Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          x78g+aHxYkJIToIkqMKXg0v6n/Co7w8s6YbuaEGd/r8=
Subject key identifier:   92:21:2D:0E:4B:66:9B:51:4C:B5:97:6F:D1:DF:A7:0E:21:F3:27:28
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       01974AE8FA050E32F8ED5E9711E67A168BC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          111A
Signing time:             Sat 07 Jun 2025 15:01:11 +0000
Manifest this update:     Sat 07 Jun 2025 15:01:11 +0000
Manifest next update:     Sun 08 Jun 2025 15:01:11 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: w12D72L+evMZM7nHluZlDR/k+EFBA1pZkIyotFPKLGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:fa:05:0e:32:f8:ed:5e:97:11:e6:7a:16:8b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Jun  7 15:01:11 2025 GMT
            Not After : Jun  8 15:01:11 2025 GMT
        Subject: CN=92212d0e4b669b514cb5976fd1dfa70e21f32728
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:55:b2:4f:6a:0c:45:8c:a9:5d:92:b5:c9:a0:
                    55:c8:95:e5:45:8e:00:ca:05:66:d5:e8:31:a1:62:
                    c9:09:5d:0c:1f:06:c3:79:96:a7:6c:64:0f:0a:65:
                    86:80:60:0e:9b:6e:87:7a:4e:fc:49:1f:af:00:8f:
                    a6:d8:1d:f8:98:ce:86:0c:ed:e1:64:0c:80:8b:b2:
                    b7:55:fe:98:e5:f1:a7:7b:88:e8:93:06:ab:8d:22:
                    bc:ef:4e:15:91:1e:5f:92:a6:e0:00:83:65:46:5c:
                    90:0d:01:26:1d:12:f1:41:a1:9d:12:10:77:94:bf:
                    0a:22:c1:89:63:11:44:b5:65:73:a4:14:1e:92:21:
                    b7:2c:0c:2d:ae:c0:fb:1f:9b:c7:42:b8:9f:0b:93:
                    f9:b7:35:5a:e7:ed:28:fd:3d:06:79:3a:18:56:10:
                    69:41:b2:4a:5f:e1:46:78:74:81:7a:55:09:35:fc:
                    a7:dd:06:ea:c0:07:b7:29:99:00:66:bf:26:55:6b:
                    72:8f:f6:19:25:9e:73:12:65:e2:f6:58:b8:ee:2f:
                    84:8a:19:04:3b:15:30:e3:cb:1e:e1:49:bb:b3:d7:
                    2b:d5:34:79:52:66:03:81:ed:ca:e9:64:60:e2:20:
                    c1:16:f1:13:12:b7:4a:43:02:ad:2b:0f:e3:7e:3a:
                    a9:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:21:2D:0E:4B:66:9B:51:4C:B5:97:6F:D1:DF:A7:0E:21:F3:27:28
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:77:83:48:2f:4b:d2:a7:ad:2b:2b:32:12:a0:83:28:27:5f:
         fc:8c:58:e1:ac:aa:db:c3:ce:73:d9:67:4f:c7:e2:23:7a:32:
         c6:a0:1a:8a:cb:b5:1d:85:25:31:00:27:d3:c1:33:2d:3b:0a:
         f1:bc:58:15:62:fd:90:c2:6d:65:38:ef:3d:a0:53:cf:cd:36:
         f3:aa:5b:0e:a3:a6:fc:9a:70:eb:39:cd:a1:23:51:55:e4:74:
         91:11:65:4a:ee:ce:a0:d4:1f:14:4d:ac:5a:2f:c2:ff:ab:2f:
         58:42:20:0a:ed:ac:e4:a9:bb:35:7d:bf:81:9a:bc:82:5d:36:
         27:dd:69:2d:52:01:16:7e:d6:e9:3a:c6:2d:ed:08:12:b0:20:
         58:46:88:51:7f:0a:ee:47:2f:fa:ca:a2:4c:b4:7e:21:82:a3:
         08:4a:d0:9f:ba:59:61:9e:2e:15:f0:b8:da:8e:c9:c4:31:96:
         c4:b5:b8:f8:11:0e:c0:e2:75:b0:10:db:cd:58:53:70:7b:a9:
         f9:01:08:d4:5b:e9:f7:4d:20:05:e9:18:da:56:2d:8c:e5:ea:
         eb:1d:71:be:2b:34:d9:23:9e:23:2a:4f:ad:e2:01:e4:77:54:
         d6:7c:9e:91:e4:c8:be:81:e5:9c:50:36:70:07:1f:db:21:ad:
         c2:1c:49:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6PoFDjL47V6XEeZ6FovGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwNjA3MTUwMTExWhcNMjUwNjA4MTUwMTExWjAzMTEwLwYDVQQD
Eyg5MjIxMmQwZTRiNjY5YjUxNGNiNTk3NmZkMWRmYTcwZTIxZjMyNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVWyT2oMRYypXZK1yaBVyJXlRY4A
ygVm1egxoWLJCV0MHwbDeZanbGQPCmWGgGAOm26Hek78SR+vAI+m2B34mM6GDO3h
ZAyAi7K3Vf6Y5fGne4jokwarjSK8704VkR5fkqbgAINlRlyQDQEmHRLxQaGdEhB3
lL8KIsGJYxFEtWVzpBQekiG3LAwtrsD7H5vHQrifC5P5tzVa5+0o/T0GeToYVhBp
QbJKX+FGeHSBelUJNfyn3QbqwAe3KZkAZr8mVWtyj/YZJZ5zEmXi9li47i+EihkE
OxUw48se4Um7s9cr1TR5UmYDge3K6WRg4iDBFvETErdKQwKtKw/jfjqpGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIhLQ5LZptRTLWXb9Hfpw4h8ycoMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh3eDSC9L
0qetKysyEqCDKCdf/IxY4ayq28POc9lnT8fiI3oyxqAaisu1HYUlMQAn08EzLTsK
8bxYFWL9kMJtZTjvPaBTz80286pbDqOm/Jpw6znNoSNRVeR0kRFlSu7OoNQfFE2s
Wi/C/6svWEIgCu2s5Km7NX2/gZq8gl02J91pLVIBFn7W6TrGLe0IErAgWEaIUX8K
7kcv+sqiTLR+IYKjCErQn7pZYZ4uFfC42o7JxDGWxLW4+BEOwOJ1sBDbzVhTcHup
+QEI1Fvp900gBekY2lYtjOXq6x1xvis02SOeIypPreIB5HdU1nyekeTIvoHlnFA2
cAcf2yGtwhxJUA==
-----END CERTIFICATE-----