Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft
File:                     ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft (raw, json)
Hash identifier:          mOPwia+w0UYKyvit0EYIOrpTkN0rdwtPdXasCxD8Kj4=
Subject key identifier:   CA:0A:46:CA:49:79:F2:93:45:BB:56:90:AF:69:BA:D1:42:9E:41:91
Authority key identifier: CA:51:54:15:89:05:D1:D4:4C:45:88:DF:D2:58:02:F3:24:A9:3D:61
Certificate issuer:       /CN=ca5154158905d1d44c4588dfd25802f324a93d61
Certificate serial:       01975347139529174A4C47DAABF929ED08D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft
Manifest number:          03D8
Signing time:             Mon 09 Jun 2025 06:00:56 +0000
Manifest this update:     Mon 09 Jun 2025 06:00:56 +0000
Manifest next update:     Tue 10 Jun 2025 06:00:56 +0000
Files and hashes:         1: AVYBUHDR8cllHf1Clp-tHJ3mnJM.roa (hash: AnG8BWUfPxV5o1EC1SevW/uoDYd+aQAPwe1f/26+nZM=)
                          2: ylFUFYkF0dRMRYjf0lgC8ySpPWE.crl (hash: WVovbDls5YnlRItWe856Y2jdYG8Y9maYrEKFxUHbpTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:47:13:95:29:17:4a:4c:47:da:ab:f9:29:ed:08:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca5154158905d1d44c4588dfd25802f324a93d61
        Validity
            Not Before: Jun  9 06:00:56 2025 GMT
            Not After : Jun 10 06:00:56 2025 GMT
        Subject: CN=ca0a46ca4979f29345bb5690af69bad1429e4191
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:20:d2:ea:c3:c9:f9:2b:c1:b5:bb:a9:19:f8:
                    6f:ab:2f:54:0b:eb:a7:45:4c:53:27:3b:c4:15:ad:
                    37:b1:2b:e7:83:e5:a0:2e:85:01:ea:ff:93:02:5b:
                    2f:ba:1d:da:47:f2:3e:78:eb:01:66:86:fa:1f:de:
                    f3:8c:5d:03:8f:71:b0:7c:a2:ef:c6:56:0f:1c:24:
                    98:a0:45:e0:0e:06:68:9e:e6:c7:93:43:e1:9a:85:
                    05:b4:5e:66:14:4e:b5:d0:2d:ef:2f:f7:5c:d6:b1:
                    b6:0e:34:95:e3:ea:56:75:7c:ca:92:a2:01:b7:7e:
                    70:0b:6b:02:b3:7f:cd:c1:99:d7:3b:9d:d5:f6:97:
                    c8:ea:db:bc:83:07:27:8a:12:5c:e4:4f:9f:3a:5a:
                    3e:0a:09:66:77:57:b4:90:5a:33:ab:e5:1b:66:19:
                    dc:f7:c8:6f:e0:3b:74:c9:81:09:e8:88:7e:ce:be:
                    7b:93:ba:9b:f9:32:65:05:eb:a0:4b:4f:9f:6c:21:
                    28:91:06:31:5c:e8:f4:8e:a4:1c:68:65:82:8c:dd:
                    26:6a:3e:c3:22:ce:ef:3b:d0:c4:dd:fa:e8:91:52:
                    f8:33:81:7e:fc:a2:6d:08:eb:82:7f:8d:a7:a6:2e:
                    1c:6c:ae:c1:6c:07:f6:54:74:a2:1b:8b:da:7a:a4:
                    35:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:0A:46:CA:49:79:F2:93:45:BB:56:90:AF:69:BA:D1:42:9E:41:91
            X509v3 Authority Key Identifier:
