Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          CmMKDob+Ymv7vTiVD9IpErqbaPb53kYGIoZWVvLAl6g=
Subject key identifier:   1E:01:8A:24:D4:84:AC:A7:82:0D:91:21:2C:A4:3B:A7:CB:AF:D9:C6
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       01975D93563EB6B433BF53510214D4F66C0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          1582
Signing time:             Wed 11 Jun 2025 06:00:26 +0000
Manifest this update:     Wed 11 Jun 2025 06:00:26 +0000
Manifest next update:     Thu 12 Jun 2025 06:00:26 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: LXrXXmfsIVeDfD7gvrJ3g7N3NCodyti3Fhw6os7xM44=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 06:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:93:56:3e:b6:b4:33:bf:53:51:02:14:d4:f6:6c:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Jun 11 06:00:26 2025 GMT
            Not After : Jun 12 06:00:26 2025 GMT
        Subject: CN=1e018a24d484aca7820d91212ca43ba7cbafd9c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e0:20:3b:08:84:2e:89:b5:4e:e8:90:4d:ba:
                    23:de:e7:8c:35:27:09:46:e3:4b:f7:65:ba:18:37:
                    aa:82:a4:a5:30:bb:87:07:e6:0c:50:6a:ca:b2:72:
                    62:60:46:4b:28:5d:a3:63:2d:0e:24:31:cd:63:37:
                    93:e0:f3:d7:ab:8c:d0:b8:8c:ef:5b:0e:4d:0f:f0:
                    fe:a5:97:44:97:b3:b2:d6:7f:0c:e4:75:43:e3:f8:
                    66:fb:39:34:f8:19:da:ef:1b:1f:51:53:ed:27:08:
                    59:f6:17:9a:d4:51:18:c2:7d:1e:b3:c2:eb:c9:22:
                    90:7f:00:16:ba:61:dc:8c:07:60:1f:46:1b:a2:31:
                    16:05:b2:f1:2d:63:d4:69:6f:ff:67:87:a4:c8:93:
                    01:73:9d:e5:ef:d4:94:fe:be:a2:58:39:80:20:e6:
                    eb:d4:78:8f:29:c6:4b:34:ee:38:dd:5b:da:9a:10:
                    20:22:17:07:30:5c:24:41:7e:57:82:8e:01:ba:bc:
                    84:7e:cb:f7:8d:4d:1f:b5:a9:ec:3b:ad:b8:13:95:
                    00:05:75:38:49:35:16:38:21:b1:b3:80:0f:d1:49:
                    21:81:42:7d:13:df:60:6e:df:68:fa:b4:8d:5e:01:
                    e7:1d:c0:35:02:2e:c9:c3:b4:48:b3:d0:6e:0b:52:
                    ba:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:01:8A:24:D4:84:AC:A7:82:0D:91:21:2C:A4:3B:A7:CB:AF:D9:C6
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:a2:85:ec:15:83:fb:12:59:69:b5:b7:ba:36:3b:d3:11:a6:
         b1:0e:f7:1b:49:2d:85:18:6a:41:b2:61:1d:19:00:04:29:9b:
         23:2b:8e:07:b8:e9:0d:05:12:9f:bc:33:b7:66:dc:79:c1:d1:
         f6:0f:f5:15:aa:7e:13:58:19:be:44:3b:89:ee:68:a3:ed:0c:
         7a:49:17:c5:1e:52:53:58:e4:d6:30:3b:87:90:af:60:b9:c7:
         03:dd:58:e8:75:4a:2a:97:0e:d7:2e:ce:8d:e7:ba:91:2b:7b:
         ed:1f:40:87:aa:1c:08:da:f5:27:72:b5:eb:08:02:22:17:1d:
         c7:75:23:c5:0b:30:f3:13:45:c6:f7:b5:09:25:4b:09:a6:da:
         0d:57:1b:46:02:ab:f1:05:6f:89:23:97:65:f7:16:2e:f3:ac:
         ed:1e:77:a1:ec:a0:b7:2a:5b:19:a8:22:22:fe:92:1c:29:60:
         48:ed:48:ab:eb:1e:31:16:d7:93:f8:ad:f6:e1:e6:c6:f0:b3:
         5b:72:41:f1:ae:56:f0:85:e3:35:92:e4:60:7e:b1:f4:7c:39:
         04:52:b3:c0:4b:22:3f:8c:4a:f3:2f:63:d4:66:a4:6c:95:94:
         5a:e3:ff:00:49:bf:05:35:f3:76:7b:5c:08:9c:f0:52:8d:fd:
         a7:03:2e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddk1Y+trQzv1NRAhTU9mwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwNjExMDYwMDI2WhcNMjUwNjEyMDYwMDI2WjAzMTEwLwYDVQQD
EygxZTAxOGEyNGQ0ODRhY2E3ODIwZDkxMjEyY2E0M2JhN2NiYWZkOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+AgOwiELom1TuiQTboj3ueMNScJ
RuNL92W6GDeqgqSlMLuHB+YMUGrKsnJiYEZLKF2jYy0OJDHNYzeT4PPXq4zQuIzv
Ww5ND/D+pZdEl7Oy1n8M5HVD4/hm+zk0+Bna7xsfUVPtJwhZ9hea1FEYwn0es8Lr
ySKQfwAWumHcjAdgH0YbojEWBbLxLWPUaW//Z4ekyJMBc53l79SU/r6iWDmAIObr
1HiPKcZLNO443VvamhAgIhcHMFwkQX5Xgo4BuryEfsv3jU0ftansO624E5UABXU4
STUWOCGxs4AP0UkhgUJ9E99gbt9o+rSNXgHnHcA1Ai7Jw7RIs9BuC1K6AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4BiiTUhKyngg2RISykO6fLr9nGMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKKF7BWD
+xJZabW3ujY70xGmsQ73G0kthRhqQbJhHRkABCmbIyuOB7jpDQUSn7wzt2bcecHR
9g/1Fap+E1gZvkQ7ie5oo+0MekkXxR5SU1jk1jA7h5CvYLnHA91Y6HVKKpcO1y7O
jee6kSt77R9Ah6ocCNr1J3K16wgCIhcdx3UjxQsw8xNFxve1CSVLCabaDVcbRgKr
8QVviSOXZfcWLvOs7R53oeygtypbGagiIv6SHClgSO1Iq+seMRbXk/it9uHmxvCz
W3JB8a5W8IXjNZLkYH6x9Hw5BFKzwEsiP4xK8y9j1GakbJWUWuP/AEm/BTXzdntc
CJzwUo39pwMukg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:58:57 2025 by rpki-client