Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          rDRK1kv8WlC4B/VGatSEljdDWRbzolYOC2A2bfTe1Is=
Subject key identifier:   57:5D:DA:15:07:AB:20:8A:42:A5:25:29:17:06:64:DB:E6:EF:1F:55
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       01984B544CE0FDCCC46491C15FA917ACB70A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0943
Signing time:             Sun 27 Jul 2025 10:01:12 +0000
Manifest this update:     Sun 27 Jul 2025 10:01:12 +0000
Manifest next update:     Mon 28 Jul 2025 10:01:12 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: 2jEAUs1lWCiQHG2NEq5iO3XthcYOXxhxUNGW6SAN0Bg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:54:4c:e0:fd:cc:c4:64:91:c1:5f:a9:17:ac:b7:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Jul 27 10:01:12 2025 GMT
            Not After : Jul 28 10:01:12 2025 GMT
        Subject: CN=575dda1507ab208a42a52529170664dbe6ef1f55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ba:dc:c2:70:29:46:a5:68:27:cd:a1:f0:ef:
                    08:04:88:66:83:2a:e6:52:e4:1f:8a:22:f6:62:f8:
                    8c:03:c0:88:92:4d:30:b7:fc:76:3b:eb:7b:40:1e:
                    c0:2c:e4:0b:60:fe:04:a9:d8:d2:b2:c5:00:b3:a3:
                    09:cd:8e:19:cd:53:19:67:71:cc:11:f2:4e:61:22:
                    82:8b:51:4f:0b:b4:b5:93:9e:4e:e7:aa:b0:89:e9:
                    78:57:7d:d4:90:f8:80:5c:fa:b2:5a:12:65:85:84:
                    b3:57:ac:98:9f:77:a6:66:29:18:59:31:6c:50:4f:
                    35:f6:de:aa:10:b3:88:68:11:a8:27:1b:f2:d0:8c:
                    da:be:a2:4e:16:b3:94:36:82:18:bb:8e:e1:3d:68:
                    8a:23:3d:a3:18:90:56:d5:1d:7f:94:ee:0a:2b:ab:
                    33:5b:cf:ea:52:12:68:89:06:5e:a1:88:23:8f:5c:
                    bd:e4:f7:3b:90:8b:b6:56:05:e3:09:a5:d2:28:0d:
                    be:de:84:62:d5:04:d4:f2:90:22:19:9b:c4:f0:eb:
                    47:33:a4:06:82:04:7f:90:f3:56:16:78:0c:f8:0d:
                    63:1e:46:d0:2b:1d:87:7a:45:90:23:c1:34:bd:67:
                    db:bf:84:4e:0d:28:ee:b2:7e:ec:77:07:b3:fa:ff:
                    4e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5D:DA:15:07:AB:20:8A:42:A5:25:29:17:06:64:DB:E6:EF:1F:55
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:a9:66:08:9e:12:f4:3b:28:67:2e:a1:fd:ac:3e:51:bf:40:
         35:2f:55:91:1f:3d:8f:ee:74:29:c6:b5:6f:81:12:1b:fb:0e:
         7a:a5:92:42:f0:cf:23:80:24:86:ee:b4:88:a3:1b:e2:1b:d2:
         aa:80:ac:5c:26:a7:d0:00:75:d9:a2:42:76:c7:fd:e0:d1:a3:
         d0:6a:bd:d5:a8:1a:06:58:37:4e:58:51:51:ce:17:3e:48:fe:
         bd:cc:c6:fc:8f:09:79:bf:d3:ef:e6:b7:b0:dc:33:a5:05:9c:
         f3:65:81:a4:2e:bd:fa:7a:ae:43:75:d8:de:7c:62:18:18:57:
         9c:3d:83:48:04:db:a6:60:87:0b:d8:28:3f:ef:99:75:f3:ed:
         86:8d:7c:a3:3d:ce:43:aa:5b:0c:15:7f:69:4d:5d:08:9f:5b:
         2c:3b:ff:8d:25:c3:4a:22:8e:81:29:a7:25:2e:05:1c:d9:50:
         4f:1b:88:7b:46:57:77:f4:e6:79:27:01:67:eb:9a:02:62:1f:
         ff:ee:58:f3:5a:30:3c:60:0e:18:ea:db:19:e0:49:6a:1d:8f:
         9a:d6:df:5c:19:22:ba:74:d0:2f:b2:9c:e8:c8:01:72:fe:44:
         0d:77:55:f5:dc:7a:71:d5:d0:79:47:03:04:22:a1:d9:ca:37:
         d8:ab:4f:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVEzg/czEZJHBX6kXrLcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNzI3MTAwMTEyWhcNMjUwNzI4MTAwMTEyWjAzMTEwLwYDVQQD
Eyg1NzVkZGExNTA3YWIyMDhhNDJhNTI1MjkxNzA2NjRkYmU2ZWYxZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7rcwnApRqVoJ82h8O8IBIhmgyrm
UuQfiiL2YviMA8CIkk0wt/x2O+t7QB7ALOQLYP4EqdjSssUAs6MJzY4ZzVMZZ3HM
EfJOYSKCi1FPC7S1k55O56qwiel4V33UkPiAXPqyWhJlhYSzV6yYn3emZikYWTFs
UE819t6qELOIaBGoJxvy0IzavqJOFrOUNoIYu47hPWiKIz2jGJBW1R1/lO4KK6sz
W8/qUhJoiQZeoYgjj1y95Pc7kIu2VgXjCaXSKA2+3oRi1QTU8pAiGZvE8OtHM6QG
ggR/kPNWFngM+A1jHkbQKx2HekWQI8E0vWfbv4RODSjusn7sdwez+v9OmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdd2hUHqyCKQqUlKRcGZNvm7x9VMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6lmCJ4S
9DsoZy6h/aw+Ub9ANS9VkR89j+50Kca1b4ESG/sOeqWSQvDPI4Akhu60iKMb4hvS
qoCsXCan0AB12aJCdsf94NGj0Gq91agaBlg3TlhRUc4XPkj+vczG/I8Jeb/T7+a3
sNwzpQWc82WBpC69+nquQ3XY3nxiGBhXnD2DSATbpmCHC9goP++ZdfPtho18oz3O
Q6pbDBV/aU1dCJ9bLDv/jSXDSiKOgSmnJS4FHNlQTxuIe0ZXd/TmeScBZ+uaAmIf
/+5Y81owPGAOGOrbGeBJah2PmtbfXBkiunTQL7Kc6MgBcv5EDXdV9dx6cdXQeUcD
BCKh2co32KtPNg==
-----END CERTIFICATE-----