                keyid:CA:51:54:15:89:05:D1:D4:4C:45:88:DF:D2:58:02:F3:24:A9:3D:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:f8:92:1d:57:ba:4b:83:37:f7:bc:60:42:a0:fc:1e:d9:7b:
         9c:1b:94:19:9c:34:bb:4d:12:b4:0a:a2:f4:4c:e7:b0:2a:cc:
         54:77:21:21:c3:b1:d3:1d:34:47:53:fe:f6:b7:8c:df:bf:3f:
         99:68:b8:0d:24:52:cb:83:f1:74:68:b5:cd:20:f0:93:89:10:
         4b:55:e6:63:3a:3e:9a:33:fe:a3:f5:24:63:93:ae:5c:af:bd:
         21:57:6a:b7:f0:ce:f0:76:cb:c1:9f:8c:f1:e3:50:c0:4c:df:
         a2:c5:1d:b5:0e:4d:cc:65:2b:a8:49:59:43:26:4a:e5:5f:09:
         bb:f0:73:97:6c:2e:16:42:83:1c:ac:49:3e:21:b7:da:1c:fd:
         35:9e:ec:87:46:65:05:c5:2f:e1:13:aa:c9:bd:60:c9:01:52:
         2e:1e:97:2c:4f:7b:72:33:4b:c5:b3:07:19:39:0c:1e:9f:fa:
         76:69:18:26:ad:d1:fc:f3:25:73:99:30:39:d4:d3:5d:20:5d:
         8c:0b:88:a0:c5:46:13:96:cd:0c:60:55:b5:ce:85:e3:45:f9:
         1d:86:60:6a:78:2d:c2:e8:f1:91:ae:86:e8:97:d6:4c:17:a4:
         d0:09:3e:2b:d9:06:d5:bd:cf:76:1b:fa:77:d2:4c:50:e2:27:
         58:b2:a4:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTRxOVKRdKTEfaq/kp7QjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTE1NDE1ODkwNWQxZDQ0YzQ1ODhkZmQyNTgwMmYzMjRh
OTNkNjEwHhcNMjUwNjA5MDYwMDU2WhcNMjUwNjEwMDYwMDU2WjAzMTEwLwYDVQQD
EyhjYTBhNDZjYTQ5NzlmMjkzNDViYjU2OTBhZjY5YmFkMTQyOWU0MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSDS6sPJ+SvBtbupGfhvqy9UC+un
RUxTJzvEFa03sSvng+WgLoUB6v+TAlsvuh3aR/I+eOsBZob6H97zjF0Dj3GwfKLv
xlYPHCSYoEXgDgZonubHk0PhmoUFtF5mFE610C3vL/dc1rG2DjSV4+pWdXzKkqIB
t35wC2sCs3/NwZnXO53V9pfI6tu8gwcnihJc5E+fOlo+Cglmd1e0kFozq+UbZhnc
98hv4Dt0yYEJ6Ih+zr57k7qb+TJlBeugS0+fbCEokQYxXOj0jqQcaGWCjN0maj7D
Is7vO9DE3frokVL4M4F+/KJtCOuCf42npi4cbK7BbAf2VHSiG4vaeqQ1awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoKRspJefKTRbtWkK9putFCnkGRMB8GA1UdIwQY
MBaAFMpRVBWJBdHUTEWI39JYAvMkqT1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxGVUZZa0YwZFJNUllqZjBsZ0M4eVNwUFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNTU4YWEtNTVlZi00NTBmLThiOTct
MTAwOTBkMWU3ZDk0LzEveWxGVUZZa0YwZFJNUllqZjBsZ0M4eVNwUFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNTU4YWEtNTVlZi00NTBmLThiOTctMTAwOTBkMWU3ZDk0
LzEveWxGVUZZa0YwZFJNUllqZjBsZ0M4eVNwUFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASPiSHVe6
S4M397xgQqD8Htl7nBuUGZw0u00StAqi9EznsCrMVHchIcOx0x00R1P+9reM378/
mWi4DSRSy4PxdGi1zSDwk4kQS1XmYzo+mjP+o/UkY5OuXK+9IVdqt/DO8HbLwZ+M
8eNQwEzfosUdtQ5NzGUrqElZQyZK5V8Ju/Bzl2wuFkKDHKxJPiG32hz9NZ7sh0Zl
BcUv4ROqyb1gyQFSLh6XLE97cjNLxbMHGTkMHp/6dmkYJq3R/PMlc5kwOdTTXSBd
jAuIoMVGE5bNDGBVtc6F40X5HYZgangtwujxka6G6JfWTBek0Ak+K9kG1b3Pdhv6
d9JMUOInWLKk4Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:42:24 2025 by rpki-client