Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          4ASb927iekn837Nn1lNJ8pqUaWZOrXRuaa23poaw46E=
Subject key identifier:   BC:5D:C1:E2:7E:E8:B7:2F:9A:1E:35:D1:DE:9C:79:73:6F:E5:62:50
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       0198D6614210025C62D417533882C2D8BFF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          0664
Signing time:             Sat 23 Aug 2025 10:02:34 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:34 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:34 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: w82UhtPCBt2VCFr17Kre+FhCEPGJqs8x7f9Heu6xMXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:42:10:02:5c:62:d4:17:53:38:82:c2:d8:bf:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Aug 23 10:02:34 2025 GMT
            Not After : Aug 24 10:02:34 2025 GMT
        Subject: CN=bc5dc1e27ee8b72f9a1e35d1de9c79736fe56250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:da:1e:9a:ec:3a:08:05:60:d7:ba:f8:98:47:
                    00:73:f9:e7:95:0a:2c:3c:65:d3:fd:a3:74:d4:bf:
                    2a:d2:d2:38:6e:39:79:12:34:6a:ff:fa:93:d3:cb:
                    8d:02:e9:47:80:4d:5a:99:b5:c1:7e:94:14:7d:8b:
                    a5:ec:5a:14:07:8c:ce:23:e1:c4:7b:61:5a:ca:ab:
                    dc:88:c0:ae:50:89:53:ed:ac:3b:6f:5d:dc:61:9a:
                    e8:65:80:e1:e4:a1:86:59:4c:8e:0d:76:6d:98:21:
                    0b:e9:14:89:c5:9f:e9:b0:f8:57:40:8a:26:13:f0:
                    68:76:38:27:b1:27:3e:ff:df:2e:49:45:d3:e8:56:
                    ef:a3:1e:d9:36:f4:d4:d0:ff:c1:b6:c6:26:45:db:
                    19:e4:83:44:a0:12:7f:d7:5d:48:9a:f3:b1:3c:a1:
                    3d:ab:3b:56:a1:28:9d:3c:2f:cd:67:4e:5d:f0:19:
                    1a:65:0f:ce:64:8b:74:1f:65:42:ba:cf:66:66:ce:
                    a7:e5:01:68:19:38:0b:22:aa:75:c1:a6:4b:5a:03:
                    d4:a9:92:a3:cf:50:47:80:dc:f5:c8:83:e4:c7:1f:
                    20:16:01:34:a4:5c:f9:98:be:bb:10:b0:af:6c:02:
                    a3:23:0f:ee:49:16:f7:bd:44:06:aa:9c:82:9f:67:
                    6b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5D:C1:E2:7E:E8:B7:2F:9A:1E:35:D1:DE:9C:79:73:6F:E5:62:50
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:c0:76:55:5b:71:71:60:67:a7:39:8d:c6:6f:29:f6:5d:e8:
         06:26:1c:10:29:67:73:93:ed:d0:6a:27:d4:04:60:b4:b1:77:
         2b:c9:b6:40:b8:92:b7:85:2a:85:c7:78:1a:5f:71:04:f7:64:
         27:f1:1d:05:63:46:2e:9a:82:0e:29:2c:26:20:b3:4d:af:11:
         54:6e:74:16:95:57:f5:e0:42:e2:20:cf:e4:7f:25:43:45:47:
         a9:27:39:06:ce:77:6a:8f:27:3e:55:1c:6d:5f:f5:79:a0:c8:
         26:97:bc:bf:99:60:6f:db:b0:8e:9b:58:6f:bf:97:81:6f:f6:
         ce:5e:81:bf:3c:21:ba:08:51:8a:db:ea:91:be:7b:cc:f4:92:
         21:88:8c:21:82:bc:8e:9f:6f:85:34:0b:17:ae:91:1c:26:6d:
         2e:d5:27:24:04:45:8c:68:69:b7:d0:b2:92:0c:9b:34:50:4d:
         e2:71:c2:a5:07:63:7f:e6:d3:be:5c:50:62:e6:c9:2b:b3:17:
         96:bb:6c:cc:e2:63:75:65:68:c6:50:ff:98:1d:67:9b:1e:38:
         a5:1c:19:ac:54:ff:ca:2a:78:8e:f0:6d:c3:c5:53:91:af:66:
         ee:11:4c:89:11:0c:ca:3e:20:99:d5:32:5b:f4:22:3a:86:5f:
         31:ba:ff:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYUIQAlxi1BdTOILC2L/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUwODIzMTAwMjM0WhcNMjUwODI0MTAwMjM0WjAzMTEwLwYDVQQD
EyhiYzVkYzFlMjdlZThiNzJmOWExZTM1ZDFkZTljNzk3MzZmZTU2MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9oemuw6CAVg17r4mEcAc/nnlQos
PGXT/aN01L8q0tI4bjl5EjRq//qT08uNAulHgE1ambXBfpQUfYul7FoUB4zOI+HE
e2FayqvciMCuUIlT7aw7b13cYZroZYDh5KGGWUyODXZtmCEL6RSJxZ/psPhXQIom
E/BodjgnsSc+/98uSUXT6Fbvox7ZNvTU0P/BtsYmRdsZ5INEoBJ/111ImvOxPKE9
qztWoSidPC/NZ05d8BkaZQ/OZIt0H2VCus9mZs6n5QFoGTgLIqp1waZLWgPUqZKj
z1BHgNz1yIPkxx8gFgE0pFz5mL67ELCvbAKjIw/uSRb3vUQGqpyCn2drJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxdweJ+6Lcvmh410d6ceXNv5WJQMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMB2VVtx
cWBnpzmNxm8p9l3oBiYcEClnc5Pt0Gon1ARgtLF3K8m2QLiSt4Uqhcd4Gl9xBPdk
J/EdBWNGLpqCDiksJiCzTa8RVG50FpVX9eBC4iDP5H8lQ0VHqSc5Bs53ao8nPlUc
bV/1eaDIJpe8v5lgb9uwjptYb7+XgW/2zl6BvzwhughRitvqkb57zPSSIYiMIYK8
jp9vhTQLF66RHCZtLtUnJARFjGhpt9CykgybNFBN4nHCpQdjf+bTvlxQYubJK7MX
lrtszOJjdWVoxlD/mB1nmx44pRwZrFT/yip4jvBtw8VTka9m7hFMiREMyj4gmdUy
W/QiOoZfMbr/XQ==
-----END CERTIFICATE-----