Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          DAfHbQYpOWHfaIyF5pGf7+FqNLkO8B0bb9Xa4kOTQYw=
Subject key identifier:   69:35:E1:AE:D0:1C:42:36:FF:2C:7A:82:42:CE:69:CB:85:E3:3F:46
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       01975DCA796EBD00FC4E4946A0B099F3DDC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          1583
Signing time:             Wed 11 Jun 2025 07:00:39 +0000
Manifest this update:     Wed 11 Jun 2025 07:00:39 +0000
Manifest next update:     Thu 12 Jun 2025 07:00:39 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: ZoeEpPA2IEuJ8Y1VxmzOvdJ/vPKdeK8Cfeu6cwXeQAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:ca:79:6e:bd:00:fc:4e:49:46:a0:b0:99:f3:dd:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Jun 11 07:00:39 2025 GMT
            Not After : Jun 12 07:00:39 2025 GMT
        Subject: CN=6935e1aed01c4236ff2c7a8242ce69cb85e33f46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:89:0a:7f:1d:ea:44:10:a9:e8:65:28:f7:7a:
                    28:c7:4e:57:a8:5c:b1:cb:2a:c9:aa:63:52:d5:67:
                    c3:b3:2a:05:16:64:50:63:63:09:96:50:03:ca:28:
                    87:d6:0e:c9:c9:3d:07:c3:52:f1:5f:0b:d6:27:5f:
                    9c:67:94:10:a8:f9:05:9a:9f:94:5f:d6:89:65:d3:
                    79:85:93:e3:c0:e5:59:89:c0:1d:92:2f:10:9c:95:
                    b6:20:4d:be:ec:06:8f:8e:a1:84:af:0a:e7:7a:12:
                    5e:8f:b5:63:7f:c8:94:6b:38:a6:eb:8c:db:78:23:
                    e5:15:6f:41:3b:05:6a:ac:6d:b8:4d:00:42:d8:d2:
                    52:a8:d0:22:51:b0:24:46:ac:fe:ce:3a:8f:a3:70:
                    a9:48:38:af:dd:dc:a3:2e:7f:f5:5d:09:82:2d:f0:
                    24:e9:21:89:4b:c9:88:71:cb:2b:bc:79:4f:48:94:
                    a6:32:1a:ad:eb:d2:0d:d5:03:cc:c8:9f:11:81:4a:
                    32:3f:0d:56:ad:1f:52:9c:bc:fb:a2:92:b2:f1:4a:
                    a9:6f:01:36:d0:34:1d:2d:ed:4e:9a:68:59:89:7b:
                    2f:90:9e:1d:32:d7:37:f3:45:e4:98:2d:c8:eb:46:
                    f2:b3:2c:c1:71:6f:af:14:fd:d2:0a:cd:6a:7e:5b:
                    36:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:35:E1:AE:D0:1C:42:36:FF:2C:7A:82:42:CE:69:CB:85:E3:3F:46
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:27:97:e8:42:49:84:ea:23:8c:55:e3:f0:78:5e:16:23:73:
         26:e2:01:52:29:49:5b:fd:93:5c:63:9f:7d:15:91:ae:2c:24:
         87:99:36:ba:82:f5:8e:5c:2a:61:74:37:8c:cf:9e:7b:6c:23:
         5e:f3:08:3b:8d:b5:17:50:fc:60:6d:02:b6:4d:73:8f:1e:45:
         33:07:05:89:b5:dc:f4:56:19:5f:c9:75:b1:84:13:82:f7:f5:
         13:3b:c3:16:49:a5:53:cc:71:13:ef:a0:06:9b:7d:b9:2c:18:
         e2:3d:8e:d5:2d:93:34:bc:d2:6d:80:cd:ad:02:8e:eb:99:9c:
         a3:88:a8:02:eb:c1:9e:1d:87:55:0a:e0:da:b8:ef:62:6f:12:
         09:cd:b2:f2:77:38:85:07:a3:82:f1:5c:8b:69:7f:d8:da:91:
         35:0d:df:b6:8d:74:51:1f:ce:3e:0f:6c:67:ff:c2:0c:53:8f:
         ef:18:98:22:2b:d6:1a:3b:4b:d2:db:ed:b2:0d:3f:d6:bf:43:
         10:24:f4:fc:c9:13:a9:95:60:4c:ba:28:2a:cd:df:fc:86:6c:
         8c:eb:8f:17:07:74:0b:c6:8b:80:bb:49:55:77:e3:bf:31:db:
         76:57:8b:cd:bf:35:08:b9:55:02:3c:8c:2e:5f:ad:9d:0d:31:
         0d:ee:67:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddynluvQD8TklGoLCZ893AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwNjExMDcwMDM5WhcNMjUwNjEyMDcwMDM5WjAzMTEwLwYDVQQD
Eyg2OTM1ZTFhZWQwMWM0MjM2ZmYyYzdhODI0MmNlNjljYjg1ZTMzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYkKfx3qRBCp6GUo93oox05XqFyx
yyrJqmNS1WfDsyoFFmRQY2MJllADyiiH1g7JyT0Hw1LxXwvWJ1+cZ5QQqPkFmp+U
X9aJZdN5hZPjwOVZicAdki8QnJW2IE2+7AaPjqGErwrnehJej7Vjf8iUazim64zb
eCPlFW9BOwVqrG24TQBC2NJSqNAiUbAkRqz+zjqPo3CpSDiv3dyjLn/1XQmCLfAk
6SGJS8mIccsrvHlPSJSmMhqt69IN1QPMyJ8RgUoyPw1WrR9SnLz7opKy8UqpbwE2
0DQdLe1OmmhZiXsvkJ4dMtc380XkmC3I60bysyzBcW+vFP3SCs1qfls2wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk14a7QHEI2/yx6gkLOacuF4z9GMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyeX6EJJ
hOojjFXj8HheFiNzJuIBUilJW/2TXGOffRWRriwkh5k2uoL1jlwqYXQ3jM+ee2wj
XvMIO421F1D8YG0Ctk1zjx5FMwcFibXc9FYZX8l1sYQTgvf1EzvDFkmlU8xxE++g
Bpt9uSwY4j2O1S2TNLzSbYDNrQKO65mco4ioAuvBnh2HVQrg2rjvYm8SCc2y8nc4
hQejgvFci2l/2NqRNQ3fto10UR/OPg9sZ//CDFOP7xiYIivWGjtL0tvtsg0/1r9D
ECT0/MkTqZVgTLooKs3f/IZsjOuPFwd0C8aLgLtJVXfjvzHbdleLzb81CLlVAjyM
Ll+tnQ0xDe5nhA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:58:29 2025 by rpki-client