Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
File:                     Ym0k1r81OWP-WvolsKWWZxUqhtA.mft (raw, json)
Hash identifier:          16ByISB8EtH4eGn+BhcZo+uO3NlJSZ/UYlA+0XVESb0=
Subject key identifier:   D9:AE:48:DA:49:A8:9C:9B:18:56:3E:3D:08:5A:16:D5:98:F4:92:FB
Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0
Certificate issuer:       /CN=626d24d6bf353963fe5afa25b0a59667152a86d0
Certificate serial:       019759800F7BC0A2622EF10FC538D9B1CB2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
Manifest number:          0D14
Signing time:             Tue 10 Jun 2025 11:00:54 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:54 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:54 +0000
Files and hashes:         1: XsLpmpu2xvBP4JjcplMw-4A56mY.roa (hash: zDQ4NxbIV24C02r59jK+8GO4r9TIoUq4yC6lv1rRxf0=)
                          2: Ym0k1r81OWP-WvolsKWWZxUqhtA.crl (hash: AXuy6EEWBpilVjkZoZGcQ/eH2MTwlc6CfqkFKWnVKZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:80:0f:7b:c0:a2:62:2e:f1:0f:c5:38:d9:b1:cb:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0
        Validity
            Not Before: Jun 10 11:00:54 2025 GMT
            Not After : Jun 11 11:00:54 2025 GMT
        Subject: CN=d9ae48da49a89c9b18563e3d085a16d598f492fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:78:7e:f6:72:53:c3:1d:38:d2:a1:c6:fc:e4:
                    83:01:77:ac:1c:d6:5f:93:38:e4:0f:68:23:bd:71:
                    2b:d3:3a:8a:91:db:0a:32:b9:b7:1b:1f:5f:f7:d3:
                    f3:ab:20:82:75:e9:29:a7:8b:50:49:f6:53:4d:eb:
                    f9:64:73:ba:f9:71:55:4b:87:03:91:29:4d:b4:f2:
                    50:eb:95:5a:28:b9:1b:72:91:ea:ac:89:34:7b:e8:
                    20:f2:03:01:55:b6:bd:96:e5:33:d3:e5:8f:09:5d:
                    df:84:ee:61:03:64:cd:1b:c9:69:b2:09:87:d3:6e:
                    03:83:fc:a6:d4:15:dc:40:2b:70:39:7d:f9:7a:6b:
                    9f:cf:27:78:1d:b2:c3:bc:7b:6d:23:5a:fc:96:de:
                    7a:2a:65:30:f2:df:8e:c5:bd:81:e1:b9:c8:6d:99:
                    12:e5:2e:7f:02:41:91:97:41:53:28:6a:3c:93:65:
                    75:36:ff:d2:a6:9e:55:ac:fe:3b:9d:07:09:ef:37:
                    b7:2a:64:86:f8:96:27:1c:a5:08:d3:69:c6:b3:0e:
                    97:07:d6:41:5a:ca:4b:f0:34:c1:f2:15:6c:95:16:
                    cf:03:76:54:91:b5:cf:d2:cd:f6:dc:30:46:0f:d8:
                    c8:b3:5c:bd:4a:5c:3e:7e:f2:50:26:74:b2:30:ba:
                    81:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AE:48:DA:49:A8:9C:9B:18:56:3E:3D:08:5A:16:D5:98:F4:92:FB
            X509v3 Authority Key Identifier:
                keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:4d:b7:10:ed:e8:f6:dc:86:b4:b5:2a:e6:4d:5d:6b:91:a5:
         0f:e2:37:e0:1a:03:ac:ca:09:2d:0b:f2:f3:1a:52:44:19:a5:
         60:23:30:0e:18:2d:1d:07:9c:a9:74:7a:07:bd:6d:23:6e:e7:
         03:4d:da:31:4b:5b:1f:8f:61:da:11:37:12:47:0b:b7:87:06:
         ad:00:d5:fb:fa:01:92:20:2d:60:d9:7b:5a:f6:95:26:f0:12:
         9a:20:2d:71:33:0a:29:ad:b1:28:dc:71:11:96:f3:a5:54:c6:
         c9:5b:55:16:9e:b9:fc:1d:67:63:13:7c:a2:cf:db:72:9b:09:
         44:52:25:b1:32:8b:a1:03:35:3b:fd:ff:61:32:e4:a6:01:5a:
         8b:75:29:fc:9a:f6:39:96:d1:fe:c8:d3:dc:a5:49:75:75:db:
         3e:87:80:75:64:f6:96:3c:6a:cc:6f:22:d1:fb:5a:f8:45:c6:
         43:03:2d:45:11:f4:9d:d3:25:27:b7:37:74:c2:bb:5e:4a:a8:
         99:58:66:d9:4c:48:4b:13:e6:98:f9:28:89:76:ac:dc:6c:b3:
         0b:90:59:17:c4:19:f6:33:64:16:3c:e2:a3:db:7b:e7:d2:75:
         1b:65:39:bd:fb:0b:75:5c:9c:d9:34:3a:2c:0c:8d:b8:42:46:
         06:d4:a9:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZgA97wKJiLvEPxTjZscsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmQyNGQ2YmYzNTM5NjNmZTVhZmEyNWIwYTU5NjY3MTUy
YTg2ZDAwHhcNMjUwNjEwMTEwMDU0WhcNMjUwNjExMTEwMDU0WjAzMTEwLwYDVQQD
EyhkOWFlNDhkYTQ5YTg5YzliMTg1NjNlM2QwODVhMTZkNTk4ZjQ5MmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3h+9nJTwx040qHG/OSDAXesHNZf
kzjkD2gjvXEr0zqKkdsKMrm3Gx9f99PzqyCCdekpp4tQSfZTTev5ZHO6+XFVS4cD
kSlNtPJQ65VaKLkbcpHqrIk0e+gg8gMBVba9luUz0+WPCV3fhO5hA2TNG8lpsgmH
024Dg/ym1BXcQCtwOX35emufzyd4HbLDvHttI1r8lt56KmUw8t+Oxb2B4bnIbZkS
5S5/AkGRl0FTKGo8k2V1Nv/Spp5VrP47nQcJ7ze3KmSG+JYnHKUI02nGsw6XB9ZB
WspL8DTB8hVslRbPA3ZUkbXP0s323DBGD9jIs1y9Slw+fvJQJnSyMLqBRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmuSNpJqJybGFY+PQhaFtWY9JL7MB8GA1UdIwQY
MBaAFGJtJNa/NTlj/lr6JbCllmcVKobQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEt
YWM4MDliYmFlNzM3LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEtYWM4MDliYmFlNzM3
LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATk23EO3o
9tyGtLUq5k1da5GlD+I34BoDrMoJLQvy8xpSRBmlYCMwDhgtHQecqXR6B71tI27n
A03aMUtbH49h2hE3EkcLt4cGrQDV+/oBkiAtYNl7WvaVJvASmiAtcTMKKa2xKNxx
EZbzpVTGyVtVFp65/B1nYxN8os/bcpsJRFIlsTKLoQM1O/3/YTLkpgFai3Up/Jr2
OZbR/sjT3KVJdXXbPoeAdWT2ljxqzG8i0fta+EXGQwMtRRH0ndMlJ7c3dMK7Xkqo
mVhm2UxISxPmmPkoiXas3GyzC5BZF8QZ9jNkFjzio9t759J1G2U5vfsLdVyc2TQ6
LAyNuEJGBtSpeQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:25:14 2025 by rpki-client