Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File:                     yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier:          W2rGRed8Z77nz+wY0sOYBGZFx3XQ1LTWXxccg27mtFU=
Subject key identifier:   61:96:12:B9:88:7E:A5:C2:0C:07:7A:F1:A5:21:42:D6:26:1E:98:CC
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer:       /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial:       0197B7B2FED2535422C75138CDCF4A226F96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number:          0227
Signing time:             Sat 28 Jun 2025 18:00:50 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:50 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:50 +0000
Files and hashes:         1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: pfHoeT4gPmHBKi20Ir5ZjCla447+pUjD97FCwx8t8hU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 18:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:fe:d2:53:54:22:c7:51:38:cd:cf:4a:22:6f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
        Validity
            Not Before: Jun 28 18:00:50 2025 GMT
            Not After : Jun 29 18:00:50 2025 GMT
        Subject: CN=619612b9887ea5c20c077af1a52142d6261e98cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:64:86:5a:3f:e5:23:a8:45:5e:26:c1:df:6c:
                    68:37:a3:98:0b:a0:5e:c7:50:0d:f0:2b:5a:e2:21:
                    c8:02:ff:e2:5d:67:7c:82:20:dc:a7:20:82:32:04:
                    aa:88:da:b6:82:ae:6e:c8:ba:77:f1:d7:5f:ad:92:
                    1d:f3:ad:49:39:97:b7:3d:5a:0d:ad:23:66:0b:ae:
                    6e:37:9f:48:4d:99:ac:87:53:b9:df:c8:f3:67:1a:
                    71:db:af:30:93:6f:00:99:24:e2:ca:d5:86:d0:19:
                    de:c7:4b:be:c6:a0:36:b9:cd:bb:51:dc:38:68:76:
                    b3:2b:4e:81:4b:39:0c:cd:b7:f6:3a:ed:5c:02:2e:
                    30:22:6c:fa:89:c9:ee:c2:80:8b:bb:e4:2c:f8:a0:
                    f0:41:7c:63:d2:c1:b0:0a:93:5c:40:9b:4a:4b:fd:
                    a4:1f:a3:35:7c:69:49:c6:13:05:d1:68:b8:10:37:
                    1c:c2:b7:5e:26:0a:38:0c:cf:2c:8d:2a:7f:90:2d:
                    fd:9d:39:f3:4f:19:59:17:fe:1f:9e:4c:db:81:1b:
                    a6:c7:3c:ed:41:f7:1e:43:d6:14:64:56:33:71:0f:
                    ca:36:fc:34:d5:8a:00:76:2e:7b:db:77:57:25:1d:
                    36:de:23:79:a6:35:88:32:45:a4:bb:25:98:07:1b:
                    08:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:96:12:B9:88:7E:A5:C2:0C:07:7A:F1:A5:21:42:D6:26:1E:98:CC
            X509v3 Authority Key Identifier:
                keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:fd:fd:66:c5:c7:e7:be:6f:9b:b3:77:88:bd:bd:b1:7b:50:
         2a:40:e8:79:60:68:ae:88:f8:26:e5:9e:8e:aa:d3:4e:cd:c2:
         e1:78:36:d7:92:22:a8:ef:fb:e3:a1:fa:56:b3:ec:88:9e:3c:
         96:fa:2c:70:d0:7e:2b:de:87:06:e5:d0:bb:54:df:86:bb:a4:
         de:92:2a:96:87:c9:a8:9f:6d:e3:65:32:f5:54:ab:ba:56:79:
         37:59:0e:fd:a9:51:37:0c:b6:f1:35:56:17:ab:72:57:4d:78:
         53:7b:0a:2e:47:5f:1e:7c:b1:de:b7:6b:31:ca:36:ee:87:7b:
         07:4d:9f:51:a8:f9:a1:97:12:01:a6:f9:78:f3:75:b3:c7:c5:
         75:43:3f:16:73:39:0e:fd:a4:cd:09:ed:d0:15:12:dd:37:e7:
         28:26:12:0e:fc:04:30:d8:4c:66:91:d8:98:f6:d6:19:90:2a:
         60:03:3d:4d:ca:ea:7a:f9:37:20:f4:d2:c0:4a:e1:a2:65:c6:
         ff:b6:11:d9:e6:53:62:9b:5f:f1:eb:48:28:da:7f:09:f7:d9:
         99:1c:29:c8:19:12:49:c6:23:75:3c:67:5f:f6:70:5b:93:d3:
         18:9a:29:c5:9d:b5:89:3a:fe:97:3a:ba:cf:ce:67:8d:76:11:
         81:c9:5f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sv7SU1Qix1E4zc9KIm+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjUwNjI4MTgwMDUwWhcNMjUwNjI5MTgwMDUwWjAzMTEwLwYDVQQD
Eyg2MTk2MTJiOTg4N2VhNWMyMGMwNzdhZjFhNTIxNDJkNjI2MWU5OGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGSGWj/lI6hFXibB32xoN6OYC6Be
x1AN8Cta4iHIAv/iXWd8giDcpyCCMgSqiNq2gq5uyLp38ddfrZId861JOZe3PVoN
rSNmC65uN59ITZmsh1O538jzZxpx268wk28AmSTiytWG0Bnex0u+xqA2uc27Udw4
aHazK06BSzkMzbf2Ou1cAi4wImz6icnuwoCLu+Qs+KDwQXxj0sGwCpNcQJtKS/2k
H6M1fGlJxhMF0Wi4EDccwrdeJgo4DM8sjSp/kC39nTnzTxlZF/4fnkzbgRumxzzt
QfceQ9YUZFYzcQ/KNvw01YoAdi5723dXJR023iN5pjWIMkWkuyWYBxsIYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGWErmIfqXCDAd68aUhQtYmHpjMMB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZP39ZsXH
575vm7N3iL29sXtQKkDoeWBoroj4JuWejqrTTs3C4Xg215IiqO/746H6VrPsiJ48
lvoscNB+K96HBuXQu1Tfhruk3pIqlofJqJ9t42Uy9VSrulZ5N1kO/alRNwy28TVW
F6tyV014U3sKLkdfHnyx3rdrMco27od7B02fUaj5oZcSAab5ePN1s8fFdUM/FnM5
Dv2kzQnt0BUS3TfnKCYSDvwEMNhMZpHYmPbWGZAqYAM9Tcrqevk3IPTSwErhomXG
/7YR2eZTYptf8etIKNp/CffZmRwpyBkSScYjdTxnX/ZwW5PTGJopxZ21iTr+lzq6
z85njXYRgclfsw==
-----END CERTIFICATE-----