Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          yORNEORUSoxvUBOt/ykCi8m/ciALRNLx5yiTSfZu1OA=
Subject key identifier:   CF:33:FF:18:96:3C:77:D6:38:C0:3A:59:B7:54:FE:3D:5F:4B:C7:86
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       0197B6A2161CA38A90A9A36330C02DB1D6C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          05CF
Signing time:             Sat 28 Jun 2025 13:02:45 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:45 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:45 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: N4vSJO26M109537CxWy3l1L9Xpw4TmMesad0Jj/LC4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:16:1c:a3:8a:90:a9:a3:63:30:c0:2d:b1:d6:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Jun 28 13:02:45 2025 GMT
            Not After : Jun 29 13:02:45 2025 GMT
        Subject: CN=cf33ff18963c77d638c03a59b754fe3d5f4bc786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0e:d6:87:26:bb:2b:78:ff:91:f2:00:cd:d3:
                    b1:05:4c:ba:5f:fb:f1:0d:2d:a7:30:8f:65:ba:78:
                    54:bb:21:76:a7:6c:8b:98:23:e0:b6:19:fe:1a:0e:
                    d8:17:a0:f8:5c:5d:df:35:41:a2:02:ba:22:1b:1a:
                    96:f2:85:0c:8d:b1:24:fb:50:df:b1:cb:24:3e:fd:
                    db:85:3e:09:70:8e:30:cd:2c:8f:65:c3:30:b2:a5:
                    55:f7:3a:23:02:38:49:97:01:09:4c:a7:d4:d8:a3:
                    d1:84:70:b5:9b:b6:f3:02:7b:21:74:d0:2a:20:8b:
                    4c:c0:6a:f3:fb:8b:f3:8b:5f:a9:63:26:69:db:0e:
                    a3:d5:8c:3d:39:ff:3d:d6:12:67:4b:c8:13:c3:51:
                    c1:85:79:00:bb:b2:02:b7:ce:56:a1:71:6f:bc:f0:
                    36:de:57:f3:12:fc:b7:95:42:1a:07:49:38:ae:b3:
                    02:38:19:7a:0a:a1:ce:72:34:70:20:71:6a:b7:c7:
                    ee:83:09:6d:50:1f:a1:92:d0:ae:91:0f:1b:20:8f:
                    33:ce:ad:e7:45:ac:ce:fe:8d:97:ea:b8:f8:13:8b:
                    bf:96:19:92:cb:a0:c1:ae:81:5c:de:96:d1:38:22:
                    06:bc:2e:a5:3f:07:91:c4:f0:38:17:6a:b7:2f:0b:
                    77:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:33:FF:18:96:3C:77:D6:38:C0:3A:59:B7:54:FE:3D:5F:4B:C7:86
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:e6:db:27:c6:4f:75:51:71:62:7d:e3:57:77:7d:59:b2:e7:
         fb:03:df:a1:af:bc:ef:d7:5b:d9:b7:1c:03:23:b5:6d:48:1f:
         5e:8c:63:d0:55:28:4f:22:88:ee:28:54:50:e9:43:3f:af:97:
         a1:fa:ad:c9:cb:76:ee:2a:e4:dd:2d:20:7a:47:77:1e:20:26:
         71:82:23:75:13:8f:63:3c:74:08:11:d8:d7:86:47:08:2d:02:
         84:d9:f9:e2:55:20:fe:2d:0c:45:30:55:94:9b:14:8a:18:75:
         18:6d:0f:3a:ad:6a:bc:6e:c4:a2:07:6c:49:54:2d:a3:98:76:
         a3:0d:e1:24:b1:79:f0:14:4b:a5:d1:76:dc:73:f9:d7:ba:a1:
         c0:18:6a:8d:06:68:c6:56:ce:c7:12:ef:75:48:c3:c1:98:93:
         31:57:c0:1c:44:cb:b6:60:17:4c:1d:6e:28:3d:a3:16:8b:2b:
         80:1c:fc:d7:ce:c7:76:0c:6f:9c:66:fd:af:3e:f0:b2:05:a7:
         f2:4c:b6:f7:03:6c:b1:f3:5f:70:47:c0:76:4e:d5:66:12:8b:
         29:4c:7b:ee:5b:f9:6f:70:2a:3d:42:d7:74:3f:49:d7:6d:83:
         bd:17:ac:6d:41:bd:05:b1:fb:74:98:b2:cf:da:aa:f8:4e:1c:
         a8:b3:f6:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ohYco4qQqaNjMMAtsdbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwNjI4MTMwMjQ1WhcNMjUwNjI5MTMwMjQ1WjAzMTEwLwYDVQQD
EyhjZjMzZmYxODk2M2M3N2Q2MzhjMDNhNTliNzU0ZmUzZDVmNGJjNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A7Whya7K3j/kfIAzdOxBUy6X/vx
DS2nMI9lunhUuyF2p2yLmCPgthn+Gg7YF6D4XF3fNUGiAroiGxqW8oUMjbEk+1Df
scskPv3bhT4JcI4wzSyPZcMwsqVV9zojAjhJlwEJTKfU2KPRhHC1m7bzAnshdNAq
IItMwGrz+4vzi1+pYyZp2w6j1Yw9Of891hJnS8gTw1HBhXkAu7ICt85WoXFvvPA2
3lfzEvy3lUIaB0k4rrMCOBl6CqHOcjRwIHFqt8fugwltUB+hktCukQ8bII8zzq3n
RazO/o2X6rj4E4u/lhmSy6DBroFc3pbROCIGvC6lPweRxPA4F2q3Lwt34wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8z/xiWPHfWOMA6WbdU/j1fS8eGMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIObbJ8ZP
dVFxYn3jV3d9WbLn+wPfoa+879db2bccAyO1bUgfXoxj0FUoTyKI7ihUUOlDP6+X
ofqtyct27irk3S0gekd3HiAmcYIjdROPYzx0CBHY14ZHCC0ChNn54lUg/i0MRTBV
lJsUihh1GG0POq1qvG7EogdsSVQto5h2ow3hJLF58BRLpdF23HP517qhwBhqjQZo
xlbOxxLvdUjDwZiTMVfAHETLtmAXTB1uKD2jFosrgBz8187HdgxvnGb9rz7wsgWn
8ky29wNssfNfcEfAdk7VZhKLKUx77lv5b3AqPULXdD9J122DvResbUG9BbH7dJiy
z9qq+E4cqLP26Q==
-----END CERTIFICATE-----