Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          2XUt3rSVg19PQFWMLxtTsHGkNNTjwjg0Z4+GNa9otYI=
Subject key identifier:   0F:F6:3F:3D:DC:56:03:96:09:E0:16:C3:8F:05:87:10:93:77:22:EF
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       0196AA679D82FCCBF206F024D7914A45C3E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          054E
Signing time:             Wed 07 May 2025 11:00:39 +0000
Manifest this update:     Wed 07 May 2025 11:00:39 +0000
Manifest next update:     Thu 08 May 2025 11:00:39 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: IH+1hqqnwzw/MyIeOMLPTy3gYaDhhCWu91lVtS17rGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 11:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:67:9d:82:fc:cb:f2:06:f0:24:d7:91:4a:45:c3:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: May  7 11:00:39 2025 GMT
            Not After : May  8 11:00:39 2025 GMT
        Subject: CN=0ff63f3ddc56039609e016c38f058710937722ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c2:76:57:e3:7f:b6:17:c6:fd:48:6a:ac:b3:
                    9b:53:96:5e:4d:b7:15:7a:cb:17:72:7d:11:a9:eb:
                    23:b0:b1:3a:28:fe:1c:e4:9e:d7:21:5f:7b:6a:41:
                    54:ee:33:17:f6:2d:1d:9e:8d:21:bd:a7:1d:85:a9:
                    ef:3f:17:69:7b:08:04:b9:58:4b:f6:90:77:43:5b:
                    f0:19:7a:99:14:54:bf:3c:c6:a4:d2:da:69:01:76:
                    12:15:b1:45:1e:b1:6a:ee:37:5e:5f:1f:2b:9a:ff:
                    94:97:67:b5:4f:eb:08:0e:00:58:f6:7b:1d:b6:0f:
                    5f:61:03:b3:4c:b8:1c:91:38:b6:e5:1b:f7:45:e0:
                    fb:4f:f5:c9:ed:2d:7a:c4:84:3a:13:0b:dd:7d:58:
                    8b:52:bf:de:76:3e:81:e3:3a:06:0b:3f:9e:63:54:
                    fe:69:b7:33:cd:f2:5a:db:ad:be:4d:66:68:b1:8b:
                    80:23:c8:15:ba:53:fb:e5:ea:80:b9:5a:4f:40:53:
                    28:16:2b:70:3b:4d:08:d1:a7:88:17:a3:26:24:8c:
                    9f:59:2b:d9:7f:e3:a0:cb:47:3c:3e:ed:2b:62:fb:
                    a7:80:d6:36:fa:6c:ff:14:25:80:bc:07:9d:88:14:
                    24:75:4b:67:35:35:f2:67:b0:66:69:71:5d:cd:75:
                    48:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:F6:3F:3D:DC:56:03:96:09:E0:16:C3:8F:05:87:10:93:77:22:EF
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:83:bf:dd:e2:9f:1a:0c:49:d6:bf:ef:c1:be:df:6d:e0:98:
         3e:e2:fd:af:7c:6b:9a:c7:cd:02:0e:47:53:bd:80:c7:f0:ab:
         ed:eb:6b:21:82:b4:a5:83:8e:c0:2b:e7:11:3b:d4:f9:ce:48:
         9f:76:45:bf:7b:ea:38:a4:9c:a7:5a:8f:1f:19:22:bf:84:00:
         a7:05:77:d9:32:15:c4:51:16:06:75:15:92:55:55:c2:7e:b8:
         98:e6:14:99:a4:be:30:ec:27:b1:48:ea:47:69:98:c1:bc:16:
         0a:33:bf:e5:da:83:b2:35:57:c8:97:3a:47:84:22:ce:10:09:
         fe:58:dc:ce:0b:f0:a8:c6:ff:0e:bd:30:ca:59:a9:f5:57:4c:
         10:e8:1e:bd:67:9e:ef:26:1b:d2:af:1f:7f:0e:21:c9:f8:d9:
         bd:49:63:9d:fb:ff:6a:63:ec:83:47:da:97:8c:40:2b:a9:2e:
         dd:93:d3:ae:cc:5c:fb:c0:51:65:f9:2c:34:2f:8e:87:00:58:
         8f:84:ac:81:8c:c8:cb:05:f2:91:9f:10:ed:fb:36:61:da:a2:
         63:1a:0a:6d:8e:ef:32:32:07:2b:4e:f3:08:a8:ae:9d:66:0f:
         68:be:1c:5d:c4:61:e4:6f:4c:c3:c7:c0:a3:6d:78:da:0d:0d:
         16:49:01:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqZ52C/MvyBvAk15FKRcPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjUwNTA3MTEwMDM5WhcNMjUwNTA4MTEwMDM5WjAzMTEwLwYDVQQD
EygwZmY2M2YzZGRjNTYwMzk2MDllMDE2YzM4ZjA1ODcxMDkzNzcyMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8J2V+N/thfG/UhqrLObU5ZeTbcV
essXcn0RqesjsLE6KP4c5J7XIV97akFU7jMX9i0dno0hvacdhanvPxdpewgEuVhL
9pB3Q1vwGXqZFFS/PMak0tppAXYSFbFFHrFq7jdeXx8rmv+Ul2e1T+sIDgBY9nsd
tg9fYQOzTLgckTi25Rv3ReD7T/XJ7S16xIQ6EwvdfViLUr/edj6B4zoGCz+eY1T+
abczzfJa262+TWZosYuAI8gVulP75eqAuVpPQFMoFitwO00I0aeIF6MmJIyfWSvZ
f+Ogy0c8Pu0rYvungNY2+mz/FCWAvAediBQkdUtnNTXyZ7BmaXFdzXVICwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/2Pz3cVgOWCeAWw48FhxCTdyLvMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl4O/3eKf
GgxJ1r/vwb7fbeCYPuL9r3xrmsfNAg5HU72Ax/Cr7etrIYK0pYOOwCvnETvU+c5I
n3ZFv3vqOKScp1qPHxkiv4QApwV32TIVxFEWBnUVklVVwn64mOYUmaS+MOwnsUjq
R2mYwbwWCjO/5dqDsjVXyJc6R4QizhAJ/ljczgvwqMb/Dr0wylmp9VdMEOgevWee
7yYb0q8ffw4hyfjZvUljnfv/amPsg0fal4xAK6ku3ZPTrsxc+8BRZfksNC+OhwBY
j4SsgYzIywXykZ8Q7fs2YdqiYxoKbY7vMjIHK07zCKiunWYPaL4cXcRh5G9Mw8fA
o2142g0NFkkBvA==
-----END CERTIFICATE-----