Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          kXiTBMiT3DxhyATyrcwdrdCLRtIrX4TfbipSiTUPqXY=
Subject key identifier:   30:92:70:D3:5A:F7:AB:C4:88:EB:40:E1:B9:B9:CC:84:9E:1F:CE:28
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       0197665FEEF5A8146AABCE7B03E2BB95EEC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          151A
Signing time:             Thu 12 Jun 2025 23:00:52 +0000
Manifest this update:     Thu 12 Jun 2025 23:00:52 +0000
Manifest next update:     Fri 13 Jun 2025 23:00:52 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: uDHy4EvS/ntxQZaSYQIuttk5O5xYW30KKN09ZR5yjLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:5f:ee:f5:a8:14:6a:ab:ce:7b:03:e2:bb:95:ee:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Jun 12 23:00:52 2025 GMT
            Not After : Jun 13 23:00:52 2025 GMT
        Subject: CN=309270d35af7abc488eb40e1b9b9cc849e1fce28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:62:df:79:f6:6a:25:e9:be:9b:44:3b:64:ee:
                    5f:f7:bd:2a:be:83:10:26:fc:d0:b7:c9:15:07:e1:
                    71:95:a8:52:db:3b:70:5e:18:98:6c:86:0f:65:2e:
                    97:a6:76:61:69:c3:65:84:f5:a0:60:fe:8a:f4:4f:
                    c1:aa:9c:b9:d5:a5:a3:02:fc:2f:d0:70:db:c7:4c:
                    39:8c:55:50:58:d4:98:b7:6e:c6:8e:a4:d6:4a:3d:
                    67:c5:85:fa:02:15:99:8e:d0:c7:72:fe:4d:d1:e6:
                    a9:28:4c:01:8d:a7:fe:e0:8c:f9:fc:30:b8:72:dd:
                    a4:18:67:8e:1c:17:5d:d7:82:81:50:60:64:79:0b:
                    51:eb:9f:c5:0b:75:f3:c2:b4:14:7c:e7:ea:60:ae:
                    3b:fa:cd:c7:a8:c6:30:5f:05:d9:53:de:33:7c:e6:
                    86:96:92:ba:a6:cb:a1:b7:55:6a:37:e0:f8:86:90:
                    23:79:06:7a:f9:1a:16:4b:2b:ab:5b:e6:21:a1:10:
                    ef:54:27:6a:8b:75:2b:30:c5:44:10:a9:43:19:25:
                    38:21:d3:5c:6d:b0:28:7d:49:cb:3f:2a:24:c3:fb:
                    8c:d6:01:9a:2f:63:04:d8:5c:7c:de:9a:4e:9c:b9:
                    0e:1c:08:3e:a4:67:63:f3:15:1a:8b:d1:16:13:07:
                    2b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:92:70:D3:5A:F7:AB:C4:88:EB:40:E1:B9:B9:CC:84:9E:1F:CE:28
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:e2:82:be:b3:7e:33:23:69:74:ec:63:ee:9b:da:2c:f1:24:
         87:09:e6:15:26:6a:ca:0d:fb:e3:93:5c:f7:6c:53:19:fa:06:
         de:16:8d:d2:7c:4e:eb:79:a1:1f:e3:0f:7b:bd:db:e2:8e:b4:
         9f:ce:42:11:75:c6:a5:90:35:fb:c2:f5:3a:f1:ba:e6:f8:33:
         5d:11:53:c5:d1:a4:50:66:05:ba:65:e7:b0:84:66:fa:d9:6a:
         d4:47:4a:23:6e:d7:1d:ef:48:7f:b1:a8:7e:a8:a8:0b:72:31:
         69:0c:fd:7a:1f:9f:f3:7a:2d:1a:f0:65:fe:fe:3f:40:f0:43:
         c8:de:c2:59:2b:e1:a4:06:4a:71:13:3a:8f:0f:ef:a9:2b:60:
         4a:47:56:50:00:99:64:62:5e:b8:b3:72:7f:f8:71:51:62:98:
         b3:ac:93:e9:56:bd:4b:07:2f:4d:4e:1c:60:78:a9:3e:dc:a3:
         45:a1:43:16:39:a4:56:21:e3:05:bc:99:c2:26:e1:36:b3:fa:
         16:14:c7:c3:9a:c1:09:82:04:93:03:06:86:78:4e:a0:89:01:
         a8:0d:a5:a9:44:0a:91:cd:94:22:07:75:bc:5e:f8:5a:a7:a0:
         d2:5b:6d:d0:a4:20:ca:22:c8:ce:2b:ae:8c:a8:8e:1c:23:60:
         61:5d:0c:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmX+71qBRqq857A+K7le7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwNjEyMjMwMDUyWhcNMjUwNjEzMjMwMDUyWjAzMTEwLwYDVQQD
EygzMDkyNzBkMzVhZjdhYmM0ODhlYjQwZTFiOWI5Y2M4NDllMWZjZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmLfefZqJem+m0Q7ZO5f970qvoMQ
JvzQt8kVB+FxlahS2ztwXhiYbIYPZS6XpnZhacNlhPWgYP6K9E/Bqpy51aWjAvwv
0HDbx0w5jFVQWNSYt27GjqTWSj1nxYX6AhWZjtDHcv5N0eapKEwBjaf+4Iz5/DC4
ct2kGGeOHBdd14KBUGBkeQtR65/FC3XzwrQUfOfqYK47+s3HqMYwXwXZU94zfOaG
lpK6psuht1VqN+D4hpAjeQZ6+RoWSyurW+YhoRDvVCdqi3UrMMVEEKlDGSU4IdNc
bbAofUnLPyokw/uM1gGaL2ME2Fx83ppOnLkOHAg+pGdj8xUai9EWEwcrrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCScNNa96vEiOtA4bm5zISeH84oMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGeKCvrN+
MyNpdOxj7pvaLPEkhwnmFSZqyg3745Nc92xTGfoG3haN0nxO63mhH+MPe73b4o60
n85CEXXGpZA1+8L1OvG65vgzXRFTxdGkUGYFumXnsIRm+tlq1EdKI27XHe9If7Go
fqioC3IxaQz9eh+f83otGvBl/v4/QPBDyN7CWSvhpAZKcRM6jw/vqStgSkdWUACZ
ZGJeuLNyf/hxUWKYs6yT6Va9SwcvTU4cYHipPtyjRaFDFjmkViHjBbyZwibhNrP6
FhTHw5rBCYIEkwMGhnhOoIkBqA2lqUQKkc2UIgd1vF74Wqeg0ltt0KQgyiLIziuu
jKiOHCNgYV0MiQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:42:09 2025 by rpki-client