Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          vPdOHFnY5W/rnuf2V0pPfgo1yzIO6XhqyNIFPoVyiLw=
Subject key identifier:   99:72:08:7D:F6:93:B0:68:BE:5A:68:9D:FA:28:7A:3B:B1:9D:39:F4
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0196B7B5CE11166B5B577E2F8B24B971640F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0872
Signing time:             Sat 10 May 2025 01:01:07 +0000
Manifest this update:     Sat 10 May 2025 01:01:07 +0000
Manifest next update:     Sun 11 May 2025 01:01:07 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: RiqUz1wWpvpgJpHl6a3wXwRNi6Hxf1gBRunG1e1QgQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 01:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:b5:ce:11:16:6b:5b:57:7e:2f:8b:24:b9:71:64:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: May 10 01:01:07 2025 GMT
            Not After : May 11 01:01:07 2025 GMT
        Subject: CN=9972087df693b068be5a689dfa287a3bb19d39f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ba:73:26:11:69:ea:74:14:b2:8d:a7:0f:62:
                    41:ec:0d:52:81:00:64:03:59:21:94:c2:f3:e1:ed:
                    24:05:50:0d:bb:95:af:22:a9:c8:0f:7e:5c:56:55:
                    c9:43:ef:49:82:6a:42:9c:a0:8c:b6:1b:17:5f:35:
                    03:5d:6e:ce:b8:97:48:4e:52:76:76:06:6c:19:ba:
                    13:3c:ee:ce:16:86:16:b2:c8:d3:ee:c3:b8:34:f1:
                    20:b6:0b:de:10:56:83:f7:11:d5:39:fd:ea:d5:3d:
                    26:35:9b:a2:d8:d2:56:76:67:46:a2:16:39:f7:5a:
                    f8:72:7e:a0:72:4a:f4:a3:ef:ef:33:93:47:63:7a:
                    f3:8f:30:2e:bf:85:68:05:6a:fa:7a:65:a1:c9:13:
                    e2:1c:d9:fe:80:cf:3a:dc:4a:60:3f:ee:50:a6:ec:
                    3d:6c:00:48:8e:d8:68:64:27:d6:86:9d:61:1c:d7:
                    57:86:7e:e9:48:e3:53:58:7d:eb:30:30:7d:fc:0a:
                    0c:b4:35:9e:30:1b:e4:37:79:1f:65:0e:a5:64:4b:
                    cc:79:9b:af:bf:ac:74:4a:e8:be:85:1f:ff:17:b6:
                    7b:c3:c1:f7:e3:0b:59:45:13:e9:f1:a2:45:bc:bc:
                    c3:5d:39:c4:a6:96:fa:e5:f9:39:b1:18:9d:a2:26:
                    42:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:72:08:7D:F6:93:B0:68:BE:5A:68:9D:FA:28:7A:3B:B1:9D:39:F4
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:15:5a:bf:84:87:9b:bb:54:9e:00:93:46:4c:6a:55:f8:26:
         15:4b:f7:32:05:90:68:29:4b:80:db:bb:c2:f6:ed:6c:2b:30:
         4c:59:7b:22:aa:ae:fe:f3:f7:94:70:e0:2c:9f:bb:e7:7d:67:
         41:d7:c0:ef:db:29:1c:db:a5:29:e7:33:a8:68:8d:af:02:c9:
         ed:2e:c8:86:3b:14:bd:64:be:60:be:fe:ed:b5:79:16:73:4d:
         0f:90:fd:96:8b:81:6f:2d:a0:48:b6:2a:8c:9b:95:2b:02:eb:
         f5:8e:aa:7f:83:28:2a:38:06:a9:07:3d:8a:1f:5a:0b:38:76:
         08:a6:0d:60:20:04:98:88:57:f2:f5:ed:29:14:90:cd:1c:cd:
         e3:0e:bb:34:27:59:c3:21:51:41:55:24:3c:cf:a4:12:1e:15:
         8e:75:84:35:a3:b1:5e:ac:10:c3:a0:29:cf:a4:af:f4:c7:cb:
         e1:66:8e:07:40:fd:23:43:15:75:fd:c0:40:7a:7e:bc:46:ec:
         7c:54:1d:6a:7f:47:ca:81:dd:53:b0:1a:54:81:e2:f6:2c:66:
         9e:cd:c2:10:2f:d0:bf:f8:fb:e9:18:78:b8:34:65:37:00:02:
         da:34:d4:9e:ff:f5:63:c5:74:45:ce:b5:29:79:06:45:34:f3:
         ee:00:80:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3tc4RFmtbV34viyS5cWQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNTEwMDEwMTA3WhcNMjUwNTExMDEwMTA3WjAzMTEwLwYDVQQD
Eyg5OTcyMDg3ZGY2OTNiMDY4YmU1YTY4OWRmYTI4N2EzYmIxOWQzOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobpzJhFp6nQUso2nD2JB7A1SgQBk
A1khlMLz4e0kBVANu5WvIqnID35cVlXJQ+9JgmpCnKCMthsXXzUDXW7OuJdITlJ2
dgZsGboTPO7OFoYWssjT7sO4NPEgtgveEFaD9xHVOf3q1T0mNZui2NJWdmdGohY5
91r4cn6gckr0o+/vM5NHY3rzjzAuv4VoBWr6emWhyRPiHNn+gM863EpgP+5Qpuw9
bABIjthoZCfWhp1hHNdXhn7pSONTWH3rMDB9/AoMtDWeMBvkN3kfZQ6lZEvMeZuv
v6x0Sui+hR//F7Z7w8H34wtZRRPp8aJFvLzDXTnEppb65fk5sRidoiZC9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlyCH32k7BovlponfooejuxnTn0MB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAThVav4SH
m7tUngCTRkxqVfgmFUv3MgWQaClLgNu7wvbtbCswTFl7Iqqu/vP3lHDgLJ+7531n
QdfA79spHNulKeczqGiNrwLJ7S7IhjsUvWS+YL7+7bV5FnNND5D9louBby2gSLYq
jJuVKwLr9Y6qf4MoKjgGqQc9ih9aCzh2CKYNYCAEmIhX8vXtKRSQzRzN4w67NCdZ
wyFRQVUkPM+kEh4VjnWENaOxXqwQw6Apz6Sv9MfL4WaOB0D9I0MVdf3AQHp+vEbs
fFQdan9HyoHdU7AaVIHi9ixmns3CEC/Qv/j76Rh4uDRlNwAC2jTUnv/1Y8V0Rc61
KXkGRTTz7gCALw==
-----END CERTIFICATE-----