Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
File:                     YzkukpMXrmveCKWjuYorcB3biTo.mft (raw, json)
Hash identifier:          s4IDPXhJnwi7+hnfZbyFDSRJRQcz2I1wJUbhzW7dSnQ=
Subject key identifier:   E6:F1:F1:41:D2:02:38:5B:89:06:95:7A:46:40:F2:D1:C9:C3:45:F7
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Certificate issuer:       /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial:       0197B77C9B53FEAAF1C0E13FD3482A34A6A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
Manifest number:          0428
Signing time:             Sat 28 Jun 2025 17:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:26 +0000
Files and hashes:         1: 149n__WzdkzcvdiXj75CSwt4Ke0.roa (hash: oADfnpg1xyxZ/pO3JlbyLqogHqwwtBMcwMf9vhuxjOk=)
                          2: 1QgqhoL1f8rVrZsBTbv_ukiW3_U.roa (hash: FtHGg2smc+8B3MpNfm7Vb9xIWP4EyZ43pe81r6EdMLE=)
                          3: 3Tq13WIcjE4wrF9fmJGXuJJ3EA0.roa (hash: GyLSfZMIbW5GjQFGTgFakvct5lf6SBp5gMlZA4ZRfho=)
                          4: ABDpUe6jePBPX3_7idJW6VskjUI.roa (hash: 2uJVw8Yy1UzBrXOxGkJR0fZMeZhMvBwUcqLsaXLYQjE=)
                          5: Bs4lhpAgPxLI2sivKmGtlx_Lp3k.roa (hash: qE6cO8k8x/RBn9klunLlEIx8ylpZgmFO4HaBZgdaXEY=)
                          6: J16kp0dolEOcPzZi0oKr2BD75BI.roa (hash: mBVv2zMp/NRzR+bYpY82u+arKMz/jM+I0mvUD0HUt84=)
                          7: MQ2EgPtIqGeY6J-TWaJXDqs9Nug.roa (hash: DTWQ1BaF1eB35acgiW005UdG4BqBQvAvS2KuGYP/fIY=)
                          8: Smlnej5n6B69IkLJuHE_uEPKvkM.roa (hash: ZGTm9kLyb+TVFfvRl0Z+2C+98Be3iA8+F42uOm7E6Cg=)
                          9: WNd31FKfDVJsTEByrggsuNBHueg.roa (hash: tedpCisNTHVOKJzXOyZVhC8FIa9J18s6krEoaMi/yH0=)
                          10: YzkukpMXrmveCKWjuYorcB3biTo.crl (hash: Sj860yFw8T7joIy2VFK6qXIeFQk7xjnnHP8GvJ+f+ZE=)
                          11: ZtBVD_gU9JHOidmFecie_EQftRo.roa (hash: TATv9KEl0G9zS/KJs9wWiYzEnpI8uOZdyHODf/h2Zv8=)
                          12: _irPLRofiW2yAiqGHceh7pxbGfo.roa (hash: LcENOil0eGI9fBrHK+Rr0FvqGbc2XbDucHTRV9ZcpPY=)
                          13: j7OTX4J28Js-0w5isT2PIZS_18Q.roa (hash: frKELQxJcl50qW1No3dGQO6ukFhHZwkNa2ShR84gmOI=)
                          14: mJz6Vh5vX_Z8nl77wAqDRKiONe0.roa (hash: kZsXj53UOHVZH65D+DagMxEuLkLg5qPiHvCvjzQpYs0=)
                          15: uqLYyX7fpTti8-AF-6r_j-EcjDY.roa (hash: UbDlJKnkkpKS4MFq+3EvkRXJ4h5CCs/Q6DUr0IXogUA=)
                          16: wtC2uqCyAY1EaN9QwS8TP1Kn0VI.roa (hash: db0oe3co74b5HA+JQAKN4n6gQCMTGZCJAz+X0/LsIjQ=)
                          17: y0NhIWgTEJUn3OyUdcDPuX30xHU.roa (hash: RhHl7+/yQQJ2O2zcuVJ2Qb8j0j9FdT6wy4ZLGMABh6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:9b:53:fe:aa:f1:c0:e1:3f:d3:48:2a:34:a6:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
        Validity
            Not Before: Jun 28 17:01:26 2025 GMT
            Not After : Jun 29 17:01:26 2025 GMT
        Subject: CN=e6f1f141d202385b8906957a4640f2d1c9c345f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c2:27:61:2f:2b:9a:64:48:62:4f:fa:2b:cd:
                    ce:25:c6:4d:7b:62:c2:bb:f5:51:a0:95:c1:7b:8d:
                    2c:d7:56:6f:fa:9b:7c:b1:43:48:bd:fa:5c:d4:42:
                    ba:58:1a:bb:86:f3:51:32:db:95:ca:eb:c7:c5:08:
