Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          jKm6JPnGzD8YJkEgGm/Dz1qw+NMndTLiJZg932S0EGk=
Subject key identifier:   AF:9C:76:B3:E7:14:E1:24:B2:04:C9:B9:48:8C:08:25:75:C1:BF:BF
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019660CDFBC2CE650D1DEEBFAF1336AB6E80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          081F
Signing time:             Wed 23 Apr 2025 04:00:34 +0000
Manifest this update:     Wed 23 Apr 2025 04:00:34 +0000
Manifest next update:     Thu 24 Apr 2025 04:00:34 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: KAuc8P8RlNEfJi4uE0ewO6r3uF8guyfcZye7oqqxzco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:60:cd:fb:c2:ce:65:0d:1d:ee:bf:af:13:36:ab:6e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Apr 23 04:00:34 2025 GMT
            Not After : Apr 24 04:00:34 2025 GMT
        Subject: CN=af9c76b3e714e124b204c9b9488c082575c1bfbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ca:06:30:82:06:9b:da:eb:42:1c:86:c4:80:
                    9a:c0:7f:af:08:0d:07:5d:2d:e5:d9:79:82:42:bf:
                    95:33:de:ba:03:0b:ca:47:91:6a:bf:a6:88:21:23:
                    05:78:8b:04:6c:45:bc:29:32:e1:e1:cb:e3:0c:b2:
                    f9:4a:84:3e:e9:9b:ea:87:b8:ee:1c:58:1d:18:1d:
                    3f:74:d0:1b:98:0e:88:22:5e:2e:76:4f:f1:22:b9:
                    64:8e:cd:a2:fa:2e:01:a1:28:ca:91:5e:a2:4c:dd:
                    4d:89:e2:30:98:0f:5c:82:93:6a:7b:51:c0:3d:05:
                    22:74:77:f7:fc:51:fc:f8:76:6c:3e:fd:41:4b:5c:
                    bd:b8:d0:d7:b1:83:60:08:a6:94:c9:9a:d5:ad:a0:
                    a0:a2:5e:57:4a:7e:c5:d6:57:ed:3c:16:29:c0:7e:
                    ee:6c:73:31:0f:02:92:26:10:c3:1b:30:fe:54:55:
                    3b:c7:0e:79:4d:50:bd:91:ba:66:60:cb:28:36:35:
                    c4:b8:70:72:0c:2f:b4:de:43:fa:cd:e1:3a:65:ba:
                    03:60:67:52:e8:de:d2:6f:87:48:82:98:48:ca:8e:
                    37:00:84:3a:79:32:c7:4b:43:58:3b:63:1d:a8:af:
                    4f:cf:3c:32:60:21:4b:81:0c:1c:7b:d2:93:a7:33:
                    75:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:9C:76:B3:E7:14:E1:24:B2:04:C9:B9:48:8C:08:25:75:C1:BF:BF
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:97:8d:c7:bc:00:7a:b9:6b:1f:20:ae:33:04:5e:96:f3:4a:
         b6:ab:ec:ac:22:a3:4b:17:3f:9b:24:96:93:b4:08:4c:d3:bb:
         8b:5d:2f:0a:bd:43:29:33:f3:83:dc:19:86:79:59:46:d7:1a:
         92:78:8a:19:6f:fd:3b:f1:ff:74:47:88:55:d5:c9:0f:88:08:
         fb:4e:55:77:93:d6:4c:5d:52:55:77:50:63:60:e1:0f:fa:bc:
         51:02:fb:db:82:2b:e2:2e:87:bb:45:eb:fa:cf:74:75:30:4b:
         af:f8:47:65:43:57:4f:57:ca:b7:82:e5:2a:d5:61:41:28:70:
         02:84:d3:72:1c:c1:eb:95:c9:30:b8:6d:65:ae:d4:6a:e1:06:
         c8:0c:46:40:2b:72:21:d7:42:a4:49:07:69:2c:89:61:3b:77:
         fa:f2:1c:a6:54:52:3f:5c:80:89:9e:37:3d:45:50:df:b3:42:
         4e:dd:c7:51:c3:51:b1:e4:33:e6:20:06:b9:bf:f0:6f:62:3b:
         10:43:3d:1e:30:62:a9:a1:87:60:af:9c:a0:2a:88:0d:e5:16:
         c4:bc:ef:1f:3d:c2:b4:1b:b2:bf:9e:3e:7f:95:ea:5f:be:a5:
         2a:2c:62:9b:bd:63:e8:b5:11:b3:77:28:a7:a1:7e:1b:9f:47:
         9c:03:55:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZgzfvCzmUNHe6/rxM2q26AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjUwNDIzMDQwMDM0WhcNMjUwNDI0MDQwMDM0WjAzMTEwLwYDVQQD
EyhhZjljNzZiM2U3MTRlMTI0YjIwNGM5Yjk0ODhjMDgyNTc1YzFiZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscoGMIIGm9rrQhyGxICawH+vCA0H
XS3l2XmCQr+VM966AwvKR5Fqv6aIISMFeIsEbEW8KTLh4cvjDLL5SoQ+6Zvqh7ju
HFgdGB0/dNAbmA6IIl4udk/xIrlkjs2i+i4BoSjKkV6iTN1NieIwmA9cgpNqe1HA
PQUidHf3/FH8+HZsPv1BS1y9uNDXsYNgCKaUyZrVraCgol5XSn7F1lftPBYpwH7u
bHMxDwKSJhDDGzD+VFU7xw55TVC9kbpmYMsoNjXEuHByDC+03kP6zeE6ZboDYGdS
6N7Sb4dIgphIyo43AIQ6eTLHS0NYO2MdqK9PzzwyYCFLgQwce9KTpzN1QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+cdrPnFOEksgTJuUiMCCV1wb+/MB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJeNx7wA
erlrHyCuMwRelvNKtqvsrCKjSxc/mySWk7QITNO7i10vCr1DKTPzg9wZhnlZRtca
kniKGW/9O/H/dEeIVdXJD4gI+05Vd5PWTF1SVXdQY2DhD/q8UQL724Ir4i6Hu0Xr
+s90dTBLr/hHZUNXT1fKt4LlKtVhQShwAoTTchzB65XJMLhtZa7UauEGyAxGQCty
IddCpEkHaSyJYTt3+vIcplRSP1yAiZ43PUVQ37NCTt3HUcNRseQz5iAGub/wb2I7
EEM9HjBiqaGHYK+coCqIDeUWxLzvHz3CtBuyv54+f5XqX76lKixim71j6LURs3co
p6F+G59HnANVfQ==
-----END CERTIFICATE-----