Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
File:                     Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json)
Hash identifier:          AVo5AyuOVpR+HB6wxduVu2puauKfTlVCn1fslHyuv6g=
Subject key identifier:   ED:90:1C:F1:00:33:E8:97:B7:26:23:42:28:D3:84:57:8B:F3:96:1A
Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04
Certificate issuer:       /CN=6289eb9dd968eda4a79564c2e06a683842297a04
Certificate serial:       0196B7EC750A1660953043E47276FD279130
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
Manifest number:          0250
Signing time:             Sat 10 May 2025 02:00:49 +0000
Manifest this update:     Sat 10 May 2025 02:00:49 +0000
Manifest next update:     Sun 11 May 2025 02:00:49 +0000
Files and hashes:         1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: ONPh5qr1r3cTPnY5jripj1lkxRCCCHeEW0DakQDmxEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 02:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:ec:75:0a:16:60:95:30:43:e4:72:76:fd:27:91:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04
        Validity
            Not Before: May 10 02:00:49 2025 GMT
            Not After : May 11 02:00:49 2025 GMT
        Subject: CN=ed901cf10033e897b726234228d384578bf3961a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ea:8c:fe:a6:35:a4:7b:15:53:36:3f:c2:55:
                    80:17:ec:70:e3:a5:77:64:c0:86:b4:0d:00:09:a8:
                    27:38:cd:96:37:a9:39:86:76:34:01:99:89:5a:a5:
                    22:3c:d5:c3:32:89:30:15:99:ad:af:00:3f:46:4a:
                    60:1a:7b:a7:19:c6:53:08:5e:5c:75:45:46:b4:c2:
                    33:32:ee:e8:c3:74:64:e1:35:b6:3c:ea:e6:cd:db:
                    c2:f4:4f:72:16:72:e9:a7:c1:03:76:51:27:cf:61:
                    e6:1e:52:77:18:cc:8f:d3:ff:f7:fe:02:d0:3f:b8:
                    8c:72:47:a8:9d:40:ce:c8:4d:a2:93:04:79:5d:22:
                    41:33:42:69:cf:0f:6e:57:f4:2d:96:c2:73:08:21:
                    20:ca:57:26:be:7d:6c:52:a4:e6:bb:08:2c:84:0f:
                    b4:aa:13:7d:93:61:be:fc:4a:d4:0f:de:75:05:6b:
                    74:cd:20:50:bd:de:a0:bd:bb:16:43:af:2a:77:e7:
                    13:ae:a5:86:c2:02:27:22:7e:79:f2:4f:2a:b9:1d:
                    8d:f6:e0:80:9b:53:1b:b6:b0:bf:e7:48:d6:94:63:
                    0e:20:8b:97:69:6b:51:db:49:85:01:08:ed:af:2b:
                    3c:60:46:7d:42:e0:c1:85:4b:3a:1b:cb:3d:b1:7f:
                    23:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:90:1C:F1:00:33:E8:97:B7:26:23:42:28:D3:84:57:8B:F3:96:1A
            X509v3 Authority Key Identifier:
                keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:0d:61:4a:33:91:b6:86:6c:26:c1:de:1b:15:f3:73:4a:fc:
         1a:bd:4b:b7:88:b1:b8:ab:97:0e:e0:ac:95:72:69:d6:c6:ea:
         9e:92:bb:3a:07:a5:cc:44:60:96:bc:5e:33:6b:b5:79:c3:fa:
         38:45:9e:07:d0:97:47:b8:3b:1f:4e:85:30:4d:6e:12:9b:d0:
         fd:42:30:86:6c:c1:ba:74:fb:ab:e3:2a:80:7a:cb:bc:34:bf:
         c3:34:e8:62:99:c3:c5:fd:73:d7:0e:93:dd:97:cf:0d:33:81:
         75:b3:e8:08:1b:2b:88:3c:50:c3:5f:1d:35:2c:08:de:3c:84:
         b7:98:16:a8:2e:d4:2f:dc:bc:81:e0:25:76:8d:94:97:81:19:
         8b:f4:13:f2:c9:61:2e:04:57:65:08:96:a7:4d:10:b5:8a:04:
         be:84:eb:80:6a:c5:e1:2b:9a:81:75:2b:ab:93:02:cf:65:06:
         d7:d1:c9:b9:9c:25:80:41:d5:95:45:ce:c5:12:ba:d4:5d:a7:
         71:fc:8d:7c:6f:31:95:be:54:fc:5e:bd:71:32:29:a0:83:a7:
         35:e6:87:06:47:10:24:7d:f4:4a:e8:f9:f3:08:a3:40:a6:a4:
         56:22:44:d2:74:8b:b9:ce:69:ce:b9:e4:e2:93:a5:71:41:08:
         8b:7e:40:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa37HUKFmCVMEPkcnb9J5EwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy
OTdhMDQwHhcNMjUwNTEwMDIwMDQ5WhcNMjUwNTExMDIwMDQ5WjAzMTEwLwYDVQQD
EyhlZDkwMWNmMTAwMzNlODk3YjcyNjIzNDIyOGQzODQ1NzhiZjM5NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+qM/qY1pHsVUzY/wlWAF+xw46V3
ZMCGtA0ACagnOM2WN6k5hnY0AZmJWqUiPNXDMokwFZmtrwA/RkpgGnunGcZTCF5c
dUVGtMIzMu7ow3Rk4TW2POrmzdvC9E9yFnLpp8EDdlEnz2HmHlJ3GMyP0//3/gLQ
P7iMckeonUDOyE2ikwR5XSJBM0Jpzw9uV/QtlsJzCCEgylcmvn1sUqTmuwgshA+0
qhN9k2G+/ErUD951BWt0zSBQvd6gvbsWQ68qd+cTrqWGwgInIn558k8quR2N9uCA
m1MbtrC/50jWlGMOIIuXaWtR20mFAQjtrys8YEZ9QuDBhUs6G8s9sX8jSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2QHPEAM+iXtyYjQijThFeL85YaMB8GA1UdIwQY
MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt
ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw
LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbw1hSjOR
toZsJsHeGxXzc0r8Gr1Lt4ixuKuXDuCslXJp1sbqnpK7OgelzERglrxeM2u1ecP6
OEWeB9CXR7g7H06FME1uEpvQ/UIwhmzBunT7q+MqgHrLvDS/wzToYpnDxf1z1w6T
3ZfPDTOBdbPoCBsriDxQw18dNSwI3jyEt5gWqC7UL9y8geAldo2Ul4EZi/QT8slh
LgRXZQiWp00QtYoEvoTrgGrF4SuagXUrq5MCz2UG19HJuZwlgEHVlUXOxRK61F2n
cfyNfG8xlb5U/F69cTIpoIOnNeaHBkcQJH30Suj58wijQKakViJE0nSLuc5pzrnk
4pOlcUEIi35ACA==
-----END CERTIFICATE-----