Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
File:                     YsTHQ9XCr88n8QTrbgMWEWyFx94.mft (raw, json)
Hash identifier:          CE5Gu3gGtD5PHANn1FGmhVPIltJPsztUeEje7d+3suY=
Subject key identifier:   10:E9:9D:28:17:F3:99:93:94:62:59:96:29:9C:F7:59:A3:F4:47:36
Authority key identifier: 62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE
Certificate issuer:       /CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
Certificate serial:       019760CB45BF2114D029D77CC4481EC2B0F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
Manifest number:          0B54
Signing time:             Wed 11 Jun 2025 21:00:23 +0000
Manifest this update:     Wed 11 Jun 2025 21:00:23 +0000
Manifest next update:     Thu 12 Jun 2025 21:00:23 +0000
Files and hashes:         1: O5Qp4JElVe0um1Rnuz-9xQyVCpc.roa (hash: 73YKFKe5WyNrwSKLy76+GejDIV4ldqnve1bMw3FlzZM=)
                          2: YsTHQ9XCr88n8QTrbgMWEWyFx94.crl (hash: kEUrwL+DYVwV16AqqYmtdKE12yn3hSSPWdHiYgLZpGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:cb:45:bf:21:14:d0:29:d7:7c:c4:48:1e:c2:b0:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de
        Validity
            Not Before: Jun 11 21:00:23 2025 GMT
            Not After : Jun 12 21:00:23 2025 GMT
        Subject: CN=10e99d2817f3999394625996299cf759a3f44736
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2c:f3:73:6b:fe:5e:02:ae:a8:71:c0:aa:4a:
                    68:22:8f:48:63:60:a8:5f:79:2a:0d:20:96:42:ce:
                    a2:2f:a5:e7:76:72:cb:ee:2b:45:fc:2a:c4:88:32:
                    5b:90:c4:69:12:5f:bb:2d:5c:14:23:3a:dc:22:95:
                    de:83:6a:80:fe:65:3a:8f:40:d5:43:dd:e2:aa:4b:
                    46:5f:49:70:0d:32:5e:cc:6c:6e:fc:95:05:c0:a3:
                    cf:0e:ec:d6:27:34:ad:06:35:13:e7:f7:05:b8:4f:
                    2d:dd:c6:e0:d7:60:78:34:9d:2d:a6:43:51:66:94:
                    42:c4:9d:41:03:56:17:b4:01:cb:cf:43:66:68:f7:
                    6f:04:44:52:3f:75:d8:2a:cc:79:2f:89:4c:8d:d3:
                    c1:8c:79:55:fa:63:d6:a3:bc:c4:2f:ed:d8:46:7a:
                    ff:83:14:b3:57:42:c5:0f:a0:15:ac:78:cf:71:07:
                    92:48:3f:61:7d:b3:e0:60:19:ea:16:d8:1f:31:d5:
                    70:13:a2:d6:31:d7:a3:0d:cf:9c:25:2f:11:02:e3:
                    b6:3d:44:e7:b9:b5:c2:5f:af:f1:57:5a:64:b9:09:
                    80:c1:3b:a2:c9:db:37:67:ca:5f:fb:16:cd:cd:69:
                    88:e8:6d:61:77:c3:fd:a6:15:33:26:6f:b3:f7:80:
                    77:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:E9:9D:28:17:F3:99:93:94:62:59:96:29:9C:F7:59:A3:F4:47:36
            X509v3 Authority Key Identifier:
                keyid:62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:3d:c2:be:a0:55:e2:c7:e9:1d:78:aa:4c:5d:41:bf:7a:49:
         34:1d:5d:f0:6e:a7:ec:5c:2b:34:ed:19:a7:02:2a:79:cb:8e:
         6e:9a:8d:71:dc:70:1f:5c:d7:62:29:68:2e:21:9d:2f:dd:31:
         3a:bd:be:85:91:7a:54:a2:e6:38:ea:37:a8:af:0d:a9:4c:79:
         11:b6:24:a7:99:b8:6b:6e:e9:8c:70:a7:1f:b2:78:d1:0c:05:
         58:9b:f2:16:89:21:59:b7:1d:fa:00:ea:21:cb:01:49:43:a6:
         06:e9:a6:5e:7c:a9:85:89:ee:05:e1:3b:da:00:13:9f:4c:e5:
         77:7d:01:93:e4:af:0b:cd:2a:3e:c5:af:78:39:30:08:e0:42:
         90:bc:47:71:1e:85:7f:71:49:67:b2:37:f2:a0:20:8d:3d:14:
         5e:a9:03:b9:c0:d3:3f:89:bb:7e:52:5d:12:5d:45:a6:dd:5c:
         75:30:61:ee:bf:6c:16:00:70:f4:6e:20:94:6a:7a:3c:d4:c0:
         2b:77:28:96:fc:80:77:58:09:0f:36:65:d7:ed:cc:db:2f:ad:
         ba:8a:c6:9e:f1:8d:00:4b:5a:4a:c7:93:6e:35:b5:a8:d7:ad:
         d1:51:73:0a:08:bd:c4:9e:d0:68:c2:f1:8f:91:04:85:b1:f2:
         d7:fb:08:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy0W/IRTQKdd8xEgewrD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzRjNzQzZDVjMmFmY2YyN2YxMDRlYjZlMDMxNjExNmM4
NWM3ZGUwHhcNMjUwNjExMjEwMDIzWhcNMjUwNjEyMjEwMDIzWjAzMTEwLwYDVQQD
EygxMGU5OWQyODE3ZjM5OTkzOTQ2MjU5OTYyOTljZjc1OWEzZjQ0NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCzzc2v+XgKuqHHAqkpoIo9IY2Co
X3kqDSCWQs6iL6XndnLL7itF/CrEiDJbkMRpEl+7LVwUIzrcIpXeg2qA/mU6j0DV
Q93iqktGX0lwDTJezGxu/JUFwKPPDuzWJzStBjUT5/cFuE8t3cbg12B4NJ0tpkNR
ZpRCxJ1BA1YXtAHLz0NmaPdvBERSP3XYKsx5L4lMjdPBjHlV+mPWo7zEL+3YRnr/
gxSzV0LFD6AVrHjPcQeSSD9hfbPgYBnqFtgfMdVwE6LWMdejDc+cJS8RAuO2PUTn
ubXCX6/xV1pkuQmAwTuiyds3Z8pf+xbNzWmI6G1hd8P9phUzJm+z94B34wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDpnSgX85mTlGJZlimc91mj9Ec2MB8GA1UdIwQY
MBaAFGLEx0PVwq/PJ/EE624DFhFshcfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUt
ZGUzNTJhOTJmNmJhLzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUtZGUzNTJhOTJmNmJh
LzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqz3CvqBV
4sfpHXiqTF1Bv3pJNB1d8G6n7FwrNO0ZpwIqecuObpqNcdxwH1zXYiloLiGdL90x
Or2+hZF6VKLmOOo3qK8NqUx5EbYkp5m4a27pjHCnH7J40QwFWJvyFokhWbcd+gDq
IcsBSUOmBummXnyphYnuBeE72gATn0zld30Bk+SvC80qPsWveDkwCOBCkLxHcR6F
f3FJZ7I38qAgjT0UXqkDucDTP4m7flJdEl1Fpt1cdTBh7r9sFgBw9G4glGp6PNTA
K3colvyAd1gJDzZl1+3M2y+tuorGnvGNAEtaSseTbjW1qNet0VFzCgi9xJ7QaMLx
j5EEhbHy1/sI6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 01:32:07 2025 by rpki-client