Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File:                     JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier:          xZWV76fs0WiWif1nyHNIrs0ZNRoecS6Fs3KncdOFnZU=
Subject key identifier:   3C:DE:5D:9F:72:6A:8E:47:A6:23:57:DB:5F:6A:1A:F9:79:40:A9:17
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer:       /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial:       0198537B5D2FFF264E0E329CD9B899B656AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number:          0CE6
Signing time:             Tue 29 Jul 2025 00:00:50 +0000
Manifest this update:     Tue 29 Jul 2025 00:00:50 +0000
Manifest next update:     Wed 30 Jul 2025 00:00:50 +0000
Files and hashes:         1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: P1dS2Oub7XVmPlHkDOXxgzZO2wm89btxQaFLa9gDsHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:53:7b:5d:2f:ff:26:4e:0e:32:9c:d9:b8:99:b6:56:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
        Validity
            Not Before: Jul 29 00:00:50 2025 GMT
            Not After : Jul 30 00:00:50 2025 GMT
        Subject: CN=3cde5d9f726a8e47a62357db5f6a1af97940a917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:12:35:0f:c4:a4:66:82:8e:f2:37:54:48:b4:
                    84:60:22:b1:95:4b:df:71:b9:3b:dc:87:60:c5:51:
                    0c:06:3e:53:2c:31:20:70:53:ac:a0:ab:bf:0c:09:
                    3a:1c:aa:44:c7:76:a8:ee:e2:62:57:91:33:1f:58:
                    b4:e3:04:68:69:56:a4:4e:2f:78:e2:72:d5:bd:b6:
                    42:5b:9f:cb:d9:e5:13:19:f8:b4:6a:be:63:34:87:
                    95:af:75:71:6e:a4:4b:04:16:a3:04:23:ba:dc:9e:
                    ac:d7:02:a1:e1:c2:a6:85:44:be:65:01:ac:31:c0:
                    ca:ab:c5:ef:49:eb:3b:26:9a:8a:1e:6b:ac:83:29:
                    95:b0:50:fa:42:c1:c7:c0:e9:68:cc:76:7d:fa:d2:
                    cc:e4:52:78:a7:d7:49:83:f8:1c:0b:f6:e6:27:ec:
                    27:38:e7:a7:c6:d0:38:e5:79:07:3f:c9:6b:71:80:
                    0c:1d:65:f9:9d:f1:f9:19:72:8d:20:e1:d6:7b:a2:
                    e9:98:e9:78:f9:b4:43:8a:8d:f4:4c:28:25:5f:02:
                    c2:81:e2:19:16:f4:d4:1d:4f:ee:96:c7:d3:54:bd:
                    76:96:d2:ad:34:18:02:96:95:e0:f2:34:9d:e6:a5:
                    c4:5b:39:6c:a8:29:6e:19:34:8b:af:7c:76:3a:dc:
                    a3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:DE:5D:9F:72:6A:8E:47:A6:23:57:DB:5F:6A:1A:F9:79:40:A9:17
            X509v3 Authority Key Identifier:
                keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:40:45:98:65:a1:ec:5f:ad:35:73:67:53:db:3b:1b:45:3c:
         c6:1f:69:30:f3:b9:83:f9:68:7c:35:e3:5b:5c:1c:f2:b9:d7:
         c0:30:0b:16:0c:10:fa:02:7e:04:65:37:5a:0d:19:5d:9b:b2:
         ce:2f:f1:87:cf:e6:e8:a8:9f:09:61:e4:34:0e:76:20:b4:f4:
         59:99:1c:5a:da:4b:52:8e:fc:50:50:9c:82:b7:3e:77:d7:22:
         d8:11:da:d9:a2:59:81:77:39:ff:3b:15:e3:f7:86:3d:bb:ea:
         88:93:a2:ff:37:bf:c0:c5:3b:ff:cb:cb:f4:a9:5b:38:08:87:
         31:20:92:a2:34:5b:f5:e3:32:5c:7a:f0:15:b2:1d:87:12:c1:
         58:ff:77:3f:1e:cb:0e:2f:18:be:04:9d:e6:d6:4f:b4:8e:a9:
         2e:df:36:9c:cd:bb:7d:f6:f5:b7:57:65:15:cf:55:d1:68:07:
         c6:bb:4e:53:0b:dc:1f:17:53:bf:d9:bc:a2:5d:fe:19:7e:7d:
         a5:f1:fa:34:18:24:f4:75:79:23:f4:f0:50:bd:29:32:67:48:
         a5:1e:61:d0:ea:b3:91:db:94:d5:a1:7e:5f:84:fc:64:65:8a:
         59:b3:e4:8c:b0:f9:85:73:83:4f:69:21:4e:c8:6b:da:5a:33:
         58:8d:ad:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTe10v/yZODjKc2biZtlaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjUwNzI5MDAwMDUwWhcNMjUwNzMwMDAwMDUwWjAzMTEwLwYDVQQD
EygzY2RlNWQ5ZjcyNmE4ZTQ3YTYyMzU3ZGI1ZjZhMWFmOTc5NDBhOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxI1D8SkZoKO8jdUSLSEYCKxlUvf
cbk73IdgxVEMBj5TLDEgcFOsoKu/DAk6HKpEx3ao7uJiV5EzH1i04wRoaVakTi94
4nLVvbZCW5/L2eUTGfi0ar5jNIeVr3VxbqRLBBajBCO63J6s1wKh4cKmhUS+ZQGs
McDKq8XvSes7JpqKHmusgymVsFD6QsHHwOlozHZ9+tLM5FJ4p9dJg/gcC/bmJ+wn
OOenxtA45XkHP8lrcYAMHWX5nfH5GXKNIOHWe6LpmOl4+bRDio30TCglXwLCgeIZ
FvTUHU/ulsfTVL12ltKtNBgClpXg8jSd5qXEWzlsqCluGTSLr3x2Otyj0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzeXZ9yao5HpiNX219qGvl5QKkXMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUBFmGWh
7F+tNXNnU9s7G0U8xh9pMPO5g/lofDXjW1wc8rnXwDALFgwQ+gJ+BGU3Wg0ZXZuy
zi/xh8/m6KifCWHkNA52ILT0WZkcWtpLUo78UFCcgrc+d9ci2BHa2aJZgXc5/zsV
4/eGPbvqiJOi/ze/wMU7/8vL9KlbOAiHMSCSojRb9eMyXHrwFbIdhxLBWP93Px7L
Di8YvgSd5tZPtI6pLt82nM27ffb1t1dlFc9V0WgHxrtOUwvcHxdTv9m8ol3+GX59
pfH6NBgk9HV5I/TwUL0pMmdIpR5h0OqzkduU1aF+X4T8ZGWKWbPkjLD5hXODT2kh
Tshr2lozWI2tmQ==
-----END CERTIFICATE-----