A8:4E:B1:2C
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:39:38:bf:b5:35:f2:71:a6:f6:cc:61:69:65:2e:51:1c:71:
         b9:57:fa:64:16:c9:07:02:1e:88:67:ba:1b:84:02:75:ea:fa:
         7b:4a:ed:43:3e:9e:4d:0b:a7:a4:3b:9d:c0:10:27:f5:d4:bb:
         68:66:6e:6c:0b:1c:95:96:15:b2:4a:85:82:17:1f:9f:93:c5:
         1b:b1:30:62:28:d7:bc:9d:10:f2:bb:48:4a:6a:c3:80:87:c9:
         3c:30:e3:07:f8:16:3f:72:d7:4e:bd:68:1f:da:f1:8b:1f:de:
         55:c0:50:f8:f9:27:a8:6e:48:bf:84:65:81:2b:1b:c2:a6:35:
         ed:d2:9a:dd:56:29:52:45:f1:c9:16:ee:67:a4:c6:36:85:b7:
         86:3e:d3:49:14:79:f7:ae:71:3f:19:b0:0f:cb:cf:f1:0a:da:
         dd:e2:18:73:fd:76:85:c6:c7:2e:9d:f1:6e:c6:61:a7:06:f6:
         95:64:f4:50:6c:e2:95:7c:94:52:16:8d:a5:9a:f9:ed:7b:7a:
         f9:15:f6:72:43:4d:5d:8d:0c:d4:91:5e:7c:eb:f2:d4:13:82:
         ab:c1:bf:7e:7a:a5:dc:f4:9f:a8:9a:d2:2d:34:3b:51:83:81:
         59:08:9e:49:0a:6b:c7:93:02:61:25:36:98:1a:5c:f1:6c:16:
         b5:f8:4b:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQpuloq8/JZBYhttfSRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjUxMTExMDcwMjIzWhcNMjUxMTEyMDcwMjIzWjAzMTEwLwYDVQQD
EygwNTk2OTU3NTdmZDllYzgxMGY4YjBlZmUyMTVlZGM4N2E4NGViMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zhE2OpJyyMLgBquV/Z2hmah+UMO
C8xh7N7xwCgN9HTgoE6ht9O1vjK2WD6A7eq7shJG0KueluN3Gd3rY21qenYx/64T
gX7dJbX80TULEWA8nKSTo8rTk001lRGJMQ6xiFi3f34fxmOF8uuC0OV9hX61KuhB
IjnqfnNdxzmriFf42tufIoiEoCdFk6u+yA3NfdBN6tGjGEGb/lbHTO/Bwe6cf/mB
FeUwUl2CScygIWHZ1RAdAlVnJ0kuhy17W5fSZ9kyyjsI542Q2vsl4v07kAgOxFlV
q/SE/Nxsubori/d4ZrwpBziwySiii3JZg02emTl3bjT7Nybix3c1U3vEkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWWlXV/2eyBD4sO/iFe3IeoTrEsMB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDk4v7U1
8nGm9sxhaWUuURxxuVf6ZBbJBwIeiGe6G4QCder6e0rtQz6eTQunpDudwBAn9dS7
aGZubAsclZYVskqFghcfn5PFG7EwYijXvJ0Q8rtISmrDgIfJPDDjB/gWP3LXTr1o
H9rxix/eVcBQ+PknqG5Iv4RlgSsbwqY17dKa3VYpUkXxyRbuZ6TGNoW3hj7TSRR5
965xPxmwD8vP8Qra3eIYc/12hcbHLp3xbsZhpwb2lWT0UGzilXyUUhaNpZr57Xt6
+RX2ckNNXY0M1JFefOvy1BOCq8G/fnql3PSfqJrSLTQ7UYOBWQieSQprx5MCYSU2
mBpc8WwWtfhLrA==
-----END CERTIFICATE-----