Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File:                     YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier:          B1eszoGs7l1fqlWGKtlmodNErA6T0NZBDgY4n180SAk=
Subject key identifier:   06:7A:2D:63:5F:C4:84:7A:7F:6E:A3:B3:BB:10:78:1A:AF:93:11:35
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer:       /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial:       0197B88EBDE7CBD64810011A158FBA01C54D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number:          1044
Signing time:             Sat 28 Jun 2025 22:00:51 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:51 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:51 +0000
Files and hashes:         1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: Q9z6XGVHRA3hTCBXepmGnR0m9zU9ASFhuLI9Ty+ijbc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:bd:e7:cb:d6:48:10:01:1a:15:8f:ba:01:c5:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
        Validity
            Not Before: Jun 28 22:00:51 2025 GMT
            Not After : Jun 29 22:00:51 2025 GMT
        Subject: CN=067a2d635fc4847a7f6ea3b3bb10781aaf931135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f0:26:7f:1b:85:26:c6:5d:ca:09:4d:ed:be:
                    cb:31:a4:2a:62:f2:d1:8e:8d:c6:3c:63:36:5f:5c:
                    e9:2e:d3:4a:05:34:2b:73:31:6b:60:92:b7:fe:c3:
                    1a:3d:a0:0f:c5:63:a7:2b:8f:18:81:a0:c5:10:fd:
                    25:c6:dc:3b:17:f1:5d:cd:7a:fe:f0:d4:ea:b5:42:
                    a9:88:1b:02:5b:87:b1:c2:39:9e:5e:29:13:0e:43:
                    6d:68:77:f0:a2:98:80:15:8c:99:cc:f1:1a:fb:f2:
                    86:b5:ee:64:e5:94:1c:24:85:48:25:85:79:86:47:
                    d2:d5:72:cf:de:8b:ce:9e:be:bc:00:e0:5f:a7:5e:
                    74:e5:3d:1a:38:25:22:03:d5:b8:8f:14:22:01:65:
                    c5:12:72:47:9e:9d:f0:d2:a6:ac:93:f4:af:42:b5:
                    6d:5b:10:2e:ef:f5:37:53:a3:90:4e:a3:41:c0:b9:
                    af:6f:89:06:cc:ed:21:68:a8:51:e0:3d:eb:82:72:
                    97:7c:2c:c6:77:f8:f9:6b:06:b5:81:0e:9a:8e:e2:
                    bc:e8:fa:1e:f7:73:8e:a8:84:29:77:2d:59:c7:96:
                    39:6c:4f:4a:9d:a1:49:88:04:f3:56:1f:5e:37:50:
                    30:4f:61:54:2d:90:83:23:26:a8:2d:0f:9e:e9:78:
                    ff:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:7A:2D:63:5F:C4:84:7A:7F:6E:A3:B3:BB:10:78:1A:AF:93:11:35
            X509v3 Authority Key Identifier:
                keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:a2:a1:bc:4d:29:cd:10:cb:f6:67:18:89:9b:7d:30:de:0b:
         45:d8:59:2b:3a:41:97:96:6d:87:57:c9:7c:65:d1:cb:67:1d:
         16:b1:9e:ed:dc:c5:85:15:dd:65:5e:fc:b8:92:a9:c2:6d:6c:
         09:3a:c5:6a:7d:aa:3b:33:96:6a:2e:59:f2:57:1e:d6:36:2c:
         8d:64:56:a9:74:83:db:d5:c2:77:75:29:0e:df:e6:83:ee:ca:
         f7:25:52:37:f7:53:74:e3:51:97:52:94:6d:a7:22:79:3c:4e:
         1b:ff:00:23:6e:0f:60:dc:a4:c7:9b:a0:ed:89:ef:60:c8:a4:
         f4:91:45:c7:5a:93:13:a9:49:dd:74:56:60:6c:41:e7:65:c8:
         0d:b5:dc:08:b3:b8:33:77:31:d3:9c:26:c7:fc:bd:1e:56:3f:
         7a:1f:00:c1:f9:82:0d:83:c9:79:f4:35:13:d6:99:8a:4c:49:
         11:86:54:c6:89:b1:89:19:6b:ce:95:72:5c:e7:d9:02:3a:e8:
         b9:e7:5b:e9:29:c0:89:4c:32:57:6c:9c:bd:2a:66:d9:d1:ee:
         83:78:33:ff:00:95:eb:72:d9:64:51:38:9e:0b:d9:c8:b5:a3:
         ce:24:4c:c4:a8:2c:04:f4:8d:78:a6:fa:92:1a:8e:25:b1:6c:
         6d:1f:8a:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jr3ny9ZIEAEaFY+6AcVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjUwNjI4MjIwMDUxWhcNMjUwNjI5MjIwMDUxWjAzMTEwLwYDVQQD
EygwNjdhMmQ2MzVmYzQ4NDdhN2Y2ZWEzYjNiYjEwNzgxYWFmOTMxMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvAmfxuFJsZdyglN7b7LMaQqYvLR
jo3GPGM2X1zpLtNKBTQrczFrYJK3/sMaPaAPxWOnK48YgaDFEP0lxtw7F/FdzXr+
8NTqtUKpiBsCW4exwjmeXikTDkNtaHfwopiAFYyZzPEa+/KGte5k5ZQcJIVIJYV5
hkfS1XLP3ovOnr68AOBfp1505T0aOCUiA9W4jxQiAWXFEnJHnp3w0qask/SvQrVt
WxAu7/U3U6OQTqNBwLmvb4kGzO0haKhR4D3rgnKXfCzGd/j5awa1gQ6ajuK86Poe
93OOqIQpdy1Zx5Y5bE9KnaFJiATzVh9eN1AwT2FULZCDIyaoLQ+e6Xj/YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZ6LWNfxIR6f26js7sQeBqvkxE1MB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGqKhvE0p
zRDL9mcYiZt9MN4LRdhZKzpBl5Zth1fJfGXRy2cdFrGe7dzFhRXdZV78uJKpwm1s
CTrFan2qOzOWai5Z8lce1jYsjWRWqXSD29XCd3UpDt/mg+7K9yVSN/dTdONRl1KU
bacieTxOG/8AI24PYNykx5ug7YnvYMik9JFFx1qTE6lJ3XRWYGxB52XIDbXcCLO4
M3cx05wmx/y9HlY/eh8AwfmCDYPJefQ1E9aZikxJEYZUxomxiRlrzpVyXOfZAjro
uedb6SnAiUwyV2ycvSpm2dHug3gz/wCV63LZZFE4ngvZyLWjziRMxKgsBPSNeKb6
khqOJbFsbR+KYA==
-----END CERTIFICATE-----