Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
File:                     You5JTbCD0KwW-UywNuquYt1XzU.mft (raw, json)
Hash identifier:          9uokf8+e1ZpicT+7fwlIWUhp1SAlu5Ygd63HwTmW9ME=
Subject key identifier:   4D:72:70:5A:45:51:8D:60:9B:9D:F3:A6:8F:99:D3:69:59:CF:03:94
Authority key identifier: 62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
Certificate issuer:       /CN=628bb92536c20f42b05be532c0dbaab98b755f35
Certificate serial:       019761393492269CC481C1BC940335C3830A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
Manifest number:          3E
Signing time:             Wed 11 Jun 2025 23:00:28 +0000
Manifest this update:     Wed 11 Jun 2025 23:00:28 +0000
Manifest next update:     Thu 12 Jun 2025 23:00:28 +0000
Files and hashes:         1: You5JTbCD0KwW-UywNuquYt1XzU.crl (hash: DyE5uQanF+XgZ7rs5n+JbtM9czc6iYzoxULRFXBhXP0=)
                          2: lUZIxGhzOYxZGWoE_bPIsAcvBns.roa (hash: 181xs0vbEO2Q9NjKNLp5nMH7XagJ9a8i0PdC3k4WAwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:39:34:92:26:9c:c4:81:c1:bc:94:03:35:c3:83:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=628bb92536c20f42b05be532c0dbaab98b755f35
        Validity
            Not Before: Jun 11 23:00:28 2025 GMT
            Not After : Jun 12 23:00:28 2025 GMT
        Subject: CN=4d72705a45518d609b9df3a68f99d36959cf0394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ab:74:a4:1f:65:fd:1e:a4:32:bb:52:ad:fa:
                    33:1d:21:c6:01:0c:63:98:66:ee:0f:4b:f4:f7:a7:
                    b9:c6:e7:e1:b8:80:21:88:1e:f6:90:d5:cb:09:3a:
                    3d:04:54:3a:45:b6:e4:df:92:30:a4:f5:f2:37:d1:
                    10:3a:53:88:0a:6c:b4:5a:1c:da:dc:68:da:7b:5c:
                    c8:92:64:de:a7:b6:fe:c6:e7:95:b5:01:39:02:7e:
                    3a:bc:40:be:e9:d0:55:7b:57:4c:ee:aa:0a:99:8a:
                    d6:dd:8c:75:23:c1:50:f7:c6:15:02:1e:6f:53:ac:
                    20:72:2b:cf:a0:57:69:12:b5:9c:13:22:22:1c:fb:
                    7a:bb:f0:5b:a3:76:e4:56:3f:03:ee:e0:05:bd:08:
                    13:6b:b6:03:5e:8c:94:ce:8c:e2:09:57:6d:93:c4:
                    2e:b0:14:74:e4:31:43:6f:85:33:47:05:ec:68:10:
                    cb:f1:05:52:ea:20:58:86:12:eb:0b:4f:1e:05:db:
                    6f:86:6a:b7:ef:f1:20:c1:27:af:d7:83:86:96:a5:
                    00:a7:75:4a:2c:59:ee:9a:9c:3f:be:be:32:13:5b:
                    6b:35:7e:03:38:3c:5f:8e:c8:ca:a5:b3:1e:6e:40:
                    8e:69:d6:96:c6:eb:56:13:08:9d:50:0d:54:3b:c9:
