Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          da5qXaz1B+WP6WK8KG2JMOx/ptascY6QBwtTcH/AZaE=
Subject key identifier:   1D:EA:C1:92:9D:65:11:11:74:D0:69:98:68:DF:7C:A9:80:14:16:68
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       01976C2A943D25AE60EBEBB791644D651419
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          151D
Signing time:             Sat 14 Jun 2025 02:00:19 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:19 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:19 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: 4eWsVOacykRiuEoAzkWiO4fDTjEgrfpwoiVWlG5CFCY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:94:3d:25:ae:60:eb:eb:b7:91:64:4d:65:14:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Jun 14 02:00:19 2025 GMT
            Not After : Jun 15 02:00:19 2025 GMT
        Subject: CN=1deac1929d65111174d0699868df7ca980141668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a3:3b:62:f2:c1:59:53:af:7f:5c:36:13:bf:
                    10:22:9f:fe:88:ac:87:4f:c6:fa:7f:c1:b7:90:d4:
                    05:5c:07:b6:18:94:e5:96:f6:a2:df:69:6c:24:89:
                    5d:ba:06:df:2c:6b:f1:79:ab:19:a4:3f:8c:7f:33:
                    10:91:16:0e:33:87:a1:d4:ad:0d:06:ff:37:bd:47:
                    64:f4:1e:1d:00:56:0b:c4:f2:23:20:1d:d6:62:e2:
                    c5:44:51:2a:f4:12:8e:44:8e:ba:68:b5:a5:c8:b3:
                    68:c7:50:45:e4:64:c2:81:55:ad:17:a5:79:7f:d1:
                    92:a6:80:15:9c:b5:f5:ff:67:a8:1a:c2:4c:2f:dc:
                    c0:7f:75:35:c8:14:73:e5:7f:4c:aa:e0:2d:65:e6:
                    34:d5:7b:06:22:a8:b9:b8:c9:b9:ef:38:74:4b:58:
                    be:80:04:74:5c:1e:02:4a:8c:46:5a:4d:1b:55:ff:
                    62:e5:c9:05:dd:24:75:fd:ab:b8:e9:5d:61:58:3a:
                    bb:17:44:ae:67:f6:27:0a:ad:fe:39:1b:f3:27:25:
                    fd:24:f9:23:0b:cb:d9:cb:8c:ae:62:42:76:db:bc:
                    44:5c:a0:d2:e2:9c:b2:fb:99:75:59:6e:3f:59:7b:
                    c0:88:bd:5f:2c:ac:08:aa:7b:88:bf:12:58:17:40:
                    ed:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EA:C1:92:9D:65:11:11:74:D0:69:98:68:DF:7C:A9:80:14:16:68
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:03:c1:c0:c0:d5:90:9b:45:1d:22:8e:24:1d:d7:e2:13:18:
         1e:06:98:91:5f:7d:31:51:38:2e:95:ac:5e:a4:81:a9:a7:2c:
         28:3e:2a:a3:4f:35:c2:00:d4:ee:b3:d7:45:c7:c2:d5:c8:29:
         65:2a:8b:99:89:0d:34:30:18:82:d8:98:4a:f0:79:3b:dc:22:
         69:31:d0:31:c3:1f:6d:d7:83:8b:1f:f9:75:20:ee:b3:39:e7:
         fc:f4:2e:23:a4:8a:85:13:3a:aa:2e:34:81:e7:c6:62:c2:da:
         9c:04:91:52:78:8b:79:00:95:0a:d2:a3:4f:05:f3:3c:71:8c:
         26:3a:ad:41:83:cf:22:e8:d0:88:ea:37:f1:1b:06:1f:f4:ec:
         a0:29:58:6a:af:c8:13:4c:1d:95:cb:03:4a:bb:d0:d1:bc:9a:
         30:45:f8:2a:d9:43:97:7f:a9:c8:13:a8:94:7d:b8:32:dc:4a:
         00:2c:df:2e:de:92:e1:47:a4:32:3d:ef:56:a4:5c:de:1f:e3:
         8b:91:85:b3:05:f5:28:57:3e:1f:e3:e5:2a:00:ee:cc:f9:6e:
         4e:b4:c0:40:9e:08:df:b1:b1:78:72:20:75:cb:61:dc:f9:47:
         05:33:95:6d:f2:77:81:4a:7e:39:29:07:15:ee:70:76:ab:c6:
         ad:cb:c1:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKpQ9Ja5g6+u3kWRNZRQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwNjE0MDIwMDE5WhcNMjUwNjE1MDIwMDE5WjAzMTEwLwYDVQQD
EygxZGVhYzE5MjlkNjUxMTExNzRkMDY5OTg2OGRmN2NhOTgwMTQxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqM7YvLBWVOvf1w2E78QIp/+iKyH
T8b6f8G3kNQFXAe2GJTllvai32lsJIldugbfLGvxeasZpD+MfzMQkRYOM4eh1K0N
Bv83vUdk9B4dAFYLxPIjIB3WYuLFRFEq9BKORI66aLWlyLNox1BF5GTCgVWtF6V5
f9GSpoAVnLX1/2eoGsJML9zAf3U1yBRz5X9MquAtZeY01XsGIqi5uMm57zh0S1i+
gAR0XB4CSoxGWk0bVf9i5ckF3SR1/au46V1hWDq7F0SuZ/YnCq3+ORvzJyX9JPkj
C8vZy4yuYkJ227xEXKDS4pyy+5l1WW4/WXvAiL1fLKwIqnuIvxJYF0DtuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3qwZKdZRERdNBpmGjffKmAFBZoMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfAPBwMDV
kJtFHSKOJB3X4hMYHgaYkV99MVE4LpWsXqSBqacsKD4qo081wgDU7rPXRcfC1cgp
ZSqLmYkNNDAYgtiYSvB5O9wiaTHQMcMfbdeDix/5dSDusznn/PQuI6SKhRM6qi40
gefGYsLanASRUniLeQCVCtKjTwXzPHGMJjqtQYPPIujQiOo38RsGH/TsoClYaq/I
E0wdlcsDSrvQ0byaMEX4KtlDl3+pyBOolH24MtxKACzfLt6S4UekMj3vVqRc3h/j
i5GFswX1KFc+H+PlKgDuzPluTrTAQJ4I37GxeHIgdcth3PlHBTOVbfJ3gUp+OSkH
Fe5wdqvGrcvBTw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:08:43 2025 by rpki-client