Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          SkPplO0sVusEFXxwb3Hlvot6UF6LOP4rhKB64s8Z9rI=
Subject key identifier:   0F:0C:7A:5D:55:B4:98:DD:16:CE:48:6A:D9:BD:9B:65:33:B3:FA:E1
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0197488D1A401630F0296DB91A773D044C8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          08BD
Signing time:             Sat 07 Jun 2025 04:01:36 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:36 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:36 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: VUWiV0YpoFQOOI0e7nHTdNOrhrZe3nCDfIfuia5TMXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:1a:40:16:30:f0:29:6d:b9:1a:77:3d:04:4c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Jun  7 04:01:36 2025 GMT
            Not After : Jun  8 04:01:36 2025 GMT
        Subject: CN=0f0c7a5d55b498dd16ce486ad9bd9b6533b3fae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:de:ad:77:97:6d:42:09:78:4f:a4:8d:1d:0c:
                    55:79:d4:11:0b:55:d7:4b:23:3c:f8:74:6b:d2:b3:
                    cc:e8:40:03:4d:c6:02:11:e7:da:90:ae:f6:9e:d9:
                    14:4f:db:a3:d1:b2:52:8d:f5:12:49:80:1d:e1:f9:
                    17:da:10:a5:a5:34:9f:82:2e:9f:80:37:06:2d:52:
                    76:79:cb:d6:b5:24:db:23:cc:eb:20:24:86:0e:8e:
                    7c:d0:89:c4:de:80:bf:f8:83:13:aa:e7:c8:57:11:
                    27:2f:e3:d9:69:fe:48:09:73:3f:d0:1d:35:e8:44:
                    e3:ff:db:a0:6f:15:7e:65:a0:6b:5d:87:ef:48:74:
                    0a:b4:80:42:27:d3:57:f9:d7:38:74:9e:3a:70:e6:
                    90:e3:d0:a6:34:fe:dc:b7:cb:b4:5a:3c:33:e8:a1:
                    6d:2d:88:01:fa:27:68:01:14:87:55:d4:4b:6f:63:
                    26:4d:66:15:32:ee:98:24:76:0a:b8:67:e0:b3:c9:
                    41:f0:b8:34:22:21:98:0c:22:5a:a4:ca:26:ed:03:
                    b1:74:f2:05:28:42:9a:3b:06:44:c5:a8:d3:31:bf:
                    cf:52:ef:59:c2:dd:8b:53:c5:e9:f2:a2:ac:28:3e:
                    01:ba:5c:9e:8f:62:67:3b:7b:7c:50:dd:f0:15:3d:
                    fc:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:0C:7A:5D:55:B4:98:DD:16:CE:48:6A:D9:BD:9B:65:33:B3:FA:E1
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:77:a1:e0:9f:1f:97:3e:e9:a5:82:df:ed:1f:83:51:de:27:
         27:05:48:29:2d:a3:20:a8:84:81:93:ac:ec:66:e8:43:1c:0c:
         1f:83:c9:60:58:66:2c:c8:57:b5:69:b0:d8:94:ff:d7:fb:5a:
         0b:ca:a0:e1:ec:6b:f2:3e:9d:8e:c2:a0:2d:42:8c:89:68:c4:
         31:49:f5:f3:74:10:50:92:81:20:e7:ce:f5:37:da:63:ba:85:
         55:e0:8a:b6:72:f6:1b:83:fe:57:98:26:d7:6a:ca:9b:e5:df:
         9f:a2:6f:55:a9:0b:b6:c3:aa:fd:eb:7c:54:60:f9:7a:4d:60:
         20:5a:e5:06:8c:84:a8:74:5e:16:d4:96:26:12:54:99:40:94:
         b0:e8:5c:c3:de:cf:c3:06:2f:bd:f2:a2:d6:6c:e5:9f:8a:d2:
         d1:5e:0c:de:9c:e9:f6:a1:53:c3:32:e1:6e:ea:26:ed:4a:78:
         4a:57:41:f2:95:bb:18:e8:ec:a9:b6:22:78:f4:83:b8:10:c2:
         59:94:e2:f5:36:ff:b9:1f:aa:f6:b7:05:4e:56:7d:25:95:63:
         3b:96:df:c8:ee:c9:8f:1b:1f:ac:78:7b:cb:2c:af:a0:58:49:
         9b:cf:97:4c:31:cb:f2:16:c6:9c:47:c2:4d:60:02:9e:b3:c5:
         c0:86:ec:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjRpAFjDwKW25Gnc9BEyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwNjA3MDQwMTM2WhcNMjUwNjA4MDQwMTM2WjAzMTEwLwYDVQQD
EygwZjBjN2E1ZDU1YjQ5OGRkMTZjZTQ4NmFkOWJkOWI2NTMzYjNmYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN6td5dtQgl4T6SNHQxVedQRC1XX
SyM8+HRr0rPM6EADTcYCEefakK72ntkUT9uj0bJSjfUSSYAd4fkX2hClpTSfgi6f
gDcGLVJ2ecvWtSTbI8zrICSGDo580InE3oC/+IMTqufIVxEnL+PZaf5ICXM/0B01
6ETj/9ugbxV+ZaBrXYfvSHQKtIBCJ9NX+dc4dJ46cOaQ49CmNP7ct8u0Wjwz6KFt
LYgB+idoARSHVdRLb2MmTWYVMu6YJHYKuGfgs8lB8Lg0IiGYDCJapMom7QOxdPIF
KEKaOwZExajTMb/PUu9Zwt2LU8Xp8qKsKD4Bulyej2JnO3t8UN3wFT38HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8Mel1VtJjdFs5Iatm9m2Uzs/rhMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl3eh4J8f
lz7ppYLf7R+DUd4nJwVIKS2jIKiEgZOs7GboQxwMH4PJYFhmLMhXtWmw2JT/1/ta
C8qg4exr8j6djsKgLUKMiWjEMUn183QQUJKBIOfO9TfaY7qFVeCKtnL2G4P+V5gm
12rKm+Xfn6JvVakLtsOq/et8VGD5ek1gIFrlBoyEqHReFtSWJhJUmUCUsOhcw97P
wwYvvfKi1mzln4rS0V4M3pzp9qFTwzLhbuom7Up4SldB8pW7GOjsqbYiePSDuBDC
WZTi9Tb/uR+q9rcFTlZ9JZVjO5bfyO7JjxsfrHh7yyyvoFhJm8+XTDHL8hbGnEfC
TWACnrPFwIbswg==
-----END CERTIFICATE-----