Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
File:                     You5JTbCD0KwW-UywNuquYt1XzU.mft (raw, json)
Hash identifier:          M6SnkiWidiCoMk1wX8RwNufSUGeROTo8Q2m7jjIvI1E=
Subject key identifier:   91:25:D5:1A:9A:76:93:23:E5:BC:83:7A:AC:EA:99:4D:22:C8:55:C4
Authority key identifier: 62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35
Certificate issuer:       /CN=628bb92536c20f42b05be532c0dbaab98b755f35
Certificate serial:       01975D5D15A99F7DCC320E23767C2B37200A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
Manifest number:          3C
Signing time:             Wed 11 Jun 2025 05:01:10 +0000
Manifest this update:     Wed 11 Jun 2025 05:01:10 +0000
Manifest next update:     Thu 12 Jun 2025 05:01:10 +0000
Files and hashes:         1: You5JTbCD0KwW-UywNuquYt1XzU.crl (hash: ooGR89UU6O/8LP0zhICqKFIvIYJi7S9EgN5v8IE/2SA=)
                          2: lUZIxGhzOYxZGWoE_bPIsAcvBns.roa (hash: 181xs0vbEO2Q9NjKNLp5nMH7XagJ9a8i0PdC3k4WAwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:5d:15:a9:9f:7d:cc:32:0e:23:76:7c:2b:37:20:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=628bb92536c20f42b05be532c0dbaab98b755f35
        Validity
            Not Before: Jun 11 05:01:10 2025 GMT
            Not After : Jun 12 05:01:10 2025 GMT
        Subject: CN=9125d51a9a769323e5bc837aacea994d22c855c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:be:52:98:79:36:65:7c:10:50:f0:38:0e:10:
                    60:44:8b:38:22:6c:39:17:1e:a9:a5:94:43:8d:1c:
                    49:f4:31:e6:8f:77:77:ad:b7:64:ca:95:a1:3d:c0:
                    b0:1a:88:41:ce:fb:68:d7:db:86:ab:86:94:79:53:
                    b6:5e:4f:ce:05:1c:c5:96:48:65:1b:ee:e7:2c:dd:
                    13:ff:f9:09:d8:2a:ca:6a:0d:a2:41:5d:3f:ab:b8:
                    e0:d6:7f:3c:97:48:ef:49:f2:8f:72:7b:c3:2f:8d:
                    6f:ca:29:b9:f3:c3:d9:e7:6a:bd:98:f6:64:9a:0b:
                    49:6b:67:7a:f9:1b:bd:50:c8:52:be:b9:a6:12:30:
                    12:42:dc:9c:ba:a9:02:2f:38:81:d8:92:d7:d5:49:
                    dc:5c:6b:9d:69:e9:5e:35:d0:c1:59:0d:14:a6:b9:
                    0e:57:4d:5d:b4:dc:ad:5f:c2:ac:5c:6d:97:a2:bd:
                    98:0b:a3:d6:da:12:06:4c:3c:cb:27:91:ce:c6:88:
                    08:2a:79:7b:68:c2:0e:c4:c9:23:ea:2c:21:bf:e9:
                    d0:98:5d:e1:17:be:9f:e5:a5:fb:bf:77:38:c6:be:
                    7d:ea:93:4d:43:bb:fd:7e:6f:3f:c5:1e:02:eb:88:
                    11:62:77:91:3c:35:83:82:f5:ec:67:8c:a7:96:d5:
                    c6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:25:D5:1A:9A:76:93:23:E5:BC:83:7A:AC:EA:99:4D:22:C8:55:C4
            X509v3 Authority Key Identifier:
