Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          9yv14cG1JCxSUEuL1loh5Jk+m7ZAH9eXZrOJzMjBlNI=
Subject key identifier:   A5:A4:4E:CC:55:07:27:AA:41:86:DE:43:D8:CF:74:D3:CB:87:77:18
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       0199239FEBC6A164906514CAAF19605118C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0BDF
Signing time:             Sun 07 Sep 2025 10:01:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:47 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: Qyv0GUAJ/6uBrtrEG8g348tM28oHBvNxXbQfX2+mn1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:eb:c6:a1:64:90:65:14:ca:af:19:60:51:18:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Sep  7 10:01:47 2025 GMT
            Not After : Sep  8 10:01:47 2025 GMT
        Subject: CN=a5a44ecc550727aa4186de43d8cf74d3cb877718
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:0d:8b:a9:33:75:1c:80:01:97:4c:bb:76:6e:
                    64:14:ef:97:db:c2:73:1c:ad:a7:4d:c6:f8:a3:99:
                    3a:42:ce:23:70:65:1f:27:c0:45:fe:9a:97:f9:53:
                    b6:9c:ec:eb:8e:f4:79:a1:af:cb:12:ea:cd:3c:b3:
                    70:27:4c:b7:b2:cb:4f:1c:63:dd:5e:fc:1b:14:d5:
                    a0:fa:3b:aa:6d:45:86:e0:a6:ce:95:de:51:2e:d0:
                    d5:2b:3e:98:05:62:55:6e:a7:0c:a5:b1:1d:97:8a:
                    05:4c:dd:72:e7:ca:b4:5e:eb:30:ac:7e:d1:a9:04:
                    b6:2f:6f:2a:18:cd:13:8e:6f:32:bd:01:e3:f3:84:
                    18:d3:0e:ff:b1:3f:b2:66:fd:7a:f0:e0:90:26:23:
                    44:de:0c:c7:3b:5a:ef:45:0c:9c:d5:02:d0:a4:89:
                    f8:18:50:e3:f9:ba:b9:3a:47:dd:f7:4b:66:20:d6:
                    ec:8e:40:3c:8e:39:39:ba:a2:f0:8e:a1:00:1b:a1:
                    a3:22:11:7a:c8:93:a7:fe:6f:23:7b:ae:2c:7c:35:
                    13:fb:c5:fd:76:12:3c:91:29:42:77:56:cf:7f:bd:
                    10:7c:8b:36:69:b3:f6:30:dd:cb:e8:6c:20:13:6e:
                    cb:f5:d9:13:cd:7a:51:77:6d:b8:36:f0:8a:1a:54:
                    0e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A4:4E:CC:55:07:27:AA:41:86:DE:43:D8:CF:74:D3:CB:87:77:18
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:75:62:c0:25:f8:a9:ad:0c:f3:05:9b:cc:82:93:aa:8c:b8:
         4f:cf:13:92:71:c1:a0:72:22:0c:29:2c:14:ad:c1:2c:a3:e3:
         c2:cf:f0:05:c5:a6:c3:eb:8f:4b:49:f5:8e:5d:a2:b9:61:c7:
         ae:81:b9:b0:1a:1e:13:eb:6e:c3:28:5a:1c:87:60:ad:2a:33:
         9f:43:e4:55:05:b2:2e:ad:3b:44:37:c7:f9:ff:30:16:e8:81:
         9a:ed:cc:04:80:15:02:ac:0e:f9:0f:85:09:cd:3b:ed:06:27:
         a6:1e:4b:3f:ca:ec:dd:2b:fd:6b:87:7c:8b:ae:6c:8b:73:be:
         09:b1:9a:28:50:70:d4:aa:02:7c:49:70:4d:46:3f:c1:55:91:
         38:a5:e2:25:9e:bc:f1:78:b1:bd:8d:d5:50:52:08:c7:fc:26:
         1f:56:a2:fb:a9:10:8d:19:81:b2:fe:f1:94:fe:85:07:8b:a7:
         8f:ab:c8:d5:0a:2e:8e:64:3c:b6:dc:8b:00:5b:50:bb:23:aa:
         9f:ec:90:59:63:f7:11:8f:ed:68:85:d5:7c:70:aa:05:45:78:
         e7:61:59:10:15:b8:09:37:22:ea:1b:ca:f2:24:21:88:9c:0e:
         46:b7:64:d9:c6:db:f2:e7:24:f1:01:e0:b7:18:28:ed:25:8b:
         84:73:4b:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+vGoWSQZRTKrxlgURjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUwOTA3MTAwMTQ3WhcNMjUwOTA4MTAwMTQ3WjAzMTEwLwYDVQQD
EyhhNWE0NGVjYzU1MDcyN2FhNDE4NmRlNDNkOGNmNzRkM2NiODc3NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA2LqTN1HIABl0y7dm5kFO+X28Jz
HK2nTcb4o5k6Qs4jcGUfJ8BF/pqX+VO2nOzrjvR5oa/LEurNPLNwJ0y3sstPHGPd
XvwbFNWg+juqbUWG4KbOld5RLtDVKz6YBWJVbqcMpbEdl4oFTN1y58q0XuswrH7R
qQS2L28qGM0Tjm8yvQHj84QY0w7/sT+yZv168OCQJiNE3gzHO1rvRQyc1QLQpIn4
GFDj+bq5Okfd90tmINbsjkA8jjk5uqLwjqEAG6GjIhF6yJOn/m8je64sfDUT+8X9
dhI8kSlCd1bPf70QfIs2abP2MN3L6GwgE27L9dkTzXpRd224NvCKGlQOTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWkTsxVByeqQYbeQ9jPdNPLh3cYMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApXViwCX4
qa0M8wWbzIKTqoy4T88TknHBoHIiDCksFK3BLKPjws/wBcWmw+uPS0n1jl2iuWHH
roG5sBoeE+tuwyhaHIdgrSozn0PkVQWyLq07RDfH+f8wFuiBmu3MBIAVAqwO+Q+F
Cc077QYnph5LP8rs3Sv9a4d8i65si3O+CbGaKFBw1KoCfElwTUY/wVWROKXiJZ68
8XixvY3VUFIIx/wmH1ai+6kQjRmBsv7xlP6FB4unj6vI1QoujmQ8ttyLAFtQuyOq
n+yQWWP3EY/taIXVfHCqBUV452FZEBW4CTci6hvK8iQhiJwORrdk2cbb8uck8QHg
txgo7SWLhHNLVQ==
-----END CERTIFICATE-----