Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          4ZP8xHEZWF4dcArTGvcoqy8n3yDmj7jXIPDH/gL3ksw=
Subject key identifier:   BD:D6:91:52:FB:65:6D:10:D5:AF:15:69:BF:C4:C7:27:06:3F:C1:A0
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       01976817686181DD65371AA64988B2004288
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          0621
Signing time:             Fri 13 Jun 2025 07:00:53 +0000
Manifest this update:     Fri 13 Jun 2025 07:00:53 +0000
Manifest next update:     Sat 14 Jun 2025 07:00:53 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: iLxV29ac+mOwMCWSmZidtytjFy6x/YLKxEp9lYOkDt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:17:68:61:81:dd:65:37:1a:a6:49:88:b2:00:42:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Jun 13 07:00:53 2025 GMT
            Not After : Jun 14 07:00:53 2025 GMT
        Subject: CN=bdd69152fb656d10d5af1569bfc4c727063fc1a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6b:64:ed:a5:c3:81:68:eb:96:cb:46:56:87:
                    58:28:dd:c6:a5:e1:a2:71:d0:32:92:18:1c:4f:b0:
                    fb:80:7a:1a:76:cd:5f:df:da:90:2b:d4:de:79:5d:
                    be:00:1a:8f:02:22:66:33:9c:46:c1:87:98:c7:38:
                    00:0f:6e:73:e5:5e:53:ae:5d:79:b9:40:e9:62:a2:
                    b2:d9:33:37:df:60:f4:1e:5a:3a:d4:a3:6d:b2:b7:
                    c7:b0:0b:bb:5b:52:53:be:f9:78:bf:00:31:31:96:
                    8b:9c:d2:7a:4d:6b:a5:c7:4a:77:f8:9f:fa:aa:b3:
                    5b:6e:d1:e3:00:42:19:9b:a4:8c:91:2d:af:92:da:
                    6f:63:33:7c:74:18:5e:9f:63:dc:20:d6:af:1b:67:
                    4f:05:af:b0:06:ec:76:ee:40:d0:b8:89:3c:62:04:
                    8e:aa:df:9b:d1:ae:d7:df:95:4a:45:78:a5:6c:ee:
                    48:68:55:a5:74:fb:01:87:76:03:63:6d:53:8f:85:
                    69:03:44:ae:1e:3f:b5:f5:44:b6:35:7e:29:66:95:
                    9f:7a:43:b9:62:20:66:2d:bd:9a:55:1a:51:a4:e1:
                    8b:2a:6e:d4:7d:94:ad:75:7b:96:3f:e4:5f:a5:01:
                    e1:72:3c:ff:42:32:b4:6d:6d:df:3a:0e:42:b7:ad:
                    0e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:D6:91:52:FB:65:6D:10:D5:AF:15:69:BF:C4:C7:27:06:3F:C1:A0
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:b8:33:08:33:2c:a1:b7:be:0c:14:dd:ad:80:d1:00:74:16:
         eb:a9:73:7e:95:52:33:8c:39:16:36:c1:55:69:29:42:44:67:
         44:40:1f:e9:86:e1:2e:a5:8f:26:5a:17:8b:44:02:ce:b7:21:
         be:c5:40:2e:66:58:a9:b9:6b:51:ff:b6:75:ce:f0:29:17:55:
         25:27:bc:8c:aa:97:15:8a:a4:28:fd:1b:1b:54:c5:cd:0f:88:
         80:70:9e:5c:d5:e3:f4:f9:d1:af:3f:a6:a8:33:b7:30:b6:a0:
         3f:72:42:da:ca:a9:bc:2b:e3:f1:9a:7c:b7:15:cb:10:c4:83:
         e8:8d:e8:34:4e:64:e6:4c:20:2e:03:11:39:41:f4:1d:67:2c:
         75:ca:dc:77:09:6c:06:8a:ef:d8:7a:78:4e:63:92:26:8b:23:
         d4:89:8c:ae:37:89:e1:e9:50:fb:0d:7c:f2:c0:4f:08:dc:a5:
         b3:43:51:0c:28:5c:11:62:59:6d:08:68:d0:7e:98:f9:96:68:
         e5:ac:ad:9a:cf:a9:15:d5:21:df:da:2c:d9:59:05:92:b4:de:
         8f:28:1c:35:4c:fc:1b:cd:af:f2:7f:5f:6a:74:58:a3:56:4a:
         ae:f7:73:af:dc:ae:f5:58:d6:44:f0:e1:e7:0e:10:20:ef:2a:
         31:ed:74:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoF2hhgd1lNxqmSYiyAEKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUwNjEzMDcwMDUzWhcNMjUwNjE0MDcwMDUzWjAzMTEwLwYDVQQD
EyhiZGQ2OTE1MmZiNjU2ZDEwZDVhZjE1NjliZmM0YzcyNzA2M2ZjMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mtk7aXDgWjrlstGVodYKN3GpeGi
cdAykhgcT7D7gHoads1f39qQK9TeeV2+ABqPAiJmM5xGwYeYxzgAD25z5V5Trl15
uUDpYqKy2TM332D0Hlo61KNtsrfHsAu7W1JTvvl4vwAxMZaLnNJ6TWulx0p3+J/6
qrNbbtHjAEIZm6SMkS2vktpvYzN8dBhen2PcINavG2dPBa+wBux27kDQuIk8YgSO
qt+b0a7X35VKRXilbO5IaFWldPsBh3YDY21Tj4VpA0SuHj+19US2NX4pZpWfekO5
YiBmLb2aVRpRpOGLKm7UfZStdXuWP+RfpQHhcjz/QjK0bW3fOg5Ct60OOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3WkVL7ZW0Q1a8Vab/ExycGP8GgMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbgzCDMs
obe+DBTdrYDRAHQW66lzfpVSM4w5FjbBVWkpQkRnREAf6YbhLqWPJloXi0QCzrch
vsVALmZYqblrUf+2dc7wKRdVJSe8jKqXFYqkKP0bG1TFzQ+IgHCeXNXj9PnRrz+m
qDO3MLagP3JC2sqpvCvj8Zp8txXLEMSD6I3oNE5k5kwgLgMROUH0HWcsdcrcdwls
Borv2Hp4TmOSJosj1ImMrjeJ4elQ+w188sBPCNyls0NRDChcEWJZbQho0H6Y+ZZo
5aytms+pFdUh39os2VkFkrTejygcNUz8G82v8n9fanRYo1ZKrvdzr9yu9VjWRPDh
5w4QIO8qMe10dg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:33:36 2025 by rpki-client