Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          Cj9m1xW9HlSduSMnMVbc0BENnRnnMKGB1wpEIkOLnQk=
Subject key identifier:   DB:4E:74:51:71:8A:E0:B4:01:67:22:63:EA:62:52:83:DA:1A:4D:5D
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       019758A3DCC147C356C7483BD5ACDB96789E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          0619
Signing time:             Tue 10 Jun 2025 07:00:23 +0000
Manifest this update:     Tue 10 Jun 2025 07:00:23 +0000
Manifest next update:     Wed 11 Jun 2025 07:00:23 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: vmdKLWc7vYXJhVcfFqL/dxT/5EnrDv2SlADZNcQdeSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a3:dc:c1:47:c3:56:c7:48:3b:d5:ac:db:96:78:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Jun 10 07:00:23 2025 GMT
            Not After : Jun 11 07:00:23 2025 GMT
        Subject: CN=db4e7451718ae0b401672263ea625283da1a4d5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d0:20:6c:8f:83:b1:86:d7:ff:93:a5:6a:dd:
                    bf:99:38:71:ae:2d:5a:ba:58:95:42:a0:c4:f9:1c:
                    30:fb:de:b6:e7:34:f5:e3:a7:6a:b8:7c:97:e3:4d:
                    7a:74:63:06:88:ff:b4:70:d1:5c:52:47:0f:14:d1:
                    77:94:46:db:04:b9:86:32:a3:30:ce:38:c9:19:b0:
                    91:a9:cb:8d:0a:d5:4a:18:5d:ac:91:e1:e5:dd:34:
                    66:28:49:b6:2f:4a:aa:24:81:aa:19:42:36:6f:e0:
                    34:05:ac:ab:bd:f4:29:42:d7:55:23:49:6d:68:32:
                    66:c2:db:f1:6d:10:bc:77:8f:73:82:19:46:66:f3:
                    57:bf:77:6f:66:65:83:c7:eb:a9:fc:dd:61:29:f7:
                    c7:9c:c0:ba:ec:39:0e:2a:93:89:52:72:68:63:0c:
                    60:eb:8c:8c:7b:b9:32:1f:1b:e0:42:39:e3:cf:c5:
                    94:e6:d0:84:08:75:e6:26:f1:c1:5e:88:e8:2c:14:
                    55:73:a4:44:fd:00:5b:02:42:b3:95:24:66:f8:81:
                    c3:35:10:52:38:c1:c9:d6:69:fc:6e:00:94:e4:ad:
                    54:79:53:7d:cd:07:29:0e:8f:f3:8d:20:5a:4a:06:
                    b4:a8:27:e3:bc:50:80:ad:41:7b:b8:ea:5c:ed:ac:
                    c4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:4E:74:51:71:8A:E0:B4:01:67:22:63:EA:62:52:83:DA:1A:4D:5D
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:48:83:9f:82:76:ef:a5:10:69:ad:73:a2:43:52:65:48:e2:
         5e:18:81:c1:bb:79:20:50:54:52:ab:13:9d:07:1c:bc:3c:19:
         39:32:3a:57:f6:09:69:7f:70:bd:6b:15:6f:5c:c5:d6:c2:f6:
         55:df:e3:d0:f6:f0:95:b1:04:8d:94:06:36:5a:98:b6:ca:e4:
         a1:86:c5:9d:76:93:51:7b:ba:64:55:33:29:05:a0:00:9b:e9:
         28:f1:eb:23:9f:00:99:94:d8:3e:13:0c:08:c3:e3:b6:cd:fd:
         42:04:34:25:91:70:03:d9:8a:a1:97:81:bb:89:75:5b:ec:11:
         d0:2b:30:0d:7c:f9:0e:c7:da:b1:fc:cb:8c:3c:97:d0:99:a6:
         3c:a0:47:9b:12:36:65:05:6d:b9:f8:48:9d:93:6c:ee:34:2d:
         d6:a7:c2:fc:a4:1d:c6:55:93:2a:02:8b:11:f3:52:e2:a2:fa:
         e2:28:5e:61:bb:49:1c:1c:f0:52:28:d5:07:28:f9:62:4c:a3:
         89:00:63:30:05:f6:29:a0:c9:bd:f5:61:00:41:3d:2e:c4:54:
         bd:b5:9c:62:32:1d:1b:be:44:95:7b:4b:6a:fe:25:b9:1c:ba:
         3e:a3:b0:66:5e:66:81:96:1e:09:57:3d:1d:83:8c:47:46:30:
         52:c7:ec:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYo9zBR8NWx0g71azblnieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUwNjEwMDcwMDIzWhcNMjUwNjExMDcwMDIzWjAzMTEwLwYDVQQD
EyhkYjRlNzQ1MTcxOGFlMGI0MDE2NzIyNjNlYTYyNTI4M2RhMWE0ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dAgbI+DsYbX/5Olat2/mThxri1a
uliVQqDE+Rww+9625zT146dquHyX4016dGMGiP+0cNFcUkcPFNF3lEbbBLmGMqMw
zjjJGbCRqcuNCtVKGF2skeHl3TRmKEm2L0qqJIGqGUI2b+A0BayrvfQpQtdVI0lt
aDJmwtvxbRC8d49zghlGZvNXv3dvZmWDx+up/N1hKffHnMC67DkOKpOJUnJoYwxg
64yMe7kyHxvgQjnjz8WU5tCECHXmJvHBXojoLBRVc6RE/QBbAkKzlSRm+IHDNRBS
OMHJ1mn8bgCU5K1UeVN9zQcpDo/zjSBaSga0qCfjvFCArUF7uOpc7azE/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtOdFFxiuC0AWciY+piUoPaGk1dMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEiDn4J2
76UQaa1zokNSZUjiXhiBwbt5IFBUUqsTnQccvDwZOTI6V/YJaX9wvWsVb1zF1sL2
Vd/j0PbwlbEEjZQGNlqYtsrkoYbFnXaTUXu6ZFUzKQWgAJvpKPHrI58AmZTYPhMM
CMPjts39QgQ0JZFwA9mKoZeBu4l1W+wR0CswDXz5DsfasfzLjDyX0JmmPKBHmxI2
ZQVtufhInZNs7jQt1qfC/KQdxlWTKgKLEfNS4qL64iheYbtJHBzwUijVByj5Ykyj
iQBjMAX2KaDJvfVhAEE9LsRUvbWcYjIdG75ElXtLav4luRy6PqOwZl5mgZYeCVc9
HYOMR0YwUsfs7w==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:55:32 2025 by rpki-client