                    ee:c5:78:7e:79:fd:e3:ea:8a:db:ed:50:3c:b1:99:
                    68:f6:4b:60:2a:db:13:cb:80:04:b8:28:7d:a0:5b:
                    65:72:c0:28:08:7a:27:74:ad:fd:17:d3:76:d6:95:
                    33:2e:c5:c7:f4:7b:1b:2e:06:bb:0b:48:3f:3d:de:
                    c5:99:d8:09:e6:81:a6:02:f4:0f:20:f4:e8:a1:b1:
                    17:ec:22:11:cc:da:8a:1b:b3:66:69:fb:03:31:0c:
                    a9:5d:51:e6:38:72:86:7b:5a:8c:e9:42:71:0c:be:
                    71:8f:ed:b8:37:26:ee:5c:0b:4e:ce:6e:18:12:93:
                    0d:8d:55:8d:37:3f:06:79:84:98:a6:28:d0:24:73:
                    3b:ee:81:48:02:30:ee:8d:b7:d6:c2:cd:2a:fd:44:
                    71:0b:47:ed:55:2a:30:1e:37:3e:de:cc:03:c6:7a:
                    b3:96:a4:8d:87:b8:f4:07:5f:ed:51:0c:c0:65:13:
                    78:c5:27:47:03:61:95:74:4e:34:fa:5e:b0:1c:bf:
                    b3:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:F1:F1:41:D2:02:38:5B:89:06:95:7A:46:40:F2:D1:C9:C3:45:F7
            X509v3 Authority Key Identifier:
                keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:14:b9:e4:f6:7b:ed:2c:91:4c:70:72:3c:17:e5:64:3c:5a:
         7b:ee:47:25:82:c5:f1:2c:a1:31:62:90:f7:df:a9:af:ff:ba:
         f9:af:9b:7a:96:86:39:08:c4:fb:3f:e6:49:bf:bc:bd:38:35:
         d3:36:f8:5b:1d:e3:e3:1d:e8:b8:93:c7:8d:85:67:1c:4b:0b:
         a1:3a:29:0b:52:e7:38:07:ae:56:d1:51:f5:db:9e:98:41:6c:
         e7:d0:49:bc:81:7b:6b:0c:35:ea:a1:38:4e:c5:46:41:70:b3:
         2c:1c:eb:43:3c:39:e5:b7:37:d7:3b:23:d3:73:89:5a:b0:3a:
         b1:82:ad:a5:da:9f:c1:f3:4f:82:72:65:31:0e:35:00:2d:96:
         14:4a:53:6b:e3:cb:24:91:df:c0:8f:e0:95:a8:b5:33:d5:32:
         3c:b0:8e:a5:a6:8f:51:fb:50:32:8e:a2:c3:18:87:33:6c:66:
         ec:54:b8:d8:34:70:31:89:48:08:48:0d:f7:b7:ca:f8:7a:01:
         bb:6a:6d:cc:3a:dc:6b:77:f1:83:c7:ad:d6:c2:8c:15:a0:d9:
         7f:17:64:d1:49:a2:3a:32:05:fb:74:a7:11:a8:00:c8:5b:28:
         a9:69:ef:a1:15:7e:01:76:f9:cb:27:e6:f9:50:3a:cc:2e:f7:
         aa:84:1a:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJtT/qrxwOE/00gqNKaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjUwNjI4MTcwMTI2WhcNMjUwNjI5MTcwMTI2WjAzMTEwLwYDVQQD
EyhlNmYxZjE0MWQyMDIzODViODkwNjk1N2E0NjQwZjJkMWM5YzM0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucInYS8rmmRIYk/6K83OJcZNe2LC
u/VRoJXBe40s11Zv+pt8sUNIvfpc1EK6WBq7hvNRMtuVyuvHxQjuxXh+ef3j6orb
7VA8sZlo9ktgKtsTy4AEuCh9oFtlcsAoCHondK39F9N21pUzLsXH9HsbLga7C0g/
Pd7FmdgJ5oGmAvQPIPToobEX7CIRzNqKG7NmafsDMQypXVHmOHKGe1qM6UJxDL5x
j+24NybuXAtOzm4YEpMNjVWNNz8GeYSYpijQJHM77oFIAjDujbfWws0q/URxC0ft
VSowHjc+3swDxnqzlqSNh7j0B1/tUQzAZRN4xSdHA2GVdE40+l6wHL+zSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObx8UHSAjhbiQaVekZA8tHJw0X3MB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBS55PZ7
7SyRTHByPBflZDxae+5HJYLF8SyhMWKQ99+pr/+6+a+bepaGOQjE+z/mSb+8vTg1
0zb4Wx3j4x3ouJPHjYVnHEsLoTopC1LnOAeuVtFR9duemEFs59BJvIF7aww16qE4
TsVGQXCzLBzrQzw55bc31zsj03OJWrA6sYKtpdqfwfNPgnJlMQ41AC2WFEpTa+PL
JJHfwI/glai1M9UyPLCOpaaPUftQMo6iwxiHM2xm7FS42DRwMYlICEgN97fK+HoB
u2ptzDrca3fxg8et1sKMFaDZfxdk0UmiOjIF+3SnEagAyFsoqWnvoRV+AXb5yyfm
+VA6zC73qoQarw==
-----END CERTIFICATE-----