Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          qN9PtElVMk8XJokFOSayP3BdW5FvEIOqDNEXbgL/RWg=
Subject key identifier:   CF:CF:9B:F2:91:09:E5:52:A6:78:6B:46:94:8F:F2:42:5B:75:5E:21
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019757FF52B00EC89F0F15F410809B71FA5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          1580
Signing time:             Tue 10 Jun 2025 04:00:40 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:40 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:40 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: yI86uSEyTEa/8HKV+HHvWGig4nsB9x7C2cMSfiyrYLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:52:b0:0e:c8:9f:0f:15:f4:10:80:9b:71:fa:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Jun 10 04:00:40 2025 GMT
            Not After : Jun 11 04:00:40 2025 GMT
        Subject: CN=cfcf9bf29109e552a6786b46948ff2425b755e21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ae:e4:27:85:ca:9c:a7:f0:6d:38:68:d2:37:
                    79:c2:14:27:c1:ce:96:a6:05:95:b3:2b:21:61:60:
                    45:40:34:20:b1:3f:a3:c0:96:a1:bd:a5:8b:ac:9b:
                    cd:41:36:0a:04:76:84:18:72:cd:5e:43:43:b2:ac:
                    77:46:2d:83:b4:76:94:28:f5:2c:a8:8c:bb:7c:d7:
                    64:1d:2b:5e:40:04:0a:de:d4:c5:a8:8d:c8:da:df:
                    80:63:22:39:e8:c8:15:b9:af:08:dc:a3:63:7d:0f:
                    07:1b:76:27:e5:99:bc:a0:ba:79:eb:6c:b6:e5:8f:
                    2e:77:e0:50:5d:3b:70:52:77:77:68:28:ed:ca:d3:
                    0c:ea:4f:d3:2f:6d:48:9c:c4:9d:e1:b7:96:f2:6e:
                    89:d0:21:2c:d3:1e:9d:7e:88:d1:17:d3:b6:fb:89:
                    75:d3:2a:83:32:47:a0:23:58:fb:b1:df:26:f8:3f:
                    6d:f6:a9:5d:2c:1c:ba:2f:56:41:ea:e7:b0:1a:f3:
                    25:66:f9:13:a7:ff:fb:61:b8:0a:c6:aa:f5:d9:00:
                    b6:e7:71:13:a8:a8:42:6b:b1:71:0e:75:fb:49:f2:
                    f4:e3:f8:eb:2e:32:7d:1a:a6:cd:9a:76:d7:32:99:
                    e4:47:93:ba:22:a8:ce:af:35:ac:de:47:81:8f:1a:
                    57:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:CF:9B:F2:91:09:E5:52:A6:78:6B:46:94:8F:F2:42:5B:75:5E:21
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:d5:d4:d5:2e:ae:80:af:90:95:c0:d5:cd:76:f4:5b:23:91:
         e4:6a:29:c5:4d:57:34:3b:58:76:6d:a2:62:d9:29:04:26:3a:
         7c:e8:f5:7c:5c:0a:b5:bc:4c:47:d9:de:4a:e4:aa:42:5f:f3:
         49:88:fb:e3:19:11:f5:32:6e:63:c6:76:1d:9f:d5:d1:7e:ad:
         ab:22:37:45:1b:f5:1f:35:96:56:a6:10:eb:ea:1b:80:97:fa:
         1d:5d:40:44:73:77:f7:21:0c:69:59:f7:7b:58:de:36:55:bc:
         b6:14:26:79:2a:c7:ad:36:ef:dc:5f:52:c6:85:4c:49:fd:00:
         b2:fb:a8:48:76:85:01:ab:62:bc:c3:fc:1a:20:42:78:7f:01:
         b9:40:33:f6:91:27:8d:d5:71:f0:0f:fc:38:65:a1:29:4b:12:
         fe:91:f6:32:15:38:b6:e9:65:2b:93:71:1f:e0:8a:1e:11:cc:
         91:21:71:d0:c4:be:7e:e9:dc:c3:fe:bd:de:e7:5f:a4:55:b8:
         8f:fe:0c:29:43:59:e9:63:ac:ca:84:87:51:9a:99:27:b6:e5:
         d2:30:82:d9:d4:bb:b2:0e:95:f0:86:65:b7:3d:21:20:a8:7b:
         b1:61:85:8c:ce:12:68:1a:00:fd:22:31:0c:f0:52:aa:5d:a1:
         a4:ce:9c:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/1KwDsifDxX0EICbcfpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwNjEwMDQwMDQwWhcNMjUwNjExMDQwMDQwWjAzMTEwLwYDVQQD
EyhjZmNmOWJmMjkxMDllNTUyYTY3ODZiNDY5NDhmZjI0MjViNzU1ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK7kJ4XKnKfwbTho0jd5whQnwc6W
pgWVsyshYWBFQDQgsT+jwJahvaWLrJvNQTYKBHaEGHLNXkNDsqx3Ri2DtHaUKPUs
qIy7fNdkHSteQAQK3tTFqI3I2t+AYyI56MgVua8I3KNjfQ8HG3Yn5Zm8oLp562y2
5Y8ud+BQXTtwUnd3aCjtytMM6k/TL21InMSd4beW8m6J0CEs0x6dfojRF9O2+4l1
0yqDMkegI1j7sd8m+D9t9qldLBy6L1ZB6uewGvMlZvkTp//7YbgKxqr12QC253ET
qKhCa7FxDnX7SfL04/jrLjJ9GqbNmnbXMpnkR5O6IqjOrzWs3keBjxpX/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/Pm/KRCeVSpnhrRpSP8kJbdV4hMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxNXU1S6u
gK+QlcDVzXb0WyOR5GopxU1XNDtYdm2iYtkpBCY6fOj1fFwKtbxMR9neSuSqQl/z
SYj74xkR9TJuY8Z2HZ/V0X6tqyI3RRv1HzWWVqYQ6+obgJf6HV1ARHN39yEMaVn3
e1jeNlW8thQmeSrHrTbv3F9SxoVMSf0AsvuoSHaFAativMP8GiBCeH8BuUAz9pEn
jdVx8A/8OGWhKUsS/pH2MhU4tullK5NxH+CKHhHMkSFx0MS+funcw/693udfpFW4
j/4MKUNZ6WOsyoSHUZqZJ7bl0jCC2dS7sg6V8IZltz0hIKh7sWGFjM4SaBoA/SIx
DPBSql2hpM6c1Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:37:13 2025 by rpki-client