Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.mft
File:                     LYFCGstXhBVGXs3sRYHoleu_vH8.mft (raw, json)
Hash identifier:          ywjrnGd5tFszYb2nH+AdZ+2JoExqSqL0KVSzF/0Adrc=
Subject key identifier:   48:C5:02:C8:D1:3A:69:9D:53:B4:A1:9C:8A:40:B3:2F:3A:FF:2C:FD
Authority key identifier: 2D:81:42:1A:CB:57:84:15:46:5E:CD:EC:45:81:E8:95:EB:BF:BC:7F
Certificate issuer:       /CN=2d81421acb578415465ecdec4581e895ebbfbc7f
Certificate serial:       019828C8215E2C8B48019BBF2B7ED14565D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LYFCGstXhBVGXs3sRYHoleu_vH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.mft
Manifest number:          4A
Signing time:             Sun 20 Jul 2025 17:01:00 +0000
Manifest this update:     Sun 20 Jul 2025 17:01:00 +0000
Manifest next update:     Mon 21 Jul 2025 17:01:00 +0000
Files and hashes:         1: LYFCGstXhBVGXs3sRYHoleu_vH8.crl (hash: phf8puFe2lTdc4gMZLIzIDJ+/0c7tTaS0CxFEngGtLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LYFCGstXhBVGXs3sRYHoleu_vH8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 13:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:28:c8:21:5e:2c:8b:48:01:9b:bf:2b:7e:d1:45:65:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d81421acb578415465ecdec4581e895ebbfbc7f
        Validity
            Not Before: Jul 20 17:01:00 2025 GMT
            Not After : Jul 21 17:01:00 2025 GMT
        Subject: CN=48c502c8d13a699d53b4a19c8a40b32f3aff2cfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f1:c4:98:c3:f3:91:27:06:aa:03:32:f0:60:
                    d1:06:0b:d0:c7:d3:27:e3:db:8d:23:4f:4d:10:73:
                    fa:fb:70:d4:86:4a:a1:b3:58:e2:de:0c:3b:36:67:
                    13:0b:09:0c:c7:1c:f7:81:2f:ed:f5:87:ef:1c:6f:
                    4b:39:4d:ba:2e:0e:d7:60:a6:65:d4:9b:48:ca:a9:
                    c8:98:c4:33:c5:91:fe:14:24:53:d7:78:13:7c:6e:
                    c5:cc:b4:70:95:84:2a:8e:99:ec:37:13:c0:b0:2e:
                    e7:d4:cd:ee:c7:a5:bf:e9:f2:41:d3:b0:ab:77:5e:
                    1f:74:25:f9:b0:ef:1e:f5:7b:20:c5:0b:96:37:a6:
                    cf:9c:a7:b9:34:9a:d0:94:d6:52:6f:d2:b9:43:72:
                    34:52:77:b6:69:e2:16:aa:77:8b:7d:80:96:d4:d2:
                    c1:d5:39:9a:80:8e:46:0f:84:06:dd:d4:35:d4:17:
                    d7:94:fa:e6:e1:c2:37:28:16:df:56:4c:b2:36:ae:
                    6f:50:c6:f2:fa:6b:61:f0:2f:b0:20:23:09:17:e4:
                    e6:49:15:d2:34:b8:80:cb:6a:d0:9a:af:1d:89:4c:
                    c3:1b:7a:3e:a1:7e:57:e2:64:44:f8:76:52:f3:b5:
                    cb:89:27:db:4b:b9:c6:9d:59:9e:57:67:92:74:ca:
                    b0:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C5:02:C8:D1:3A:69:9D:53:B4:A1:9C:8A:40:B3:2F:3A:FF:2C:FD
            X509v3 Authority Key Identifier:
