Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.mft
File:                     yTLAXdVS5YBU2FWljWFhlVP1HGM.mft (raw, json)
Hash identifier:          RJwHPfH6Yn7LYEimZyKjyXDleX7EKH2kKhlv6Muvwyk=
Subject key identifier:   F1:6B:F1:38:5E:32:FD:2F:75:A2:4C:EB:57:C5:B4:64:5B:D2:3B:3B
Authority key identifier: C9:32:C0:5D:D5:52:E5:80:54:D8:55:A5:8D:61:61:95:53:F5:1C:63
Certificate issuer:       /CN=c932c05dd552e58054d855a58d61619553f51c63
Certificate serial:       0197C7945AB2F1DA3DCADAE8086F028FFBB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yTLAXdVS5YBU2FWljWFhlVP1HGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.mft
Manifest number:          44
Signing time:             Tue 01 Jul 2025 20:01:17 +0000
Manifest this update:     Tue 01 Jul 2025 20:01:17 +0000
Manifest next update:     Wed 02 Jul 2025 20:01:17 +0000
Files and hashes:         1: yTLAXdVS5YBU2FWljWFhlVP1HGM.crl (hash: ou3JLVL8luajt8DHbG3v7bkMrjdV/CueOWR8SAD0aBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yTLAXdVS5YBU2FWljWFhlVP1HGM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c7:94:5a:b2:f1:da:3d:ca:da:e8:08:6f:02:8f:fb:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c932c05dd552e58054d855a58d61619553f51c63
        Validity
            Not Before: Jul  1 20:01:17 2025 GMT
            Not After : Jul  2 20:01:17 2025 GMT
        Subject: CN=f16bf1385e32fd2f75a24ceb57c5b4645bd23b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:47:13:90:c4:16:68:98:ba:6e:bb:1e:de:06:
                    d1:a1:d5:55:c0:74:c9:3c:63:1f:cc:eb:2e:76:31:
                    56:52:30:34:3d:cf:d6:6a:45:f4:a0:3d:2e:8a:74:
                    98:7e:4d:96:a0:ff:12:29:48:2e:90:9d:ef:1f:86:
                    3b:bd:db:25:b5:11:74:91:ae:7c:01:5f:59:0c:0e:
                    10:81:44:7c:20:a6:9a:67:9a:7c:60:c4:f9:81:7c:
                    81:b9:7f:e9:da:69:66:93:2d:a0:5a:14:e4:7c:39:
                    d4:80:b3:73:65:f0:ee:2b:56:f1:39:fc:23:ed:86:
                    a7:42:ec:91:0b:8b:1c:aa:d2:7e:f9:48:b9:a0:88:
                    b0:5e:7c:21:ff:b2:65:6a:23:6c:9c:b1:ed:10:c2:
                    35:f4:9e:14:e8:be:9e:a1:a1:7f:b7:c9:df:fd:b9:
                    f9:a8:84:05:60:10:1e:5d:db:53:eb:05:d3:6b:dd:
                    d0:d6:16:9b:f1:89:95:90:8a:0e:12:e4:a4:27:01:
                    0e:5f:c2:0a:1f:76:c0:1f:a7:a6:56:f3:73:52:5c:
                    84:37:62:2c:2c:75:65:47:6a:2d:d4:ec:43:9d:3c:
                    ca:40:c1:6b:76:7b:8a:8a:cd:31:c7:91:3e:2b:de:
                    eb:0b:75:07:24:46:80:32:52:cd:79:36:b6:a1:b0:
                    12:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6B:F1:38:5E:32:FD:2F:75:A2:4C:EB:57:C5:B4:64:5B:D2:3B:3B
            X509v3 Authority Key Identifier:
