Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          0oMB41OtcudOXuT2RdQPoqzyRHQqpn5zbsYKsnrn9R8=
Subject key identifier:   A5:AF:37:41:ED:80:AD:76:FF:40:37:72:64:C3:7C:57:43:E0:EB:E5
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       01975234E41E300444873EA7969213389165
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0AA2
Signing time:             Mon 09 Jun 2025 01:01:27 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:27 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:27 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: K8QtWWJUEkUxNcxGP5Hzyn344naOTAIvs2t/QaSNW7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:e4:1e:30:04:44:87:3e:a7:96:92:13:38:91:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Jun  9 01:01:27 2025 GMT
            Not After : Jun 10 01:01:27 2025 GMT
        Subject: CN=a5af3741ed80ad76ff40377264c37c5743e0ebe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:65:f4:e8:50:c9:5f:c8:67:b2:95:a0:d5:c7:
                    b8:05:b3:72:63:4a:60:3c:cc:32:ad:d6:9d:f5:4a:
                    5c:a2:6a:36:7a:40:17:68:02:b2:1f:c2:ca:d8:b0:
                    ad:07:27:1d:a1:f2:04:09:96:29:46:3c:d7:78:c7:
                    a9:9f:b7:a2:95:b0:e8:da:17:71:18:53:c8:c0:2e:
                    e8:5a:18:e1:ba:f2:25:0d:ae:75:ce:ed:e2:49:e9:
                    ff:63:33:5b:7f:fe:dd:1e:5a:35:d2:ca:c3:38:38:
                    e8:8e:50:a5:c3:5e:1e:a4:cc:d8:f4:8b:12:ac:ec:
                    3c:75:ff:5e:77:69:f7:f4:b1:88:c9:2e:d4:70:36:
                    80:5a:d6:eb:b2:29:32:34:1a:c2:c0:27:fd:e5:23:
                    61:7c:d1:a3:09:56:9c:d4:ec:3c:4e:1e:f7:4f:11:
                    25:e3:17:54:a4:7d:8f:d3:a4:9f:89:56:dd:55:e5:
                    65:11:ed:06:cc:fd:a2:0d:13:45:25:90:0b:21:0d:
                    6b:c5:85:ae:37:52:40:dc:ae:e4:f9:85:d0:18:4a:
                    ef:9b:4b:1f:c7:91:28:66:7e:de:bd:5e:c4:a6:b1:
                    f9:69:83:09:27:73:5c:e5:75:cc:25:af:03:c1:70:
                    15:bf:ef:4b:d7:e5:f8:0d:8c:2f:c5:ea:e4:aa:d9:
                    73:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:AF:37:41:ED:80:AD:76:FF:40:37:72:64:C3:7C:57:43:E0:EB:E5
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:8a:0c:7c:53:5a:9d:cb:e2:e9:49:6b:03:6a:b7:42:62:b3:
         9a:35:6e:00:17:39:32:7d:af:bc:fe:b5:33:d7:a4:f3:88:3d:
         fd:8a:29:20:86:1a:3c:15:be:08:15:c1:bc:41:43:92:31:91:
         77:2f:35:9e:f2:16:a9:58:6b:d4:d2:25:56:36:34:f7:d2:36:
         01:8f:a8:e4:c9:cf:16:1c:51:36:91:9b:7b:6a:1b:d4:b2:b6:
         18:be:13:b6:c9:d8:30:a4:c0:32:60:38:8e:34:10:20:d5:bf:
         3d:b7:bc:87:59:db:62:c8:7b:50:e9:4a:b3:eb:fb:e0:12:c2:
         8f:81:75:bc:c2:9f:2c:71:5f:13:88:b4:5b:ca:97:36:fb:7a:
         dd:6e:cd:00:6d:f7:64:05:51:de:f2:1d:7a:00:d5:6b:b1:c4:
         34:66:06:b3:bf:fa:00:e0:de:6d:e7:bb:83:a1:58:7a:a8:4a:
         d4:59:f4:fb:07:b2:68:d4:04:9b:5e:7c:4b:04:2a:03:2c:f2:
         58:98:4e:73:40:df:9f:24:f2:e9:92:9c:ae:11:b9:d4:16:e0:
         a0:42:18:6e:9e:b3:13:5a:5b:b2:b9:63:40:c2:ad:23:42:cb:
         98:87:fa:fc:07:9b:16:f2:a1:bf:7a:4a:79:69:bb:18:65:f5:
         bc:ed:2d:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNOQeMAREhz6nlpITOJFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjUwNjA5MDEwMTI3WhcNMjUwNjEwMDEwMTI3WjAzMTEwLwYDVQQD
EyhhNWFmMzc0MWVkODBhZDc2ZmY0MDM3NzI2NGMzN2M1NzQzZTBlYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2X06FDJX8hnspWg1ce4BbNyY0pg
PMwyrdad9Upcomo2ekAXaAKyH8LK2LCtBycdofIECZYpRjzXeMepn7eilbDo2hdx
GFPIwC7oWhjhuvIlDa51zu3iSen/YzNbf/7dHlo10srDODjojlClw14epMzY9IsS
rOw8df9ed2n39LGIyS7UcDaAWtbrsikyNBrCwCf95SNhfNGjCVac1Ow8Th73TxEl
4xdUpH2P06SfiVbdVeVlEe0GzP2iDRNFJZALIQ1rxYWuN1JA3K7k+YXQGErvm0sf
x5EoZn7evV7EprH5aYMJJ3Nc5XXMJa8DwXAVv+9L1+X4DYwvxerkqtlz/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWvN0HtgK12/0A3cmTDfFdD4OvlMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ4oMfFNa
ncvi6UlrA2q3QmKzmjVuABc5Mn2vvP61M9ek84g9/YopIIYaPBW+CBXBvEFDkjGR
dy81nvIWqVhr1NIlVjY099I2AY+o5MnPFhxRNpGbe2ob1LK2GL4TtsnYMKTAMmA4
jjQQINW/Pbe8h1nbYsh7UOlKs+v74BLCj4F1vMKfLHFfE4i0W8qXNvt63W7NAG33
ZAVR3vIdegDVa7HENGYGs7/6AODebee7g6FYeqhK1Fn0+weyaNQEm158SwQqAyzy
WJhOc0DfnyTy6ZKcrhG51BbgoEIYbp6zE1pbsrljQMKtI0LLmIf6/AebFvKhv3pK
eWm7GGX1vO0tjA==
-----END CERTIFICATE-----