Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          5p67T+s+KeeDEo6lqEDIcz3PhhHUxgChmZi4J5cP6Jo=
Subject key identifier:   C0:34:3F:30:9B:48:F6:25:2D:9B:C4:95:14:73:81:92:74:7F:66:44
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       019752D8B632E0017BD24E5CEAC19D2CCAB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          0616
Signing time:             Mon 09 Jun 2025 04:00:23 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:23 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:23 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: 5IkymIeDqzJ8KkQ9VeaEywtfuQ323jsjj+Kl0sc4Zic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 04:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d8:b6:32:e0:01:7b:d2:4e:5c:ea:c1:9d:2c:ca:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Jun  9 04:00:23 2025 GMT
            Not After : Jun 10 04:00:23 2025 GMT
        Subject: CN=c0343f309b48f6252d9bc49514738192747f6644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:78:a2:e8:40:91:0d:92:a4:9f:ac:16:9a:10:
                    7d:54:55:ef:aa:12:de:50:e3:a1:60:44:ad:15:a3:
                    cf:76:e7:00:71:08:57:4b:3b:1d:1d:c0:dd:f5:37:
                    f1:7d:b8:d8:d5:28:15:5d:38:96:56:e8:aa:33:e1:
                    4d:c2:cb:31:57:bd:60:05:b2:ea:98:f5:e2:ef:ed:
                    b4:7d:2a:2d:4c:73:9d:3c:94:4b:97:43:6c:9b:7c:
                    da:54:0c:1f:f1:80:5a:9b:3a:1d:b0:bd:bf:6d:ba:
                    2b:d3:d5:75:28:43:6c:73:91:5c:44:a3:61:a7:79:
                    f3:2c:c8:cc:96:ec:49:f8:ef:13:c7:fc:ee:f4:96:
                    eb:52:cd:85:28:12:1a:d2:cb:a7:ae:c7:88:e2:76:
                    07:95:cd:70:72:c9:9e:91:54:45:7a:fd:27:95:d9:
                    2f:42:fb:07:6a:db:d1:14:af:b5:f7:f6:4e:3e:57:
                    d2:f9:b9:b6:f5:05:83:22:6b:20:0a:96:c1:63:c8:
                    aa:20:13:60:ab:5b:06:9c:32:37:a2:5f:52:e7:3c:
                    cd:22:04:45:b5:55:2b:bb:2f:16:38:a1:02:e1:ce:
                    25:25:f7:58:6c:d0:29:75:a8:a5:9e:2a:99:22:3e:
                    59:6c:68:77:25:a6:c7:ec:0e:9e:aa:9c:a2:0a:ea:
                    c6:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:34:3F:30:9B:48:F6:25:2D:9B:C4:95:14:73:81:92:74:7F:66:44
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:f5:dd:7d:07:4a:fc:0b:38:01:16:68:25:79:8f:13:f2:02:
         fa:d7:59:5d:f8:a3:77:ee:7d:aa:fa:85:47:a9:75:e4:4b:b8:
         d7:7c:3b:c3:c2:21:c7:13:f7:5c:ab:ab:3a:74:7b:59:41:e7:
         90:6b:0c:2d:e8:a0:1b:6d:84:b3:d8:df:2d:58:98:04:6a:6e:
         63:2e:00:6b:b5:ce:65:cc:08:e1:e8:b0:12:76:8d:99:f2:c2:
         e3:01:a6:40:1a:05:02:0b:f8:43:fc:b0:b7:ac:0b:d4:30:5c:
         53:44:44:f4:d0:e5:da:99:0d:6d:27:a3:98:71:91:e5:6b:fb:
         28:44:e8:ec:82:f3:13:ae:cc:47:79:fc:2c:89:59:1e:2b:68:
         ed:b4:14:65:86:d1:74:92:94:b3:54:df:23:30:94:d5:05:a7:
         9e:a8:e8:87:38:e6:1e:0a:f8:f1:ba:0d:81:52:d3:cb:3e:81:
         52:70:be:7b:42:14:05:df:a9:1d:82:1f:e4:17:94:97:77:a7:
         86:a2:13:f8:7c:57:f2:f5:09:a8:4d:ca:6d:b3:79:6f:66:28:
         81:06:cf:bb:a7:25:47:c4:6f:ad:87:22:4d:45:ad:bf:83:24:
         b4:90:d7:db:3c:b2:a3:9f:78:93:ad:ab:95:36:da:ed:6e:a5:
         08:08:f1:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2LYy4AF70k5c6sGdLMq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUwNjA5MDQwMDIzWhcNMjUwNjEwMDQwMDIzWjAzMTEwLwYDVQQD
EyhjMDM0M2YzMDliNDhmNjI1MmQ5YmM0OTUxNDczODE5Mjc0N2Y2NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXii6ECRDZKkn6wWmhB9VFXvqhLe
UOOhYEStFaPPducAcQhXSzsdHcDd9TfxfbjY1SgVXTiWVuiqM+FNwssxV71gBbLq
mPXi7+20fSotTHOdPJRLl0Nsm3zaVAwf8YBamzodsL2/bbor09V1KENsc5FcRKNh
p3nzLMjMluxJ+O8Tx/zu9JbrUs2FKBIa0sunrseI4nYHlc1wcsmekVRFev0nldkv
QvsHatvRFK+19/ZOPlfS+bm29QWDImsgCpbBY8iqIBNgq1sGnDI3ol9S5zzNIgRF
tVUruy8WOKEC4c4lJfdYbNApdailniqZIj5ZbGh3JabH7A6eqpyiCurGTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMA0PzCbSPYlLZvElRRzgZJ0f2ZEMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfXdfQdK
/As4ARZoJXmPE/IC+tdZXfijd+59qvqFR6l15Eu413w7w8IhxxP3XKurOnR7WUHn
kGsMLeigG22Es9jfLViYBGpuYy4Aa7XOZcwI4eiwEnaNmfLC4wGmQBoFAgv4Q/yw
t6wL1DBcU0RE9NDl2pkNbSejmHGR5Wv7KETo7ILzE67MR3n8LIlZHito7bQUZYbR
dJKUs1TfIzCU1QWnnqjohzjmHgr48boNgVLTyz6BUnC+e0IUBd+pHYIf5BeUl3en
hqIT+HxX8vUJqE3KbbN5b2YogQbPu6clR8RvrYciTUWtv4MktJDX2zyyo594k62r
lTba7W6lCAjx4g==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:45:16 2025 by rpki-client