Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
File:                     Ym0k1r81OWP-WvolsKWWZxUqhtA.mft (raw, json)
Hash identifier:          yq9WbsWpJU3NLuxo0/tf2KfN2zVsRoxsRuoJ4TBbSdY=
Subject key identifier:   90:E7:79:C1:D1:BE:9A:3C:6F:30:7A:28:D3:47:98:17:C4:EC:0A:E1
Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0
Certificate issuer:       /CN=626d24d6bf353963fe5afa25b0a59667152a86d0
Certificate serial:       019753B4D47E601462F654AC671C99364C71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
Manifest number:          0D11
Signing time:             Mon 09 Jun 2025 08:00:49 +0000
Manifest this update:     Mon 09 Jun 2025 08:00:49 +0000
Manifest next update:     Tue 10 Jun 2025 08:00:49 +0000
Files and hashes:         1: XsLpmpu2xvBP4JjcplMw-4A56mY.roa (hash: zDQ4NxbIV24C02r59jK+8GO4r9TIoUq4yC6lv1rRxf0=)
                          2: Ym0k1r81OWP-WvolsKWWZxUqhtA.crl (hash: nura5NFp2S1Yqdi0UDvOaa8lGiodsHnc2t4JAfHpb1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:b4:d4:7e:60:14:62:f6:54:ac:67:1c:99:36:4c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0
        Validity
            Not Before: Jun  9 08:00:49 2025 GMT
            Not After : Jun 10 08:00:49 2025 GMT
        Subject: CN=90e779c1d1be9a3c6f307a28d3479817c4ec0ae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e0:bb:a4:2b:bb:74:19:6d:d3:61:01:ed:7a:
                    e4:07:f3:dd:20:73:72:6a:5e:34:0c:4e:b5:51:b7:
                    b9:47:41:40:ad:bd:84:e3:c5:e3:7b:91:84:bb:8f:
                    6f:4c:8c:43:c6:06:6a:b2:e5:44:c9:11:24:93:fb:
                    80:a9:bc:cf:1a:eb:aa:1c:ea:00:7e:eb:34:54:47:
                    91:e3:c0:94:f7:81:04:09:5d:8a:e9:fd:38:c0:ae:
                    d0:01:3f:c7:ed:8c:51:dd:9f:6f:30:10:be:fe:73:
                    9d:8e:be:71:dc:5e:38:13:5e:c8:da:9a:0f:7a:52:
                    f1:7d:17:63:c0:f1:f3:70:29:c6:b8:23:80:8e:49:
                    de:4a:95:26:ab:cf:8f:79:70:bf:29:41:4c:80:d9:
                    a5:23:8e:4a:97:2a:0a:ce:20:18:74:6c:a2:7d:60:
                    39:40:9d:39:65:b4:fd:e9:11:88:7b:9d:db:82:4d:
                    41:c9:0d:9e:3c:66:d3:68:02:f9:85:09:1a:4d:21:
                    19:34:2a:85:9b:0a:73:00:0e:a5:57:d7:79:ee:92:
                    e7:c7:2b:17:54:a6:f3:3a:f9:1b:fc:d6:53:ec:88:
                    5c:df:7d:57:13:ef:45:91:0c:15:76:b8:33:42:8b:
                    16:7f:f5:50:33:05:54:05:0c:43:94:c8:5d:45:95:
                    d1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E7:79:C1:D1:BE:9A:3C:6F:30:7A:28:D3:47:98:17:C4:EC:0A:E1
            X509v3 Authority Key Identifier:
                keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:d6:10:74:7c:40:a4:b9:64:fe:b1:89:87:d9:9a:6f:85:df:
         ca:a6:ef:75:74:36:2a:38:a9:fe:86:24:c1:82:81:ce:10:7e:
         11:46:bd:2e:30:f3:85:65:db:43:a4:84:dc:62:55:88:60:de:
         41:9f:b3:2e:54:83:02:e0:af:e3:c2:a5:22:c4:17:f5:03:ed:
         6b:92:2f:8b:d4:0b:55:22:59:6d:73:c3:9f:13:e4:44:f0:1a:
         f0:77:86:16:ac:3b:44:0e:87:b3:b3:93:44:18:a2:b4:66:0c:
         42:71:f3:39:ef:26:29:c7:56:96:7f:f3:80:15:70:b4:71:bf:
         52:7e:90:b9:2c:ac:e6:94:2e:12:8d:eb:6e:53:82:1d:52:cd:
         85:25:00:fe:c9:aa:50:22:c9:99:72:3d:a0:28:67:c9:6b:10:
         84:b7:1f:b5:bd:04:c2:c5:cf:70:af:e7:45:a8:38:46:70:48:
         6c:87:b5:c6:1a:66:2b:42:2c:d3:5f:29:f4:f1:74:ef:f7:48:
         78:70:3c:e0:fb:08:3c:15:f8:4c:f9:2b:c7:e0:9b:03:bf:c3:
         38:a1:22:f0:3d:6d:51:57:0c:a1:0c:a9:79:9e:a2:68:95:91:
         65:cb:a1:ea:30:91:55:78:19:86:75:c7:21:19:45:71:40:d2:
         20:4a:fb:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtNR+YBRi9lSsZxyZNkxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmQyNGQ2YmYzNTM5NjNmZTVhZmEyNWIwYTU5NjY3MTUy
YTg2ZDAwHhcNMjUwNjA5MDgwMDQ5WhcNMjUwNjEwMDgwMDQ5WjAzMTEwLwYDVQQD
Eyg5MGU3NzljMWQxYmU5YTNjNmYzMDdhMjhkMzQ3OTgxN2M0ZWMwYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+C7pCu7dBlt02EB7XrkB/PdIHNy
al40DE61Ube5R0FArb2E48Xje5GEu49vTIxDxgZqsuVEyREkk/uAqbzPGuuqHOoA
fus0VEeR48CU94EECV2K6f04wK7QAT/H7YxR3Z9vMBC+/nOdjr5x3F44E17I2poP
elLxfRdjwPHzcCnGuCOAjkneSpUmq8+PeXC/KUFMgNmlI45KlyoKziAYdGyifWA5
QJ05ZbT96RGIe53bgk1ByQ2ePGbTaAL5hQkaTSEZNCqFmwpzAA6lV9d57pLnxysX
VKbzOvkb/NZT7Ihc331XE+9FkQwVdrgzQosWf/VQMwVUBQxDlMhdRZXRzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDnecHRvpo8bzB6KNNHmBfE7ArhMB8GA1UdIwQY
MBaAFGJtJNa/NTlj/lr6JbCllmcVKobQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEt
YWM4MDliYmFlNzM3LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEtYWM4MDliYmFlNzM3
LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqNYQdHxA
pLlk/rGJh9mab4XfyqbvdXQ2Kjip/oYkwYKBzhB+EUa9LjDzhWXbQ6SE3GJViGDe
QZ+zLlSDAuCv48KlIsQX9QPta5Ivi9QLVSJZbXPDnxPkRPAa8HeGFqw7RA6Hs7OT
RBiitGYMQnHzOe8mKcdWln/zgBVwtHG/Un6QuSys5pQuEo3rblOCHVLNhSUA/smq
UCLJmXI9oChnyWsQhLcftb0EwsXPcK/nRag4RnBIbIe1xhpmK0Is018p9PF07/dI
eHA84PsIPBX4TPkrx+CbA7/DOKEi8D1tUVcMoQypeZ6iaJWRZcuh6jCRVXgZhnXH
IRlFcUDSIEr7fA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:47:38 2025 by rpki-client