                keyid:C9:32:C0:5D:D5:52:E5:80:54:D8:55:A5:8D:61:61:95:53:F5:1C:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTLAXdVS5YBU2FWljWFhlVP1HGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/91332b-3456-4651-9305-fa6b98f8470e/1/yTLAXdVS5YBU2FWljWFhlVP1HGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:4d:85:7e:d9:ab:ef:a2:84:2d:a1:d1:9d:9d:bd:de:42:db:
         75:ed:58:a3:e6:30:74:5b:11:6d:98:3d:6f:fb:fa:55:cf:d6:
         15:1c:d1:38:b9:5c:92:eb:9a:03:b6:09:66:d3:ac:4e:bc:d4:
         48:a0:45:ac:20:d0:fb:50:05:51:1c:10:5e:f4:87:97:bf:c4:
         7d:84:ae:27:c2:b6:95:91:1e:28:56:2b:67:a7:8f:ba:0a:6b:
         cd:66:8c:b5:6d:91:1b:29:63:0d:c1:33:a0:47:4c:93:34:00:
         07:29:aa:59:21:a5:ed:f0:39:d7:b0:c7:91:2e:91:02:d7:34:
         db:72:81:31:fa:fb:31:fb:10:c8:8b:92:cc:26:19:7c:53:e6:
         c2:fb:2e:f1:c1:e9:a0:4f:56:7e:07:48:1d:ee:00:35:b7:8e:
         fa:99:fd:d8:36:87:73:36:a6:e8:7a:5a:c3:78:9d:37:9f:a5:
         c9:25:5b:5e:a4:81:d5:bc:ff:5e:12:9e:32:4c:6d:8b:d6:0f:
         fb:26:5a:28:0d:c3:38:0a:4b:43:40:61:db:2b:39:22:c7:57:
         5f:78:5e:a8:f6:41:77:ec:2f:4c:50:6c:a7:d3:38:aa:f6:32:
         fc:d7:84:f9:cd:00:c9:74:a3:70:f0:44:fb:5f:34:9e:63:18:
         0a:c1:50:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfHlFqy8do9ytroCG8Cj/u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzJjMDVkZDU1MmU1ODA1NGQ4NTVhNThkNjE2MTk1NTNm
NTFjNjMwHhcNMjUwNzAxMjAwMTE3WhcNMjUwNzAyMjAwMTE3WjAzMTEwLwYDVQQD
EyhmMTZiZjEzODVlMzJmZDJmNzVhMjRjZWI1N2M1YjQ2NDViZDIzYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0cTkMQWaJi6brse3gbRodVVwHTJ
PGMfzOsudjFWUjA0Pc/WakX0oD0uinSYfk2WoP8SKUgukJ3vH4Y7vdsltRF0ka58
AV9ZDA4QgUR8IKaaZ5p8YMT5gXyBuX/p2mlmky2gWhTkfDnUgLNzZfDuK1bxOfwj
7YanQuyRC4scqtJ++Ui5oIiwXnwh/7JlaiNsnLHtEMI19J4U6L6eoaF/t8nf/bn5
qIQFYBAeXdtT6wXTa93Q1hab8YmVkIoOEuSkJwEOX8IKH3bAH6emVvNzUlyEN2Is
LHVlR2ot1OxDnTzKQMFrdnuKis0xx5E+K97rC3UHJEaAMlLNeTa2obASsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFr8TheMv0vdaJM61fFtGRb0js7MB8GA1UdIwQY
MBaAFMkywF3VUuWAVNhVpY1hYZVT9RxjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVRMQVhkVlM1WUJVMkZXbGpXRmhsVlAxSEdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85MTMzMmItMzQ1Ni00NjUxLTkzMDUt
ZmE2Yjk4Zjg0NzBlLzEveVRMQVhkVlM1WUJVMkZXbGpXRmhsVlAxSEdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS85MTMzMmItMzQ1Ni00NjUxLTkzMDUtZmE2Yjk4Zjg0NzBl
LzEveVRMQVhkVlM1WUJVMkZXbGpXRmhsVlAxSEdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhk2Fftmr
76KELaHRnZ293kLbde1Yo+YwdFsRbZg9b/v6Vc/WFRzROLlckuuaA7YJZtOsTrzU
SKBFrCDQ+1AFURwQXvSHl7/EfYSuJ8K2lZEeKFYrZ6ePugprzWaMtW2RGyljDcEz
oEdMkzQABymqWSGl7fA517DHkS6RAtc023KBMfr7MfsQyIuSzCYZfFPmwvsu8cHp
oE9WfgdIHe4ANbeO+pn92DaHczam6Hpaw3idN5+lySVbXqSB1bz/XhKeMkxti9YP
+yZaKA3DOApLQ0Bh2ys5IsdXX3heqPZBd+wvTFBsp9M4qvYy/NeE+c0AyXSjcPBE
+180nmMYCsFQQg==
-----END CERTIFICATE-----