Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
File:                     YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft (raw, json)
Hash identifier:          am/wPbaiLju5X29hmCju+wDNJD9ESUWeE71i/HtddrU=
Subject key identifier:   24:E5:B9:FE:49:C3:97:50:16:EF:5E:76:F0:22:EB:F7:27:22:B4:7A
Authority key identifier: 60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60
Certificate issuer:       /CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
Certificate serial:       019579B4EB2BA52FCB6433CE5F2CED6550E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
Manifest number:          1488
Signing time:             Sun 09 Mar 2025 07:00:54 +0000
Manifest this update:     Sun 09 Mar 2025 07:00:54 +0000
Manifest next update:     Mon 10 Mar 2025 07:00:54 +0000
Files and hashes:         1: YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl (hash: 0Es6U9xqOMeqKRdj58xOFeY+0loGJ2qYdBdahRY+Ot0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:b4:eb:2b:a5:2f:cb:64:33:ce:5f:2c:ed:65:50:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
        Validity
            Not Before: Mar  9 07:00:54 2025 GMT
            Not After : Mar 10 07:00:54 2025 GMT
        Subject: CN=24e5b9fe49c3975016ef5e76f022ebf72722b47a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:bc:38:18:ce:64:b0:b2:e3:0d:a2:9d:97:ba:
                    cc:dd:70:d6:7b:7b:8e:49:07:63:e0:42:03:af:ca:
                    76:6a:31:fc:4f:d1:1c:0d:f3:73:ca:f7:f7:4d:e6:
                    a6:11:2d:25:5a:14:3f:af:59:04:bb:4d:06:c7:44:
                    f6:e9:86:2b:24:a6:ae:71:f9:d7:aa:e8:fe:8f:dc:
                    21:18:a6:5b:82:66:b5:c0:09:67:20:a3:6d:69:ab:
                    93:40:5c:8c:ba:9b:5f:f7:8e:98:3a:d5:50:c1:91:
                    5f:79:d9:e9:05:6b:69:df:71:3c:97:10:19:d5:ee:
                    28:26:a2:32:72:3d:2a:d9:02:b8:c6:26:d8:6b:fc:
                    84:d5:5a:97:59:8a:3a:0a:cc:d8:2b:bb:4e:75:f7:
                    b5:7a:55:cd:58:7f:3e:b9:5d:a3:98:5e:ee:d6:aa:
                    fc:cc:7e:c4:f6:b9:fb:96:9d:42:ff:14:8d:41:6d:
                    19:31:65:fc:89:8b:87:4e:83:85:54:bd:66:71:7d:
                    98:4e:47:94:66:c4:53:1d:28:1e:b6:5a:b1:fa:4d:
                    0d:d8:c9:ba:66:0e:a5:c4:e1:6f:41:e1:cd:e1:1c:
                    80:bf:1d:5d:76:fb:51:9b:ab:1b:ac:fa:de:a5:d1:
                    2b:d4:b4:0c:40:e3:8a:82:5a:07:08:8c:c0:41:00:
                    bf:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E5:B9:FE:49:C3:97:50:16:EF:5E:76:F0:22:EB:F7:27:22:B4:7A
            X509v3 Authority Key Identifier:
                keyid:60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:19:b4:49:e6:ee:f9:bf:07:e5:8c:6f:7e:0a:b6:9d:19:14:
         d8:09:a9:a4:be:ab:ec:10:cd:17:21:08:55:42:58:ac:cb:58:
         69:a4:45:6b:f4:7f:d9:ca:d5:fc:de:1a:cd:75:b2:30:46:74:
         59:6e:a1:7a:0b:8e:69:8f:b8:a9:68:43:dd:b1:a7:48:40:d1:
         4f:db:df:28:52:a2:5c:01:7f:ee:02:c7:5a:c1:d3:07:0d:7b:
         41:09:80:3a:f1:4f:9f:9a:83:9c:d9:36:8c:e1:2f:aa:8f:46:
         67:15:d9:61:20:42:2b:a0:8f:e8:96:a5:66:ad:ff:11:c2:a8:
         5f:d7:74:ef:d2:3a:ce:ee:08:22:5b:91:e9:63:00:7e:e7:48:
         a8:63:dd:f8:84:3c:cb:5a:a0:fd:43:36:56:cd:fc:ca:f5:58:
         7a:09:93:a7:68:31:54:cd:11:d7:e9:11:43:bd:2b:c2:3c:82:
         f8:1c:bb:1c:f8:fe:f0:0d:63:5c:51:aa:15:a7:0c:66:3c:93:
         27:a7:b2:3a:c6:27:44:50:96:05:39:e4:75:46:9a:db:fb:fb:
         09:a1:1b:3f:2d:1b:ea:ee:fc:8c:ff:85:6d:6c:f0:b0:e9:d1:
         16:df:66:2d:1f:0e:9e:6c:48:8a:26:18:fb:c4:40:fe:db:ee:
         a3:01:56:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5tOsrpS/LZDPOXyztZVDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWUwYWFlOTNlYjA1ZmY1ZDQyZGQ3MDE2ZjVkZWEzODFm
Yjg2NjAwHhcNMjUwMzA5MDcwMDU0WhcNMjUwMzEwMDcwMDU0WjAzMTEwLwYDVQQD
EygyNGU1YjlmZTQ5YzM5NzUwMTZlZjVlNzZmMDIyZWJmNzI3MjJiNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bw4GM5ksLLjDaKdl7rM3XDWe3uO
SQdj4EIDr8p2ajH8T9EcDfNzyvf3TeamES0lWhQ/r1kEu00Gx0T26YYrJKaucfnX
quj+j9whGKZbgma1wAlnIKNtaauTQFyMuptf946YOtVQwZFfednpBWtp33E8lxAZ
1e4oJqIycj0q2QK4xibYa/yE1VqXWYo6CszYK7tOdfe1elXNWH8+uV2jmF7u1qr8
zH7E9rn7lp1C/xSNQW0ZMWX8iYuHToOFVL1mcX2YTkeUZsRTHSgetlqx+k0N2Mm6
Zg6lxOFvQeHN4RyAvx1ddvtRm6sbrPrepdEr1LQMQOOKgloHCIzAQQC/6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTluf5Jw5dQFu9edvAi6/cnIrR6MB8GA1UdIwQY
MBaAFGAeCq6T6wX/XULdcBb13qOB+4ZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQt
ZjlmNjAxYzA2ODZlLzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQtZjlmNjAxYzA2ODZl
LzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAhm0Sebu
+b8H5Yxvfgq2nRkU2AmppL6r7BDNFyEIVUJYrMtYaaRFa/R/2crV/N4azXWyMEZ0
WW6heguOaY+4qWhD3bGnSEDRT9vfKFKiXAF/7gLHWsHTBw17QQmAOvFPn5qDnNk2
jOEvqo9GZxXZYSBCK6CP6JalZq3/EcKoX9d079I6zu4IIluR6WMAfudIqGPd+IQ8
y1qg/UM2Vs38yvVYegmTp2gxVM0R1+kRQ70rwjyC+By7HPj+8A1jXFGqFacMZjyT
J6eyOsYnRFCWBTnkdUaa2/v7CaEbPy0b6u78jP+FbWzwsOnRFt9mLR8OnmxIiiYY
+8RA/tvuowFW/w==
-----END CERTIFICATE-----