Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
File:                     yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft (raw, json)
Hash identifier:          yDVLua3cKSGznxghg1+KpvZCjh1WflJ0Qul6CEguxAg=
Subject key identifier:   6A:F4:44:B8:0E:98:9C:14:C7:23:AC:C1:F2:49:06:F2:A4:51:C6:5F
Authority key identifier: C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3
Certificate issuer:       /CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
Certificate serial:       01974A7B5C496D143AA927D5006E5151917E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 13:01:27 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:27 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:27 +0000
Files and hashes:         1: yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl (hash: 7XxfKFVNrJJ5ebJ1sgmFQ17jZuy/bNphCEqAu7kOMlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:5c:49:6d:14:3a:a9:27:d5:00:6e:51:51:91:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
        Validity
            Not Before: Jun  7 13:01:27 2025 GMT
            Not After : Jun  8 13:01:27 2025 GMT
        Subject: CN=6af444b80e989c14c723acc1f24906f2a451c65f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2e:84:9e:ab:c3:f5:d4:9d:e1:49:85:ac:24:
                    6d:a3:f1:12:5f:50:6c:58:9d:e2:75:36:21:33:f0:
                    62:79:52:1a:c8:a7:48:4f:4f:0b:de:43:68:da:5f:
                    cc:b8:2a:24:32:fe:5b:96:d5:44:7c:90:0d:dc:4f:
                    75:dc:93:c1:08:78:3d:d0:ea:b4:da:68:77:ad:96:
                    2f:80:5b:10:01:c4:34:d4:75:1d:9f:8f:46:6d:b8:
                    06:6a:f4:51:82:20:e0:ea:65:ad:17:24:e5:16:2c:
                    f2:00:3e:5b:cd:e8:a8:28:1a:89:c8:0b:b9:20:8d:
                    1c:ef:9f:05:77:12:fd:e7:79:95:3a:5e:04:10:d5:
                    b3:7d:50:fa:05:da:3e:e0:59:f3:b0:d7:2e:5a:87:
                    43:62:21:75:32:cc:2b:23:e2:38:58:a4:1d:69:25:
                    6e:7c:f0:19:da:9f:cb:8f:88:94:44:ae:1b:f1:24:
                    b8:1d:69:a6:53:a8:b5:77:44:a5:fb:b3:fb:75:62:
                    40:09:cd:ec:f9:67:25:0b:f9:a9:66:c1:38:cc:6c:
                    15:87:e7:c3:cd:1d:8a:b2:f4:8c:d9:81:f4:2c:15:
                    47:87:4e:ff:00:75:a0:1e:18:7e:51:f8:af:9a:78:
                    e2:b5:58:dc:ec:13:33:cd:2a:cb:16:b2:ae:9b:ad:
                    0f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F4:44:B8:0E:98:9C:14:C7:23:AC:C1:F2:49:06:F2:A4:51:C6:5F
            X509v3 Authority Key Identifier:
                keyid:C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:47:86:9c:cb:ac:1f:ff:5f:fe:39:6b:53:fb:33:80:ce:aa:
         95:d6:00:ac:6d:c6:f2:45:3c:11:a5:ad:e1:ab:5e:31:73:85:
         ab:1a:e7:12:1f:13:4d:67:13:a9:d2:1d:d3:7b:45:4c:22:19:
         63:e0:a2:97:c0:85:e3:b9:d7:ba:bb:6a:84:da:0a:9c:99:c3:
         c6:a3:26:ff:2d:1f:ce:a1:2a:e0:c3:ab:b2:e0:f0:42:e5:16:
         2b:35:b6:59:43:e0:ea:49:af:a3:0b:d3:ce:ad:01:fa:76:9a:
         4a:b7:2e:d5:f9:b3:82:fd:2b:4e:ba:2c:5b:99:1a:7c:5c:66:
         f2:d9:d2:fe:18:0f:97:4d:65:2b:13:ee:51:92:c9:c5:07:bf:
         a5:83:a6:6a:0c:ba:24:74:3d:22:11:ad:e0:aa:8d:7a:eb:af:
         df:2e:e9:32:f2:05:f7:a4:e5:2c:77:d8:ec:78:cb:4e:91:3c:
         c4:94:6d:cb:a7:2e:f1:bc:b9:e6:12:10:b8:b1:df:fa:e6:9c:
         8d:92:18:41:fb:bd:6d:37:0d:ed:ac:58:1d:a8:f8:27:c6:1e:
         28:95:60:7d:94:6f:ff:d4:57:af:63:9d:87:c7:f0:db:47:0b:
         5b:92:aa:4d:df:10:e0:fe:7f:a8:57:80:b4:63:38:ce:10:6c:
         d3:60:7f:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe1xJbRQ6qSfVAG5RUZF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWQ0NDNmODVkMGVlYzY2MzY0Y2Q3NTM2ZjE4ODg4YWMx
Zjk5ZTMwHhcNMjUwNjA3MTMwMTI3WhcNMjUwNjA4MTMwMTI3WjAzMTEwLwYDVQQD
Eyg2YWY0NDRiODBlOTg5YzE0YzcyM2FjYzFmMjQ5MDZmMmE0NTFjNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry6EnqvD9dSd4UmFrCRto/ESX1Bs
WJ3idTYhM/BieVIayKdIT08L3kNo2l/MuCokMv5bltVEfJAN3E913JPBCHg90Oq0
2mh3rZYvgFsQAcQ01HUdn49GbbgGavRRgiDg6mWtFyTlFizyAD5bzeioKBqJyAu5
II0c758FdxL953mVOl4EENWzfVD6Bdo+4FnzsNcuWodDYiF1MswrI+I4WKQdaSVu
fPAZ2p/Lj4iURK4b8SS4HWmmU6i1d0Sl+7P7dWJACc3s+WclC/mpZsE4zGwVh+fD
zR2KsvSM2YH0LBVHh07/AHWgHhh+UfivmnjitVjc7BMzzSrLFrKum60PrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr0RLgOmJwUxyOswfJJBvKkUcZfMB8GA1UdIwQY
MBaAFMjtRD+F0O7GY2TNdTbxiIisH5njMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYt
NmQwNDMxMGUzNDJiLzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYtNmQwNDMxMGUzNDJi
LzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUeGnMus
H/9f/jlrU/szgM6qldYArG3G8kU8EaWt4ateMXOFqxrnEh8TTWcTqdId03tFTCIZ
Y+Cil8CF47nXurtqhNoKnJnDxqMm/y0fzqEq4MOrsuDwQuUWKzW2WUPg6kmvowvT
zq0B+naaSrcu1fmzgv0rTrosW5kafFxm8tnS/hgPl01lKxPuUZLJxQe/pYOmagy6
JHQ9IhGt4KqNeuuv3y7pMvIF96TlLHfY7HjLTpE8xJRty6cu8by55hIQuLHf+uac
jZIYQfu9bTcN7axYHaj4J8YeKJVgfZRv/9RXr2Odh8fw20cLW5KqTd8Q4P5/qFeA
tGM4zhBs02B/PA==
-----END CERTIFICATE-----