                keyid:2D:81:42:1A:CB:57:84:15:46:5E:CD:EC:45:81:E8:95:EB:BF:BC:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LYFCGstXhBVGXs3sRYHoleu_vH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3b1d5a-fcc6-4ae3-a2c8-984eec3f7a3e/1/LYFCGstXhBVGXs3sRYHoleu_vH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:b6:76:09:4c:ab:0a:66:7d:41:f1:7c:b9:d5:bd:d4:2f:e4:
         11:96:a4:ea:1e:b8:76:ef:6a:9d:ae:03:7c:b6:c3:37:e0:1b:
         4f:0f:34:63:59:20:65:98:fe:94:ae:b6:07:5e:47:1c:56:df:
         91:a0:46:90:e6:7e:20:6a:74:fb:ec:0c:71:fc:f4:9f:4d:78:
         49:99:2d:1d:3c:23:d3:97:09:0a:eb:b2:69:68:c8:d0:e8:ad:
         cd:c8:01:e0:35:6d:5c:c4:92:4c:fd:41:05:81:ae:60:46:a4:
         1a:d1:8f:bb:9c:12:e9:a5:47:e4:c2:f7:1e:65:ad:3c:c1:12:
         bb:0b:57:cb:80:12:cb:1a:cd:dd:38:01:aa:64:0e:93:d7:46:
         98:cb:3f:fb:aa:b0:db:ef:7b:b3:95:aa:cc:a2:40:d7:0d:a9:
         27:60:02:e4:fa:65:9d:c1:df:e2:17:55:b3:70:2e:30:83:e6:
         7d:a7:d5:84:3f:66:45:1e:79:69:14:f8:8e:51:92:d0:c1:a7:
         46:80:70:c6:30:ea:bc:8a:a8:2a:d1:45:3a:7f:75:0d:bd:85:
         06:9a:8e:23:c1:bf:46:cf:f3:53:98:53:0d:05:fc:4a:11:de:
         68:e6:b6:e6:f0:57:6f:12:7f:da:be:6a:2e:fc:57:2d:06:3a:
         55:6c:dd:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgoyCFeLItIAZu/K37RRWXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkODE0MjFhY2I1Nzg0MTU0NjVlY2RlYzQ1ODFlODk1ZWJi
ZmJjN2YwHhcNMjUwNzIwMTcwMTAwWhcNMjUwNzIxMTcwMTAwWjAzMTEwLwYDVQQD
Eyg0OGM1MDJjOGQxM2E2OTlkNTNiNGExOWM4YTQwYjMyZjNhZmYyY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvHEmMPzkScGqgMy8GDRBgvQx9Mn
49uNI09NEHP6+3DUhkqhs1ji3gw7NmcTCwkMxxz3gS/t9YfvHG9LOU26Lg7XYKZl
1JtIyqnImMQzxZH+FCRT13gTfG7FzLRwlYQqjpnsNxPAsC7n1M3ux6W/6fJB07Cr
d14fdCX5sO8e9XsgxQuWN6bPnKe5NJrQlNZSb9K5Q3I0Une2aeIWqneLfYCW1NLB
1TmagI5GD4QG3dQ11BfXlPrm4cI3KBbfVkyyNq5vUMby+mth8C+wICMJF+TmSRXS
NLiAy2rQmq8diUzDG3o+oX5X4mRE+HZS87XLiSfbS7nGnVmeV2eSdMqw1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjFAsjROmmdU7ShnIpAsy86/yz9MB8GA1UdIwQY
MBaAFC2BQhrLV4QVRl7N7EWB6JXrv7x/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFlGQ0dzdFhoQlZHWHMzc1JZSG9sZXVfdkg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zYjFkNWEtZmNjNi00YWUzLWEyYzgt
OTg0ZWVjM2Y3YTNlLzEvTFlGQ0dzdFhoQlZHWHMzc1JZSG9sZXVfdkg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zYjFkNWEtZmNjNi00YWUzLWEyYzgtOTg0ZWVjM2Y3YTNl
LzEvTFlGQ0dzdFhoQlZHWHMzc1JZSG9sZXVfdkg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbZ2CUyr
CmZ9QfF8udW91C/kEZak6h64du9qna4DfLbDN+AbTw80Y1kgZZj+lK62B15HHFbf
kaBGkOZ+IGp0++wMcfz0n014SZktHTwj05cJCuuyaWjI0OitzcgB4DVtXMSSTP1B
BYGuYEakGtGPu5wS6aVH5ML3HmWtPMESuwtXy4ASyxrN3TgBqmQOk9dGmMs/+6qw
2+97s5WqzKJA1w2pJ2AC5PplncHf4hdVs3AuMIPmfafVhD9mRR55aRT4jlGS0MGn
RoBwxjDqvIqoKtFFOn91Db2FBpqOI8G/Rs/zU5hTDQX8ShHeaOa25vBXbxJ/2r5q
LvxXLQY6VWzdug==
-----END CERTIFICATE-----