                    65:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:72:70:5A:45:51:8D:60:9B:9D:F3:A6:8F:99:D3:69:59:CF:03:94
            X509v3 Authority Key Identifier:
                keyid:62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:3c:31:8f:d8:52:f0:e7:a8:65:fb:8f:de:d7:04:90:8f:7c:
         07:dc:0e:32:d6:92:f1:fe:a3:3a:b1:b5:32:9e:20:c5:21:36:
         44:a3:f4:5e:77:3d:c6:17:0b:20:25:83:fc:ec:54:44:0d:c3:
         52:df:0c:92:eb:e0:09:71:35:7d:c4:a3:c2:a3:94:e3:63:dd:
         d5:58:28:b1:6f:03:8e:9e:4a:3d:80:7c:08:d3:23:30:d9:7a:
         51:a5:23:ed:32:1e:f2:bc:54:06:aa:74:2f:b8:7a:4e:93:ac:
         4d:6d:31:33:9a:46:09:af:cc:0e:62:cd:84:fe:e4:29:db:a7:
         7e:22:c6:c2:56:2b:6d:1f:f4:e2:a9:4a:a1:3a:d7:25:ff:84:
         ac:11:24:07:fa:d5:ad:b8:e9:b9:9b:94:fe:2c:cb:12:84:28:
         de:bf:69:eb:53:fc:eb:6c:6b:a6:bd:fc:21:93:3a:a6:8e:45:
         21:6b:cf:00:26:d2:c9:2c:6d:02:58:ba:ac:c7:0c:29:bc:b5:
         37:d2:59:df:77:2f:1a:64:06:8d:9f:56:30:fc:36:0b:11:bc:
         37:f1:28:ee:af:48:91:fa:d3:b4:10:e4:1b:bc:96:d5:26:ff:
         ab:61:17:5c:55:83:7d:73:ed:e3:8d:7a:00:10:c8:fe:8f:da:
         ff:56:9f:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhOTSSJpzEgcG8lAM1w4MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGJiOTI1MzZjMjBmNDJiMDViZTUzMmMwZGJhYWI5OGI3
NTVmMzUwHhcNMjUwNjExMjMwMDI4WhcNMjUwNjEyMjMwMDI4WjAzMTEwLwYDVQQD
Eyg0ZDcyNzA1YTQ1NTE4ZDYwOWI5ZGYzYTY4Zjk5ZDM2OTU5Y2YwMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqt0pB9l/R6kMrtSrfozHSHGAQxj
mGbuD0v096e5xufhuIAhiB72kNXLCTo9BFQ6Rbbk35IwpPXyN9EQOlOICmy0Whza
3Gjae1zIkmTep7b+xueVtQE5An46vEC+6dBVe1dM7qoKmYrW3Yx1I8FQ98YVAh5v
U6wgcivPoFdpErWcEyIiHPt6u/Bbo3bkVj8D7uAFvQgTa7YDXoyUzoziCVdtk8Qu
sBR05DFDb4UzRwXsaBDL8QVS6iBYhhLrC08eBdtvhmq37/EgwSev14OGlqUAp3VK
LFnumpw/vr4yE1trNX4DODxfjsjKpbMebkCOadaWxutWEwidUA1UO8llewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1ycFpFUY1gm53zpo+Z02lZzwOUMB8GA1UdIwQY
MBaAFGKLuSU2wg9CsFvlMsDbqrmLdV81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMt
MmJjZTgxYTQzMWViLzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMtMmJjZTgxYTQzMWVi
LzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDwxj9hS
8OeoZfuP3tcEkI98B9wOMtaS8f6jOrG1Mp4gxSE2RKP0Xnc9xhcLICWD/OxURA3D
Ut8MkuvgCXE1fcSjwqOU42Pd1VgosW8Djp5KPYB8CNMjMNl6UaUj7TIe8rxUBqp0
L7h6TpOsTW0xM5pGCa/MDmLNhP7kKdunfiLGwlYrbR/04qlKoTrXJf+ErBEkB/rV
rbjpuZuU/izLEoQo3r9p61P862xrpr38IZM6po5FIWvPACbSySxtAli6rMcMKby1
N9JZ33cvGmQGjZ9WMPw2CxG8N/Eo7q9IkfrTtBDkG7yW1Sb/q2EXXFWDfXPt4416
ABDI/o/a/1afTg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:43:29 2025 by rpki-client