                keyid:62:8B:B9:25:36:C2:0F:42:B0:5B:E5:32:C0:DB:AA:B9:8B:75:5F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/You5JTbCD0KwW-UywNuquYt1XzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/205dbe-7714-4d0e-9473-2bce81a431eb/1/You5JTbCD0KwW-UywNuquYt1XzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:99:95:dd:6a:37:ee:f8:10:fd:12:f3:04:6e:71:b4:ea:11:
         29:89:5a:fe:76:53:f9:0e:12:6f:e3:61:0e:5c:53:48:83:cb:
         fa:da:59:8d:6c:17:11:15:3e:dd:58:16:6a:2a:ca:92:7b:04:
         28:aa:4d:bb:d8:73:e9:5b:51:dd:96:ac:52:7e:ab:64:a0:49:
         ef:b0:80:1f:d2:24:d1:40:c9:9e:6c:ed:5e:73:82:58:72:c1:
         46:17:8b:0d:0b:60:d1:fc:4f:0e:8a:64:bf:30:10:9d:74:ad:
         3d:a2:03:9f:b3:9b:d3:4c:15:95:c7:a0:ee:e4:7a:85:8c:8c:
         88:4e:fb:0f:f9:f7:21:d5:00:e6:5f:3c:71:f5:89:72:c8:44:
         2f:5c:e0:fc:bc:30:1b:64:e7:b4:b4:d3:32:e0:ff:dc:de:19:
         64:c4:8e:c4:c4:84:20:6e:49:01:1f:94:db:e0:c8:8c:be:a2:
         59:0e:85:d8:d0:06:19:b1:ac:55:75:bb:12:23:af:de:21:64:
         f9:fe:e8:5a:8f:66:a5:1a:76:9c:f1:56:79:81:5b:62:f6:b4:
         5e:4a:54:b5:d5:97:f9:35:41:a1:00:95:3d:13:c6:5d:c0:d6:
         8d:8b:2a:81:dd:b3:5b:7a:a9:c4:2d:7a:5b:fe:62:3c:25:8c:
         eb:dc:cb:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddXRWpn33MMg4jdnwrNyAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGJiOTI1MzZjMjBmNDJiMDViZTUzMmMwZGJhYWI5OGI3
NTVmMzUwHhcNMjUwNjExMDUwMTEwWhcNMjUwNjEyMDUwMTEwWjAzMTEwLwYDVQQD
Eyg5MTI1ZDUxYTlhNzY5MzIzZTViYzgzN2FhY2VhOTk0ZDIyYzg1NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL5SmHk2ZXwQUPA4DhBgRIs4Imw5
Fx6ppZRDjRxJ9DHmj3d3rbdkypWhPcCwGohBzvto19uGq4aUeVO2Xk/OBRzFlkhl
G+7nLN0T//kJ2CrKag2iQV0/q7jg1n88l0jvSfKPcnvDL41vyim588PZ52q9mPZk
mgtJa2d6+Ru9UMhSvrmmEjASQtycuqkCLziB2JLX1UncXGudaeleNdDBWQ0UprkO
V01dtNytX8KsXG2Xor2YC6PW2hIGTDzLJ5HOxogIKnl7aMIOxMkj6iwhv+nQmF3h
F76f5aX7v3c4xr596pNNQ7v9fm8/xR4C64gRYneRPDWDgvXsZ4ynltXGNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEl1RqadpMj5byDeqzqmU0iyFXEMB8GA1UdIwQY
MBaAFGKLuSU2wg9CsFvlMsDbqrmLdV81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMt
MmJjZTgxYTQzMWViLzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMDVkYmUtNzcxNC00ZDBlLTk0NzMtMmJjZTgxYTQzMWVi
LzEvWW91NUpUYkNEMEt3Vy1VeXdOdXF1WXQxWHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpmV3Wo3
7vgQ/RLzBG5xtOoRKYla/nZT+Q4Sb+NhDlxTSIPL+tpZjWwXERU+3VgWairKknsE
KKpNu9hz6VtR3ZasUn6rZKBJ77CAH9Ik0UDJnmztXnOCWHLBRheLDQtg0fxPDopk
vzAQnXStPaIDn7Ob00wVlceg7uR6hYyMiE77D/n3IdUA5l88cfWJcshEL1zg/Lww
G2TntLTTMuD/3N4ZZMSOxMSEIG5JAR+U2+DIjL6iWQ6F2NAGGbGsVXW7EiOv3iFk
+f7oWo9mpRp2nPFWeYFbYva0XkpUtdWX+TVBoQCVPRPGXcDWjYsqgd2zW3qpxC16
W/5iPCWM69zLbA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:35:17 2025 by rpki-client