Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
File:                     YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft (raw, json)
Hash identifier:          Jp1q4xa9OCXzzXSJpJYOSNN0SV+JH4v5IpOw/Sp5mKs=
Subject key identifier:   AF:F1:E5:D3:FA:54:61:60:9A:88:C5:22:66:C3:D3:2D:FC:BF:50:BB
Authority key identifier: 60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74
Certificate issuer:       /CN=600b113e062d17ea230806b34a21deb5627b6774
Certificate serial:       01974A7B67F89F2CD909BA6403836AD1BF3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
Manifest number:          11FA
Signing time:             Sat 07 Jun 2025 13:01:30 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:30 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:30 +0000
Files and hashes:         1: YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl (hash: hTI33cLytumd6k8uSlFD1dNpraM6AYu7/jeGAaKHfy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:67:f8:9f:2c:d9:09:ba:64:03:83:6a:d1:bf:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600b113e062d17ea230806b34a21deb5627b6774
        Validity
            Not Before: Jun  7 13:01:30 2025 GMT
            Not After : Jun  8 13:01:30 2025 GMT
        Subject: CN=aff1e5d3fa5461609a88c52266c3d32dfcbf50bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:13:69:07:4b:12:5d:a6:df:1f:9a:2c:90:c6:
                    bf:69:5f:c8:97:bc:61:69:d2:d3:45:0e:a8:65:84:
                    8f:1c:c1:a6:19:47:58:bf:4f:26:c4:d4:1f:29:f0:
                    c5:74:a1:62:e9:c0:32:9b:be:3b:30:03:6a:0b:2a:
                    7c:dc:eb:7f:ce:a1:f2:67:59:1f:f2:14:a1:3c:a8:
                    0f:a3:0e:68:08:72:de:70:89:cb:64:22:25:e2:aa:
                    9a:19:17:d8:7e:0a:f7:cd:bf:e0:f2:23:75:2f:23:
                    ed:9a:a2:a7:c1:53:12:8b:ff:1f:d6:81:b2:87:93:
                    66:1e:73:a3:ac:38:ef:50:58:6f:65:32:bb:03:b2:
                    86:9d:c8:5b:21:06:a3:14:f3:6f:58:d6:c3:f6:17:
                    ef:a0:b9:e9:3a:b2:cb:02:a1:e2:9a:bb:bc:75:4e:
                    bb:b3:4c:ef:39:93:f3:7d:cc:1b:3d:fa:f8:aa:a2:
                    9f:b6:d3:4e:de:b9:10:06:c2:2f:4f:b0:05:c1:11:
                    d6:22:80:09:6d:c0:d8:8f:c0:e3:77:8e:dc:14:d9:
                    f3:17:61:a9:98:5b:f7:a3:a5:d2:75:17:42:5b:cc:
                    8d:c2:f2:75:5f:ed:77:79:9d:ad:cf:7e:6d:5f:bf:
                    62:0b:89:c3:9d:14:f0:a3:70:3b:a3:af:3b:43:4b:
                    f2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F1:E5:D3:FA:54:61:60:9A:88:C5:22:66:C3:D3:2D:FC:BF:50:BB
            X509v3 Authority Key Identifier:
                keyid:60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:47:0d:f1:4d:61:86:9c:3a:f4:11:33:3e:3f:cc:99:b0:d8:
         86:01:7b:53:e0:76:4d:c3:7d:ae:68:c9:d0:45:6a:86:70:95:
         9b:a1:43:b0:73:90:e8:e1:6e:e5:f5:6c:77:4e:0d:46:5c:cc:
         6e:d8:5f:90:6d:52:42:a2:84:81:b5:db:b1:89:c3:39:7c:c2:
         7c:bc:20:5b:9f:ad:c7:4c:ec:30:d4:14:fd:94:8e:57:45:a8:
         9e:8d:e5:92:3a:4e:3a:80:9b:79:6b:06:8e:f2:95:d2:fd:69:
         4a:00:f9:9a:a1:5f:67:df:10:15:16:d7:c6:df:61:15:18:7c:
         f4:1c:ee:60:5f:db:a1:a3:2d:a5:65:3a:0e:78:d9:51:39:28:
         37:cd:b2:a5:9d:5f:d3:ba:3e:45:64:2d:dc:ed:99:a4:70:20:
         69:58:82:9f:20:43:44:fd:15:dc:e4:d7:0e:33:fe:87:57:75:
         a9:a9:22:e3:05:4f:b2:94:aa:0a:a8:12:0d:12:8c:e6:3d:7d:
         e0:64:15:a9:fc:76:4b:7d:3c:66:0e:c7:b9:5b:fd:ae:76:8e:
         e9:98:54:fb:04:4f:7f:c1:56:87:45:bc:bc:7f:78:47:7f:21:
         37:a9:b1:06:05:86:2d:39:64:00:58:a6:05:ee:eb:7d:78:30:
         de:1b:a9:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe2f4nyzZCbpkA4Nq0b86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGIxMTNlMDYyZDE3ZWEyMzA4MDZiMzRhMjFkZWI1NjI3
YjY3NzQwHhcNMjUwNjA3MTMwMTMwWhcNMjUwNjA4MTMwMTMwWjAzMTEwLwYDVQQD
EyhhZmYxZTVkM2ZhNTQ2MTYwOWE4OGM1MjI2NmMzZDMyZGZjYmY1MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhNpB0sSXabfH5oskMa/aV/Il7xh
adLTRQ6oZYSPHMGmGUdYv08mxNQfKfDFdKFi6cAym747MANqCyp83Ot/zqHyZ1kf
8hShPKgPow5oCHLecInLZCIl4qqaGRfYfgr3zb/g8iN1LyPtmqKnwVMSi/8f1oGy
h5NmHnOjrDjvUFhvZTK7A7KGnchbIQajFPNvWNbD9hfvoLnpOrLLAqHimru8dU67
s0zvOZPzfcwbPfr4qqKfttNO3rkQBsIvT7AFwRHWIoAJbcDYj8Djd47cFNnzF2Gp
mFv3o6XSdRdCW8yNwvJ1X+13eZ2tz35tX79iC4nDnRTwo3A7o687Q0vyewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/x5dP6VGFgmojFImbD0y38v1C7MB8GA1UdIwQY
MBaAFGALET4GLRfqIwgGs0oh3rVie2d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTct
YTBkYTQ1Mjk5YzZlLzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTctYTBkYTQ1Mjk5YzZl
LzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkcN8U1h
hpw69BEzPj/MmbDYhgF7U+B2TcN9rmjJ0EVqhnCVm6FDsHOQ6OFu5fVsd04NRlzM
bthfkG1SQqKEgbXbsYnDOXzCfLwgW5+tx0zsMNQU/ZSOV0Wono3lkjpOOoCbeWsG
jvKV0v1pSgD5mqFfZ98QFRbXxt9hFRh89BzuYF/boaMtpWU6DnjZUTkoN82ypZ1f
07o+RWQt3O2ZpHAgaViCnyBDRP0V3OTXDjP+h1d1qaki4wVPspSqCqgSDRKM5j19
4GQVqfx2S308Zg7HuVv9rnaO6ZhU+wRPf8FWh0W8vH94R38hN6mxBgWGLTlkAFim
Be7rfXgw3hupsQ==
-----END CERTIFICATE-----