Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          t+NtRyN07Mb7Il1amg3eEpPSCL9sMb9VjLBK4wuvD08=
Subject key identifier:   AE:CC:BE:5D:54:5A:18:D8:7F:9D:89:9D:1E:44:E0:39:2A:6A:0A:A0
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       0199228CCEB61388AA2D9B8D26411F2BC4F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 05:01:17 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:17 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:17 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: AmDH2CcUmqWEi7CjtLgzAEXoahqQmzwrr0v+E9mYycc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:ce:b6:13:88:aa:2d:9b:8d:26:41:1f:2b:c4:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Sep  7 05:01:17 2025 GMT
            Not After : Sep  8 05:01:17 2025 GMT
        Subject: CN=aeccbe5d545a18d87f9d899d1e44e0392a6a0aa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8f:f2:f5:0d:57:8f:d6:31:c4:3b:14:88:51:
                    2b:8f:e7:3b:e0:a4:a7:3c:f4:64:d4:6b:d7:13:ec:
                    06:34:cc:e9:5d:f9:40:dc:97:16:1d:e5:0c:a1:9c:
                    c9:c1:cb:d5:98:a2:18:b9:2e:a2:20:47:85:27:ce:
                    1d:b0:90:66:d6:e7:c9:07:c7:dd:3d:b6:41:6e:9f:
                    e7:f0:88:f2:e0:ba:74:46:4e:13:4e:b7:8f:fd:a2:
                    7f:7f:53:c8:50:f6:7a:71:2a:d2:bf:bb:cd:69:a6:
                    fe:45:66:08:12:02:31:17:4b:fb:e6:fe:02:14:10:
                    4f:f2:5c:6a:66:a3:f7:c1:c9:fb:49:f4:45:6b:ad:
                    81:43:33:d4:2e:6d:30:a0:6c:d5:b4:63:f2:ed:c4:
                    52:d9:87:fa:cd:3e:09:93:06:4c:04:54:15:71:d6:
                    f2:9a:67:9b:fe:5b:54:8b:aa:47:e0:c7:15:c8:e6:
                    f3:8e:a9:8e:02:76:c3:fb:5c:72:7f:f3:a0:5f:22:
                    c3:ff:cd:95:c0:72:80:39:d4:16:4a:58:6e:1c:38:
                    88:2e:78:65:c4:21:6d:bf:52:d8:ab:99:3e:39:08:
                    48:13:43:b7:a7:00:a0:4b:55:61:94:44:c5:38:f6:
                    f8:72:da:06:a7:86:80:9b:2f:6b:d7:43:9b:79:d0:
                    c4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CC:BE:5D:54:5A:18:D8:7F:9D:89:9D:1E:44:E0:39:2A:6A:0A:A0
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d6:53:1a:df:11:b8:55:e0:d0:09:39:6c:06:46:c6:b8:12:
         4f:23:53:eb:42:74:08:38:ea:65:fd:13:7f:dc:6f:35:c0:44:
         c3:b0:5f:f7:79:d9:d5:5d:2b:d4:be:1a:6f:5b:0c:dd:c4:63:
         8f:51:50:34:65:ad:e7:1b:d4:40:89:5d:6a:6d:ee:86:48:b1:
         5e:58:7b:62:26:aa:c4:5f:58:b3:ac:df:7a:ad:15:50:e8:fe:
         83:c7:1a:a8:31:2c:f8:9d:b5:e7:43:bc:77:c5:90:a1:a4:74:
         28:e3:00:96:d7:69:ea:9a:de:84:6f:47:33:10:bc:d1:e0:22:
         6c:9e:21:02:52:b0:50:d3:37:6b:a8:7b:20:fd:00:0a:31:b4:
         30:08:84:99:7d:04:ee:d1:a4:58:80:96:f5:64:08:3a:7e:34:
         22:28:0b:89:0d:26:e6:ee:69:c8:60:28:36:a6:3e:ac:bc:56:
         8b:8c:b8:54:55:76:28:a1:ed:05:e5:31:72:78:2d:20:ad:4e:
         95:01:01:f4:e3:33:d8:64:c6:8e:6b:fb:ad:78:7a:d2:01:96:
         a9:57:07:40:bc:12:a6:8c:b8:7f:33:64:51:b0:29:69:a7:54:
         1c:3d:e3:76:d4:11:22:55:5e:da:60:02:dc:48:dd:57:9e:95:
         f6:1b:23:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijM62E4iqLZuNJkEfK8TwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUwOTA3MDUwMTE3WhcNMjUwOTA4MDUwMTE3WjAzMTEwLwYDVQQD
EyhhZWNjYmU1ZDU0NWExOGQ4N2Y5ZDg5OWQxZTQ0ZTAzOTJhNmEwYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY/y9Q1Xj9YxxDsUiFErj+c74KSn
PPRk1GvXE+wGNMzpXflA3JcWHeUMoZzJwcvVmKIYuS6iIEeFJ84dsJBm1ufJB8fd
PbZBbp/n8Ijy4Lp0Rk4TTreP/aJ/f1PIUPZ6cSrSv7vNaab+RWYIEgIxF0v75v4C
FBBP8lxqZqP3wcn7SfRFa62BQzPULm0woGzVtGPy7cRS2Yf6zT4JkwZMBFQVcdby
mmeb/ltUi6pH4McVyObzjqmOAnbD+1xyf/OgXyLD/82VwHKAOdQWSlhuHDiILnhl
xCFtv1LYq5k+OQhIE0O3pwCgS1VhlETFOPb4ctoGp4aAmy9r10ObedDEuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7Mvl1UWhjYf52JnR5E4DkqagqgMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtZTGt8R
uFXg0Ak5bAZGxrgSTyNT60J0CDjqZf0Tf9xvNcBEw7Bf93nZ1V0r1L4ab1sM3cRj
j1FQNGWt5xvUQIldam3uhkixXlh7YiaqxF9Ys6zfeq0VUOj+g8caqDEs+J2150O8
d8WQoaR0KOMAltdp6prehG9HMxC80eAibJ4hAlKwUNM3a6h7IP0ACjG0MAiEmX0E
7tGkWICW9WQIOn40IigLiQ0m5u5pyGAoNqY+rLxWi4y4VFV2KKHtBeUxcngtIK1O
lQEB9OMz2GTGjmv7rXh60gGWqVcHQLwSpoy4fzNkUbApaadUHD3jdtQRIlVe2mAC
3EjdV56V9hsjfA==
-----END CERTIFICATE-----