Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          SKbDDXAB32Xs1nTOlTzGDqwN54YLVr+HJu4uwjSdHMM=
Subject key identifier:   01:70:9B:EA:84:14:36:83:F8:AF:96:69:03:4D:76:F5:FA:32:A5:9B
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       0196C9170735793FD529E606D4F057A8EED0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          10A7
Signing time:             Tue 13 May 2025 10:00:51 +0000
Manifest this update:     Tue 13 May 2025 10:00:51 +0000
Manifest next update:     Wed 14 May 2025 10:00:51 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: iKMqOkuGmNfRCx0X5dmoQtLafAcOCBHkc8Tb450jaKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:17:07:35:79:3f:d5:29:e6:06:d4:f0:57:a8:ee:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: May 13 10:00:51 2025 GMT
            Not After : May 14 10:00:51 2025 GMT
        Subject: CN=01709bea84143683f8af9669034d76f5fa32a59b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:87:b2:31:c5:e6:e6:ae:3d:22:6a:63:2c:9b:
                    67:f5:37:b9:33:17:ca:8e:9e:09:9a:8a:85:df:7b:
                    38:97:53:f7:67:cf:4b:ed:fe:8f:3d:73:e8:56:e2:
                    98:b1:1d:20:cc:c0:b1:ec:88:78:67:7d:61:c0:8c:
                    ea:5b:5f:ac:35:db:a2:c8:53:d1:18:78:ca:c2:c8:
                    f7:92:45:67:50:6f:95:06:7c:62:df:2c:cc:c3:ff:
                    2d:ef:74:42:32:9c:09:1e:ad:65:a0:c8:d9:71:88:
                    f4:8f:a0:dc:d5:51:2d:a1:ac:61:17:c6:78:6d:f2:
                    9e:88:16:92:a4:05:d1:97:48:36:11:97:80:89:08:
                    c9:f7:ea:d9:80:33:d6:3e:34:95:ef:b8:fc:9b:5d:
                    de:35:fa:f0:ea:17:69:ec:a4:3b:83:04:dd:05:18:
                    db:94:ea:29:a6:e2:67:f2:b9:07:3a:20:01:cd:b1:
                    c2:f0:9d:3d:c2:b1:6d:8d:eb:91:2a:48:97:30:f2:
                    15:e6:9b:22:50:48:a9:be:b5:65:78:18:3d:af:ce:
                    c0:f5:8b:5f:cc:54:d3:2d:3a:33:51:fc:2d:a0:06:
                    fb:dc:16:88:6b:58:f6:06:36:d4:de:cf:cc:d0:59:
                    68:94:c9:60:62:fd:ae:91:64:f5:ed:c5:a3:01:4f:
                    9f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:70:9B:EA:84:14:36:83:F8:AF:96:69:03:4D:76:F5:FA:32:A5:9B
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:59:93:71:20:0a:ea:19:0d:53:1f:65:49:89:df:9c:46:5c:
         6e:08:fc:c5:ad:21:f1:ee:07:8e:66:4a:56:28:32:48:10:ec:
         4f:7b:38:3a:6d:fb:24:a6:9f:52:09:84:c1:6b:7d:bd:96:2b:
         16:3b:14:be:35:ea:2a:8a:83:17:2f:94:a4:3e:6a:a5:d4:02:
         0e:67:a2:ab:f7:42:82:50:4e:b3:0e:9f:ff:47:82:21:f5:2b:
         cd:55:29:a5:f9:3a:fe:2f:12:79:5b:0a:1a:3a:70:28:f0:3c:
         83:89:a8:f6:10:5c:7d:02:ff:09:dc:1a:80:6b:66:f6:9f:11:
         5b:3d:09:b5:05:64:f9:b7:3f:f7:f7:71:5e:0b:0b:03:72:6c:
         69:40:7b:0a:4f:43:da:e7:f6:50:03:4b:39:55:0f:d4:68:64:
         ab:87:f5:60:2f:4c:a7:ce:07:41:2b:8c:fe:35:89:93:dc:ad:
         fd:85:8f:bb:78:8a:88:00:6a:5d:5f:4f:31:2f:7b:e8:8d:9f:
         97:d6:7c:af:ea:7e:19:58:9b:b5:df:59:c0:e8:b4:df:59:d5:
         a2:db:93:f3:34:ac:65:10:4c:40:a6:49:74:49:fe:6d:7b:99:
         26:dc:3a:4d:f8:31:7c:b0:f5:54:5b:a3:85:28:84:88:92:a1:
         8c:98:db:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJFwc1eT/VKeYG1PBXqO7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNTEzMTAwMDUxWhcNMjUwNTE0MTAwMDUxWjAzMTEwLwYDVQQD
EygwMTcwOWJlYTg0MTQzNjgzZjhhZjk2NjkwMzRkNzZmNWZhMzJhNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4eyMcXm5q49ImpjLJtn9Te5MxfK
jp4JmoqF33s4l1P3Z89L7f6PPXPoVuKYsR0gzMCx7Ih4Z31hwIzqW1+sNduiyFPR
GHjKwsj3kkVnUG+VBnxi3yzMw/8t73RCMpwJHq1loMjZcYj0j6Dc1VEtoaxhF8Z4
bfKeiBaSpAXRl0g2EZeAiQjJ9+rZgDPWPjSV77j8m13eNfrw6hdp7KQ7gwTdBRjb
lOoppuJn8rkHOiABzbHC8J09wrFtjeuRKkiXMPIV5psiUEipvrVleBg9r87A9Ytf
zFTTLTozUfwtoAb73BaIa1j2BjbU3s/M0FlolMlgYv2ukWT17cWjAU+f0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFwm+qEFDaD+K+WaQNNdvX6MqWbMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApVmTcSAK
6hkNUx9lSYnfnEZcbgj8xa0h8e4HjmZKVigySBDsT3s4Om37JKafUgmEwWt9vZYr
FjsUvjXqKoqDFy+UpD5qpdQCDmeiq/dCglBOsw6f/0eCIfUrzVUppfk6/i8SeVsK
GjpwKPA8g4mo9hBcfQL/CdwagGtm9p8RWz0JtQVk+bc/9/dxXgsLA3JsaUB7Ck9D
2uf2UANLOVUP1Ghkq4f1YC9Mp84HQSuM/jWJk9yt/YWPu3iKiABqXV9PMS976I2f
l9Z8r+p+GVibtd9ZwOi031nVotuT8zSsZRBMQKZJdEn+bXuZJtw6TfgxfLD1VFuj
hSiEiJKhjJjbpw==
-----END CERTIFICATE-----