Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          sqXnYP0nQQiTm9ozi2a8VSAn5A3DVahOlp9JrEMbVyU=
Subject key identifier:   DF:87:AD:AE:E7:4B:23:6D:99:7C:FD:16:AB:B4:2A:95:9E:E5:EE:97
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       0197C312D3B1A6B9E7FC35D5A92D0FBF27B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          15B8
Signing time:             Mon 30 Jun 2025 23:01:20 +0000
Manifest this update:     Mon 30 Jun 2025 23:01:20 +0000
Manifest next update:     Tue 01 Jul 2025 23:01:20 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: 7ub1CbCe/ICjYSU/uxqCAuHtRc6VoeaePbkegfdPI0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c3:12:d3:b1:a6:b9:e7:fc:35:d5:a9:2d:0f:bf:27:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Jun 30 23:01:20 2025 GMT
            Not After : Jul  1 23:01:20 2025 GMT
        Subject: CN=df87adaee74b236d997cfd16abb42a959ee5ee97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a6:53:3e:5b:a2:23:ab:64:68:ef:a4:f6:96:
                    92:b3:f2:09:6e:8d:09:84:dd:49:be:8a:bf:1b:3f:
                    dd:95:06:4d:37:d1:b2:a3:f8:28:f1:bf:77:f0:ed:
                    33:3b:9f:28:6a:2a:b9:59:43:07:68:78:f5:8f:22:
                    5a:77:18:d4:3d:77:79:62:be:3b:93:6f:83:fb:9d:
                    bc:09:32:7d:9c:47:ce:5c:7d:6f:51:c6:ad:9b:3c:
                    ff:1b:c8:92:7d:4a:c9:71:5a:cf:40:f6:44:20:06:
                    2b:0e:be:8d:29:a0:42:9b:bb:8d:41:cb:c4:76:8e:
                    1f:7e:a8:00:fc:f7:6d:f2:74:0a:ef:c6:34:82:62:
                    9c:5a:28:9b:56:d3:cd:81:36:13:57:54:a5:4e:4d:
                    0d:c7:22:cb:64:0e:9b:75:16:5a:61:1d:d8:0c:41:
                    27:9b:6f:8c:3a:5b:7b:18:52:f6:83:58:53:ae:1a:
                    fc:fd:eb:9f:88:01:5c:96:2b:4d:51:e2:fe:ee:ad:
                    17:51:8b:c7:4b:05:a0:78:02:99:a2:51:f1:2c:3f:
                    08:ae:d2:da:b2:4c:cb:92:71:a6:d6:af:b1:4c:23:
                    1f:c8:b6:7e:76:8f:5d:8a:a4:ec:2f:ab:a8:74:8e:
                    87:38:00:47:6d:cd:bd:fb:2c:7d:b8:eb:af:9b:5a:
                    df:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:87:AD:AE:E7:4B:23:6D:99:7C:FD:16:AB:B4:2A:95:9E:E5:EE:97
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:cc:17:8a:22:ff:97:db:f1:3a:55:64:be:97:db:a4:28:d7:
         e1:b2:f0:a6:07:fc:aa:7d:ea:b9:75:2c:d5:1d:2d:b4:52:b6:
         7f:2b:53:e3:b6:af:05:be:db:71:71:bd:fb:58:c5:08:05:f9:
         43:5c:5c:14:de:54:58:5e:c0:07:03:0a:fe:a9:1d:a4:25:a5:
         7d:95:38:6e:ec:26:96:83:13:69:d3:84:0d:9e:ee:88:01:d7:
         6d:4e:77:bc:41:6f:f2:79:e6:aa:0d:c5:c7:d6:10:74:dd:4b:
         e0:68:c8:8f:35:60:b4:4e:21:b9:da:26:f3:54:fa:1a:e7:09:
         cf:72:05:64:e2:a0:63:de:1a:44:25:0f:1b:f0:68:af:7e:b1:
         6f:a9:d3:0c:60:88:da:a7:15:e3:3e:f0:f0:c3:87:61:1f:e8:
         e7:7c:76:c8:6f:47:1e:59:4b:97:ac:b3:26:2d:0d:f9:65:7e:
         17:a7:f4:f8:9f:b0:7e:eb:0c:75:47:fd:35:73:33:32:0f:68:
         d1:41:de:a1:77:a8:90:aa:b5:2a:23:97:17:b7:3a:1c:44:55:
         6a:ac:2c:d0:26:b8:36:61:b5:30:e5:8e:4c:c7:ff:cd:35:3c:
         82:86:e0:39:1b:03:78:54:80:7e:20:4d:16:2a:b2:fb:ff:7c:
         07:c7:18:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfDEtOxprnn/DXVqS0Pvye2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUwNjMwMjMwMTIwWhcNMjUwNzAxMjMwMTIwWjAzMTEwLwYDVQQD
EyhkZjg3YWRhZWU3NGIyMzZkOTk3Y2ZkMTZhYmI0MmE5NTllZTVlZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aZTPluiI6tkaO+k9paSs/IJbo0J
hN1Jvoq/Gz/dlQZNN9Gyo/go8b938O0zO58oaiq5WUMHaHj1jyJadxjUPXd5Yr47
k2+D+528CTJ9nEfOXH1vUcatmzz/G8iSfUrJcVrPQPZEIAYrDr6NKaBCm7uNQcvE
do4ffqgA/Pdt8nQK78Y0gmKcWiibVtPNgTYTV1SlTk0NxyLLZA6bdRZaYR3YDEEn
m2+MOlt7GFL2g1hTrhr8/eufiAFclitNUeL+7q0XUYvHSwWgeAKZolHxLD8IrtLa
skzLknGm1q+xTCMfyLZ+do9diqTsL6uodI6HOABHbc29+yx9uOuvm1rfYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+Hra7nSyNtmXz9Fqu0KpWe5e6XMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArMwXiiL/
l9vxOlVkvpfbpCjX4bLwpgf8qn3quXUs1R0ttFK2fytT47avBb7bcXG9+1jFCAX5
Q1xcFN5UWF7ABwMK/qkdpCWlfZU4buwmloMTadOEDZ7uiAHXbU53vEFv8nnmqg3F
x9YQdN1L4GjIjzVgtE4hudom81T6GucJz3IFZOKgY94aRCUPG/Bor36xb6nTDGCI
2qcV4z7w8MOHYR/o53x2yG9HHllLl6yzJi0N+WV+F6f0+J+wfusMdUf9NXMzMg9o
0UHeoXeokKq1KiOXF7c6HERVaqws0Ca4NmG1MOWOTMf/zTU8gobgORsDeFSAfiBN
Fiqy+/98B8cYVg==
-----END CERTIFICATE-----