Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          wv6NB/EHV+9ekSTcZ3rB35kAQVT9/l8bayiQohzAsuI=
Subject key identifier:   90:94:BF:1A:D7:D5:34:DB:00:23:0A:83:F5:05:21:00:DA:79:B3:5D
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       01974DE9E1D442A93964BD79F2D8549699B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          0418
Signing time:             Sun 08 Jun 2025 05:01:02 +0000
Manifest this update:     Sun 08 Jun 2025 05:01:02 +0000
Manifest next update:     Mon 09 Jun 2025 05:01:02 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: Nz8DVQ+EVK+WIX1FbBAxYUbgX7jr1aup3etr7byK5PU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:e9:e1:d4:42:a9:39:64:bd:79:f2:d8:54:96:99:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Jun  8 05:01:02 2025 GMT
            Not After : Jun  9 05:01:02 2025 GMT
        Subject: CN=9094bf1ad7d534db00230a83f5052100da79b35d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:12:7b:ad:52:d9:49:ee:93:b7:76:a6:78:7d:
                    36:fe:7a:fd:71:87:38:86:17:66:53:14:bf:29:db:
                    d8:6e:17:e7:aa:77:5e:ce:80:38:69:32:79:a4:65:
                    49:2b:36:3d:d8:6a:2b:2f:ef:8d:ee:6c:60:8c:07:
                    fe:a4:92:98:ed:03:1d:07:6a:05:a4:1a:d3:3a:20:
                    b7:48:50:d9:e2:0a:39:7a:df:dc:27:a8:b0:8b:02:
                    3f:a7:e4:de:ad:a1:91:e4:5f:4d:33:67:39:97:ac:
                    43:b4:4b:70:e5:cb:cb:b8:0f:a7:0a:e1:59:ea:14:
                    68:51:77:64:bb:20:74:f6:08:0a:5c:4f:2c:22:45:
                    95:cf:13:65:16:b9:10:d3:7e:75:a9:cb:e6:98:7c:
                    64:42:db:46:da:b6:cf:45:58:e9:b3:7a:83:fd:8c:
                    76:22:6b:9f:75:eb:8c:d7:ab:89:18:6e:8e:40:58:
                    85:d8:92:85:f0:12:c0:3e:96:1c:54:33:a5:e7:1a:
                    46:38:e6:54:fa:fd:ea:ea:b3:63:e7:00:1b:f2:0a:
                    66:16:cc:9c:19:62:ad:85:ec:a7:f0:c8:8a:1b:b8:
                    e5:15:3f:1b:3d:b6:f6:63:ae:a1:a2:8e:92:c4:31:
                    f4:41:b8:94:82:b3:8d:59:84:5f:cc:0a:e0:f7:37:
                    53:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:94:BF:1A:D7:D5:34:DB:00:23:0A:83:F5:05:21:00:DA:79:B3:5D
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ce:fe:cb:94:51:9d:96:c3:53:89:37:7f:d6:0b:c8:ef:c2:
         39:91:f3:78:68:90:0a:8d:b8:3f:3e:e3:f2:42:3c:b2:8a:63:
         6b:b5:f0:8c:32:a3:81:9f:d4:d0:fd:48:19:4c:5f:c2:f8:6e:
         27:46:4c:3e:ff:25:47:9c:2c:76:79:42:a9:0b:2f:2b:2c:66:
         68:f6:f1:5c:c7:ae:2e:18:67:75:d9:f7:bd:51:a5:f6:20:1f:
         26:1b:e8:b5:27:07:c5:b5:32:b1:21:bd:99:6a:e6:42:71:4f:
         09:61:ae:76:15:6c:19:a7:ea:35:1d:91:c8:90:81:8d:bc:77:
         80:3b:68:79:0e:34:2f:0b:53:2e:5d:a5:58:42:0b:d3:ba:7d:
         23:b2:2c:3c:f3:53:e4:13:be:88:db:44:4e:96:8a:c6:83:3d:
         80:a9:ef:af:ff:41:91:a4:d7:c7:2e:de:dd:5c:8e:a4:1f:55:
         41:90:9e:6e:e9:0f:10:e1:65:45:c9:6f:54:93:82:46:87:78:
         cd:b7:07:45:9d:8a:2a:a7:77:7c:20:ba:2d:74:e0:07:7e:aa:
         6f:9a:a4:51:3f:e5:4e:3e:21:d4:30:0f:83:70:2f:36:db:bd:
         bd:66:38:85:f6:6e:05:13:46:a1:1b:a2:06:c3:99:01:74:1c:
         4a:18:cd:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdN6eHUQqk5ZL158thUlpm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUwNjA4MDUwMTAyWhcNMjUwNjA5MDUwMTAyWjAzMTEwLwYDVQQD
Eyg5MDk0YmYxYWQ3ZDUzNGRiMDAyMzBhODNmNTA1MjEwMGRhNzliMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BJ7rVLZSe6Tt3ameH02/nr9cYc4
hhdmUxS/KdvYbhfnqndezoA4aTJ5pGVJKzY92GorL++N7mxgjAf+pJKY7QMdB2oF
pBrTOiC3SFDZ4go5et/cJ6iwiwI/p+TeraGR5F9NM2c5l6xDtEtw5cvLuA+nCuFZ
6hRoUXdkuyB09ggKXE8sIkWVzxNlFrkQ0351qcvmmHxkQttG2rbPRVjps3qD/Yx2
ImufdeuM16uJGG6OQFiF2JKF8BLAPpYcVDOl5xpGOOZU+v3q6rNj5wAb8gpmFsyc
GWKtheyn8MiKG7jlFT8bPbb2Y66hoo6SxDH0QbiUgrONWYRfzArg9zdTqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCUvxrX1TTbACMKg/UFIQDaebNdMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp87+y5RR
nZbDU4k3f9YLyO/COZHzeGiQCo24Pz7j8kI8sopja7XwjDKjgZ/U0P1IGUxfwvhu
J0ZMPv8lR5wsdnlCqQsvKyxmaPbxXMeuLhhnddn3vVGl9iAfJhvotScHxbUysSG9
mWrmQnFPCWGudhVsGafqNR2RyJCBjbx3gDtoeQ40LwtTLl2lWEIL07p9I7IsPPNT
5BO+iNtETpaKxoM9gKnvr/9BkaTXxy7e3VyOpB9VQZCebukPEOFlRclvVJOCRod4
zbcHRZ2KKqd3fCC6LXTgB36qb5qkUT/lTj4h1DAPg3AvNtu9vWY4hfZuBRNGoRui
BsOZAXQcShjNMg==
-----END CERTIFICATE-----