Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          0JMeWJJj41jk+iDffqA9wWnEBlVaGQ9cisb+iUqqJS4=
Subject key identifier:   57:51:C6:17:BD:20:60:25:68:84:40:D4:49:58:C6:55:DE:D6:10:1B
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       0197B70E5A041E0389C2B8BF3EFFF35A3450
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          02CD
Signing time:             Sat 28 Jun 2025 15:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:00 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: iYJnD3Nf1/7GC0vIhIlmIDP5RUdndvhzxg3YupniOrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:5a:04:1e:03:89:c2:b8:bf:3e:ff:f3:5a:34:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Jun 28 15:01:00 2025 GMT
            Not After : Jun 29 15:01:00 2025 GMT
        Subject: CN=5751c617bd206025688440d44958c655ded6101b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:84:6b:8b:be:e2:b4:33:bf:7d:da:f9:df:e0:
                    e2:86:58:68:6f:2a:4b:45:35:9a:68:73:b8:b5:ba:
                    43:74:e1:c3:95:84:8f:ec:df:2f:7f:43:e0:70:8a:
                    8c:a8:33:ee:57:5b:f5:5e:65:ba:4f:b4:6d:a8:bb:
                    1b:85:ba:c6:95:ed:27:19:54:b1:7a:62:97:91:4a:
                    ef:e6:34:a8:80:1b:5a:eb:8e:79:9f:30:f4:7d:1b:
                    67:c0:72:8e:90:f3:1f:51:7b:30:f1:09:69:57:8f:
                    5f:47:db:66:06:b4:6c:f2:44:ea:c1:cb:71:09:db:
                    cf:fe:7c:00:74:8b:61:24:4f:c7:51:0e:84:4e:2c:
                    30:ee:cd:e2:24:50:4b:89:43:21:64:d5:dd:62:f2:
                    ad:81:c1:4e:39:d9:6f:2e:73:01:3c:76:f2:a9:82:
                    44:96:4b:b6:6d:e3:2b:63:e2:3c:d1:a7:7e:5c:86:
                    81:da:4b:84:6d:e0:7d:55:29:a1:29:1e:a9:4c:93:
                    6e:56:48:8d:cc:b7:c7:d7:53:f7:3c:d7:00:10:2c:
                    ac:8b:ab:8f:aa:7a:15:89:8d:26:b2:0d:56:1f:81:
                    0b:16:8d:ec:1c:cb:73:13:32:61:09:b0:0d:e2:80:
                    71:ec:4a:94:13:f7:98:80:fd:af:f6:34:2f:33:33:
                    d3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:51:C6:17:BD:20:60:25:68:84:40:D4:49:58:C6:55:DE:D6:10:1B
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:79:23:13:b3:a5:e2:22:8c:ce:ca:87:c6:77:8c:86:9a:6b:
         37:86:09:12:f4:b8:cc:7d:5a:72:86:65:c4:f3:c0:a1:e4:2f:
         e5:fe:9d:e7:f5:c4:12:6d:76:23:f8:ec:65:3f:dc:33:7d:20:
         03:78:b2:6f:7c:f4:69:30:f5:87:28:11:ab:99:31:1d:f9:1b:
         f3:25:93:73:a2:d9:ee:c2:b8:d1:54:7c:76:96:d1:1c:63:c7:
         9d:40:63:11:da:bd:7d:d0:44:68:61:f7:a4:63:e3:71:51:24:
         8e:4c:95:aa:4e:46:14:3c:c8:0b:63:78:d8:2c:0b:11:e4:f1:
         42:ec:44:71:7b:56:0c:6e:bb:c9:90:71:af:fd:ad:f9:79:d2:
         7c:d7:2c:c7:bd:c2:f6:f8:5f:aa:68:a0:b2:7b:ea:30:40:fa:
         91:75:35:dc:45:ba:bc:18:eb:57:65:39:a0:7e:dd:f0:8a:c2:
         bb:1d:dc:77:07:0f:1b:bd:da:38:80:a0:73:d6:74:8b:09:f6:
         cb:96:b4:90:1b:5b:b0:5a:ea:17:b4:a7:48:5c:7b:cb:5c:63:
         35:bd:6f:7d:ff:67:ca:aa:d0:9c:a0:f3:52:ce:19:0e:52:b8:
         ea:22:2a:96:a6:42:ba:42:79:04:01:e1:36:11:95:4f:7d:77:
         e6:59:f2:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DloEHgOJwri/Pv/zWjRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwNjI4MTUwMTAwWhcNMjUwNjI5MTUwMTAwWjAzMTEwLwYDVQQD
Eyg1NzUxYzYxN2JkMjA2MDI1Njg4NDQwZDQ0OTU4YzY1NWRlZDYxMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIRri77itDO/fdr53+DihlhobypL
RTWaaHO4tbpDdOHDlYSP7N8vf0PgcIqMqDPuV1v1XmW6T7RtqLsbhbrGle0nGVSx
emKXkUrv5jSogBta6455nzD0fRtnwHKOkPMfUXsw8QlpV49fR9tmBrRs8kTqwctx
CdvP/nwAdIthJE/HUQ6ETiww7s3iJFBLiUMhZNXdYvKtgcFOOdlvLnMBPHbyqYJE
lku2beMrY+I80ad+XIaB2kuEbeB9VSmhKR6pTJNuVkiNzLfH11P3PNcAECysi6uP
qnoViY0msg1WH4ELFo3sHMtzEzJhCbAN4oBx7EqUE/eYgP2v9jQvMzPT1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdRxhe9IGAlaIRA1ElYxlXe1hAbMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlHkjE7Ol
4iKMzsqHxneMhpprN4YJEvS4zH1acoZlxPPAoeQv5f6d5/XEEm12I/jsZT/cM30g
A3iyb3z0aTD1hygRq5kxHfkb8yWTc6LZ7sK40VR8dpbRHGPHnUBjEdq9fdBEaGH3
pGPjcVEkjkyVqk5GFDzIC2N42CwLEeTxQuxEcXtWDG67yZBxr/2t+XnSfNcsx73C
9vhfqmigsnvqMED6kXU13EW6vBjrV2U5oH7d8IrCux3cdwcPG73aOICgc9Z0iwn2
y5a0kBtbsFrqF7SnSFx7y1xjNb1vff9nyqrQnKDzUs4ZDlK46iIqlqZCukJ5BAHh
NhGVT3135lny5A==
-----END CERTIFICATE-----