Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          6X4CniTeFnWpXaex/s0AGk3nNdrPZwT2cSFXavgSthw=
Subject key identifier:   DA:FD:07:CF:31:7F:22:A7:DD:B0:16:A7:84:97:4A:CA:0A:CE:CB:2C
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       0194C388294AB290523323A5AA8D3BB2F1A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          076F
Signing time:             Sat 01 Feb 2025 22:01:08 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:08 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:08 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: 40zMjfbEN2YoeDyrTbU1rGqQRD4b75biNSjVxluGd1g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:29:4a:b2:90:52:33:23:a5:aa:8d:3b:b2:f1:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Feb  1 22:01:08 2025 GMT
            Not After : Feb  2 22:01:08 2025 GMT
        Subject: CN=dafd07cf317f22a7ddb016a784974aca0acecb2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:93:d4:b5:32:ef:95:8d:64:97:e6:28:bf:19:
                    00:ed:32:26:87:e1:9a:c6:c8:26:61:1e:ff:81:58:
                    93:a3:2d:bf:10:29:7f:6e:0c:5d:ba:f7:b2:0f:57:
                    ee:0b:2d:bd:41:6d:48:73:44:4c:d2:16:ca:f6:47:
                    f3:33:ed:8d:69:fb:2d:72:cb:a7:77:e1:13:a1:b8:
                    ea:ad:1e:b4:80:b4:9c:60:9f:ee:4d:ce:64:48:c2:
                    ce:0d:cc:1f:31:6f:ff:4f:df:d1:b3:a0:13:c8:eb:
                    9b:07:11:b0:34:e5:ff:f0:f3:fb:97:57:2a:c4:85:
                    69:10:9b:83:72:96:1b:8d:f8:d4:61:95:c5:5f:78:
                    24:e9:59:3b:dd:2c:29:41:45:a4:44:80:ad:8d:16:
                    7d:81:c0:2b:39:7b:b5:fd:47:87:5e:72:28:43:41:
                    96:4a:35:f5:66:19:e8:bd:ce:db:1e:92:f8:77:be:
                    ab:c0:3e:c0:e6:15:a6:2f:e4:18:1a:1e:a0:16:45:
                    97:f5:d7:71:6e:87:4b:aa:a5:e1:65:76:18:88:4d:
                    8e:68:b6:90:68:7a:e5:cb:a1:e9:15:cb:a3:0d:0a:
                    7a:af:ac:31:fa:1c:c8:5b:2a:a7:a3:a7:05:de:28:
                    58:ea:d1:48:b6:15:6a:37:37:b5:7b:5c:c5:b3:1d:
                    c8:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:FD:07:CF:31:7F:22:A7:DD:B0:16:A7:84:97:4A:CA:0A:CE:CB:2C
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:79:d2:7d:97:ec:c8:5c:07:9c:18:2a:ca:f8:33:b4:02:88:
         92:92:0b:67:8a:01:7a:a8:a4:63:83:ac:99:5b:b8:1b:58:56:
         be:a2:67:96:dd:a8:b0:2e:70:08:f4:3f:53:b4:0b:11:4d:fd:
         53:31:ab:b4:b5:14:fe:3b:a9:12:af:9a:d2:c0:38:0a:22:14:
         c7:e7:47:24:e6:eb:48:81:aa:c6:5d:6d:4c:93:83:d3:af:e4:
         96:72:b6:b3:07:fb:11:e5:14:11:a9:15:ca:07:8b:47:24:89:
         d8:24:e1:82:70:bc:1c:b5:94:c8:bc:cd:43:50:06:c7:71:b0:
         7b:b7:fe:a8:1d:07:ee:99:39:25:74:d1:36:6d:75:c1:5b:d8:
         68:e9:b9:05:19:fe:09:a7:75:53:29:75:71:bb:f7:5c:11:52:
         76:7f:70:fb:b9:03:27:24:8a:51:21:49:84:16:76:c5:94:8d:
         37:d8:09:07:e6:bf:ab:fd:94:a6:58:d8:db:f2:d4:8f:63:a9:
         c9:75:10:83:d1:24:95:34:47:f9:fa:b2:36:74:29:cc:8a:6d:
         45:51:a5:b4:2e:c2:14:a3:6a:17:b3:26:94:f0:80:f5:10:92:
         7b:15:e8:15:78:c6:a7:ee:0e:b6:0b:3f:4a:d4:33:8e:b3:e1:
         56:21:a8:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiClKspBSMyOlqo07svGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUwMjAxMjIwMTA4WhcNMjUwMjAyMjIwMTA4WjAzMTEwLwYDVQQD
EyhkYWZkMDdjZjMxN2YyMmE3ZGRiMDE2YTc4NDk3NGFjYTBhY2VjYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZPUtTLvlY1kl+YovxkA7TImh+Ga
xsgmYR7/gViToy2/ECl/bgxduveyD1fuCy29QW1Ic0RM0hbK9kfzM+2Nafstcsun
d+ETobjqrR60gLScYJ/uTc5kSMLODcwfMW//T9/Rs6ATyOubBxGwNOX/8PP7l1cq
xIVpEJuDcpYbjfjUYZXFX3gk6Vk73SwpQUWkRICtjRZ9gcArOXu1/UeHXnIoQ0GW
SjX1Zhnovc7bHpL4d76rwD7A5hWmL+QYGh6gFkWX9ddxbodLqqXhZXYYiE2OaLaQ
aHrly6HpFcujDQp6r6wx+hzIWyqno6cF3ihY6tFIthVqNze1e1zFsx3INwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNr9B88xfyKn3bAWp4SXSsoKzsssMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHnSfZfs
yFwHnBgqyvgztAKIkpILZ4oBeqikY4OsmVu4G1hWvqJnlt2osC5wCPQ/U7QLEU39
UzGrtLUU/jupEq+a0sA4CiIUx+dHJObrSIGqxl1tTJOD06/klnK2swf7EeUUEakV
ygeLRySJ2CThgnC8HLWUyLzNQ1AGx3Gwe7f+qB0H7pk5JXTRNm11wVvYaOm5BRn+
Cad1Uyl1cbv3XBFSdn9w+7kDJySKUSFJhBZ2xZSNN9gJB+a/q/2UpljY2/LUj2Op
yXUQg9EklTRH+fqyNnQpzIptRVGltC7CFKNqF7MmlPCA9RCSexXoFXjGp+4Otgs/
StQzjrPhViGo4w==
-----END CERTIFICATE-----