Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.mft
File:                     CYYD8NRKkgRDOKLK3xiegQHDv18.mft (raw, json)
Hash identifier:          OqZnjucwJBzebijww/hRPAd5q4HWNuPs8EVzsO1/P/I=
Subject key identifier:   36:E6:91:6D:9D:1C:C6:40:CD:12:AB:C1:FC:D7:60:66:F6:AD:66:4E
Authority key identifier: 09:86:03:F0:D4:4A:92:04:43:38:A2:CA:DF:18:9E:81:01:C3:BF:5F
Certificate issuer:       /CN=098603f0d44a92044338a2cadf189e8101c3bf5f
Certificate serial:       0196591447E005F512A434E6F489D5887ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CYYD8NRKkgRDOKLK3xiegQHDv18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.mft
Manifest number:          0BCB
Signing time:             Mon 21 Apr 2025 16:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:23 +0000
Files and hashes:         1: CYYD8NRKkgRDOKLK3xiegQHDv18.crl (hash: 0/iv7fIYTIngOE+5w9rRdQ3Nq1FopByyrwifPnLSC4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CYYD8NRKkgRDOKLK3xiegQHDv18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:47:e0:05:f5:12:a4:34:e6:f4:89:d5:88:7e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098603f0d44a92044338a2cadf189e8101c3bf5f
        Validity
            Not Before: Apr 21 16:00:23 2025 GMT
            Not After : Apr 22 16:00:23 2025 GMT
        Subject: CN=36e6916d9d1cc640cd12abc1fcd76066f6ad664e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:3c:40:e5:d9:85:4c:53:2f:c1:9d:fa:a4:bb:
                    d2:5f:a9:76:0f:ff:c9:7b:55:51:55:1a:b8:0a:11:
                    f1:b4:00:43:b5:91:61:e8:5e:18:e5:b4:9d:a9:e2:
                    79:71:b7:b6:52:40:76:80:d2:ad:01:40:b4:71:b3:
                    22:b2:24:15:c3:32:de:fc:1d:4d:20:5d:6a:02:65:
                    fd:e3:89:fc:be:a9:a7:df:78:ff:ee:54:af:8d:0c:
                    95:21:14:15:51:37:22:50:56:f0:dd:8b:0f:11:6e:
                    86:e3:f4:1a:f1:cf:40:f4:06:0d:2e:45:e1:08:27:
                    47:16:af:b3:b5:98:d8:a8:90:fd:3d:4a:a6:a9:18:
                    4f:a8:83:25:b5:d0:39:6c:d5:19:47:68:a3:77:17:
                    0a:cb:0b:5a:d7:64:a5:74:d9:d4:31:88:62:72:e3:
                    dd:3b:ea:a4:10:1d:0f:f4:e4:c1:3f:22:a6:f1:57:
                    ce:99:c5:65:8d:73:57:f2:45:15:5e:f1:b5:98:7a:
                    b0:fc:17:3f:dd:0f:4c:c6:e8:82:37:70:91:4a:50:
                    c8:a4:46:58:c0:8a:82:ca:e0:e6:40:bc:36:31:ca:
                    84:94:2f:10:c3:4f:f3:eb:ac:9f:ea:dc:c9:ac:5f:
                    f8:e0:c8:73:5f:cf:15:0a:71:c2:79:a1:d8:6c:46:
                    5a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E6:91:6D:9D:1C:C6:40:CD:12:AB:C1:FC:D7:60:66:F6:AD:66:4E
            X509v3 Authority Key Identifier:
                keyid:09:86:03:F0:D4:4A:92:04:43:38:A2:CA:DF:18:9E:81:01:C3:BF:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYYD8NRKkgRDOKLK3xiegQHDv18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/68b353-cc2b-42e0-80af-b73686427942/1/CYYD8NRKkgRDOKLK3xiegQHDv18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:66:76:6f:1a:fb:ff:12:cc:6b:c8:6b:e3:a4:45:09:9e:bf:
         26:7e:5c:27:b6:94:a7:7e:ab:e2:86:eb:10:50:c7:17:8e:6d:
         db:42:81:53:b3:b7:a2:fe:d6:bf:91:0a:fe:89:9a:c0:c0:34:
         87:69:d5:59:b4:c2:e5:09:55:b8:4c:fe:c5:6a:46:6d:fa:7e:
         21:be:59:e4:30:c6:fb:c2:1d:7f:6f:c9:42:f1:c2:c1:d8:43:
         40:f1:4c:bd:63:dd:d4:a2:a1:f9:3b:6d:1f:2f:64:b3:03:f2:
         96:3a:24:23:b0:00:75:78:5a:b0:ea:05:5b:69:e4:be:9b:1d:
         9b:bb:fd:db:01:9b:3a:fa:7b:4c:99:ad:65:eb:e6:e7:55:c9:
         d7:46:eb:7c:37:75:e0:aa:13:95:5b:70:73:e2:31:d8:0d:2b:
         a8:34:16:f0:92:1e:45:3f:d9:7d:ac:b1:27:ac:5e:da:08:bb:
         7a:0c:9c:07:d4:52:d5:04:5d:c5:86:5d:66:48:e0:9f:e6:23:
         cd:8f:b9:bc:77:26:ff:35:23:83:42:44:6f:27:49:e9:c4:b6:
         bd:91:f6:38:9c:38:6d:ed:3d:5e:a7:5a:7c:1b:9f:b1:04:36:
         51:8d:00:a2:d5:68:bd:de:b8:fa:c2:94:a6:22:ea:0f:81:07:
         ae:64:f9:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFEfgBfUSpDTm9InViH7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODYwM2YwZDQ0YTkyMDQ0MzM4YTJjYWRmMTg5ZTgxMDFj
M2JmNWYwHhcNMjUwNDIxMTYwMDIzWhcNMjUwNDIyMTYwMDIzWjAzMTEwLwYDVQQD
EygzNmU2OTE2ZDlkMWNjNjQwY2QxMmFiYzFmY2Q3NjA2NmY2YWQ2NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TxA5dmFTFMvwZ36pLvSX6l2D//J
e1VRVRq4ChHxtABDtZFh6F4Y5bSdqeJ5cbe2UkB2gNKtAUC0cbMisiQVwzLe/B1N
IF1qAmX944n8vqmn33j/7lSvjQyVIRQVUTciUFbw3YsPEW6G4/Qa8c9A9AYNLkXh
CCdHFq+ztZjYqJD9PUqmqRhPqIMltdA5bNUZR2ijdxcKywta12SldNnUMYhicuPd
O+qkEB0P9OTBPyKm8VfOmcVljXNX8kUVXvG1mHqw/Bc/3Q9MxuiCN3CRSlDIpEZY
wIqCyuDmQLw2McqElC8Qw0/z66yf6tzJrF/44MhzX88VCnHCeaHYbEZaEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbmkW2dHMZAzRKrwfzXYGb2rWZOMB8GA1UdIwQY
MBaAFAmGA/DUSpIEQziiyt8YnoEBw79fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lZRDhOUktrZ1JET0tMSzN4aWVnUUhEdjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82OGIzNTMtY2MyYi00MmUwLTgwYWYt
YjczNjg2NDI3OTQyLzEvQ1lZRDhOUktrZ1JET0tMSzN4aWVnUUhEdjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82OGIzNTMtY2MyYi00MmUwLTgwYWYtYjczNjg2NDI3OTQy
LzEvQ1lZRDhOUktrZ1JET0tMSzN4aWVnUUhEdjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2Z2bxr7
/xLMa8hr46RFCZ6/Jn5cJ7aUp36r4obrEFDHF45t20KBU7O3ov7Wv5EK/omawMA0
h2nVWbTC5QlVuEz+xWpGbfp+Ib5Z5DDG+8Idf2/JQvHCwdhDQPFMvWPd1KKh+Ttt
Hy9kswPyljokI7AAdXhasOoFW2nkvpsdm7v92wGbOvp7TJmtZevm51XJ10brfDd1
4KoTlVtwc+Ix2A0rqDQW8JIeRT/ZfayxJ6xe2gi7egycB9RS1QRdxYZdZkjgn+Yj
zY+5vHcm/zUjg0JEbydJ6cS2vZH2OJw4be09XqdafBufsQQ2UY0AotVovd64+sKU
piLqD4EHrmT5GQ==
-----END CERTIFICATE-----