Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File:                     ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier:          ENWeOZ30QcGG4zwP+HUOl+dH/CcxdWccFt5wiDFBpSw=
Subject key identifier:   E1:CA:C1:6C:F0:0F:44:40:65:C1:1C:CA:78:CE:51:E0:CE:2A:F0:54
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer:       /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial:       0197591256EC70811827C41AC8B45783BA25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number:          0712
Signing time:             Tue 10 Jun 2025 09:01:03 +0000
Manifest this update:     Tue 10 Jun 2025 09:01:03 +0000
Manifest next update:     Wed 11 Jun 2025 09:01:03 +0000
Files and hashes:         1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
                          2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: +L+QCAwa4aihwGgN1tKnn9tFBxqLzp/128Di7x/bLuM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:12:56:ec:70:81:18:27:c4:1a:c8:b4:57:83:ba:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
        Validity
            Not Before: Jun 10 09:01:03 2025 GMT
            Not After : Jun 11 09:01:03 2025 GMT
        Subject: CN=e1cac16cf00f444065c11cca78ce51e0ce2af054
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:58:db:a1:ad:f0:58:a3:14:47:de:41:f9:47:
                    73:4e:3f:30:90:12:64:b1:4a:94:44:29:05:8d:0f:
                    f4:e3:4c:f7:14:1a:d3:ee:1b:36:a9:43:52:ed:13:
                    63:f6:3f:e5:88:64:55:65:45:9b:ec:b3:ce:b1:62:
                    53:7c:30:9e:a6:d2:85:b1:cf:4e:86:51:19:9b:f3:
                    63:ab:ec:fe:75:00:ba:c1:2e:a2:18:02:a8:9c:b0:
                    8b:b6:b7:47:65:92:3f:e1:68:f3:a2:e4:ed:cc:43:
                    f3:43:69:d0:a3:2b:75:be:31:c5:b5:51:ff:a0:d8:
                    c6:72:7c:1a:ff:68:b8:6a:d1:ff:ad:7e:df:be:cb:
                    bd:f1:90:8c:36:6f:97:c2:45:6a:4a:76:35:d9:39:
                    8b:5d:be:52:40:22:e2:75:dc:74:38:b7:b7:b4:87:
                    96:3a:f3:9d:72:96:68:c3:c8:81:10:c5:2e:44:76:
                    57:06:7d:6f:6e:9a:ab:c5:65:c7:91:ec:3f:f8:c2:
                    81:44:0d:de:f4:f0:6a:5a:e4:9f:dd:0d:21:11:7c:
                    1e:a6:28:2a:07:30:91:27:5b:c1:53:f5:ad:f1:98:
                    e3:e3:0b:fe:d1:37:be:c6:9a:d3:60:6d:42:12:7f:
                    c2:90:53:1d:d8:53:e8:ef:83:79:46:25:e6:15:9e:
                    e9:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:CA:C1:6C:F0:0F:44:40:65:C1:1C:CA:78:CE:51:E0:CE:2A:F0:54
            X509v3 Authority Key Identifier:
                keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:b0:ca:ae:cf:bf:6f:93:11:83:33:41:83:59:b9:70:28:bc:
         f8:fa:9b:18:22:42:92:55:28:47:02:11:97:b6:52:40:41:46:
         ef:b3:8a:a6:2e:71:4c:bd:d8:b3:d0:47:dc:57:08:9a:9e:06:
         dc:a5:b1:51:0c:14:ae:4f:f5:0d:f6:fc:e0:b7:aa:b5:ca:49:
         78:c6:a9:e9:86:98:05:d0:1a:0d:c3:a0:45:87:23:5e:3f:b7:
         e0:ae:f0:bc:34:44:2e:29:de:02:68:68:d1:fd:f2:e5:fa:ce:
         3e:42:d6:1c:e1:84:fa:25:be:9a:d0:7e:45:00:6f:52:01:17:
         41:ab:75:83:ee:54:99:b9:02:35:be:2a:93:ea:fa:71:0c:b6:
         b2:17:88:55:37:6f:ba:c7:3d:24:f8:f5:3b:c6:86:7f:6c:e8:
         82:f0:7d:82:4e:52:23:3a:b8:2a:b5:67:ca:a5:4c:91:0c:0e:
         40:08:4d:6b:8a:24:33:94:1f:e0:fd:3d:ae:bd:8a:ea:c2:df:
         6a:9e:8b:5e:40:10:e0:f0:66:e3:27:2d:1d:a8:b8:a9:04:2a:
         f7:96:40:de:b8:e5:5c:3b:17:f9:d0:ae:07:cf:65:2e:14:26:
         fd:b2:3f:4c:bb:af:d2:84:ee:6a:03:51:9c:d9:72:14:20:90:
         46:2e:f8:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZElbscIEYJ8QayLRXg7olMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwNjEwMDkwMTAzWhcNMjUwNjExMDkwMTAzWjAzMTEwLwYDVQQD
EyhlMWNhYzE2Y2YwMGY0NDQwNjVjMTFjY2E3OGNlNTFlMGNlMmFmMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVjboa3wWKMUR95B+UdzTj8wkBJk
sUqURCkFjQ/040z3FBrT7hs2qUNS7RNj9j/liGRVZUWb7LPOsWJTfDCeptKFsc9O
hlEZm/Njq+z+dQC6wS6iGAKonLCLtrdHZZI/4WjzouTtzEPzQ2nQoyt1vjHFtVH/
oNjGcnwa/2i4atH/rX7fvsu98ZCMNm+XwkVqSnY12TmLXb5SQCLiddx0OLe3tIeW
OvOdcpZow8iBEMUuRHZXBn1vbpqrxWXHkew/+MKBRA3e9PBqWuSf3Q0hEXwepigq
BzCRJ1vBU/Wt8Zjj4wv+0Te+xprTYG1CEn/CkFMd2FPo74N5RiXmFZ7pkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHKwWzwD0RAZcEcynjOUeDOKvBUMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuLDKrs+/
b5MRgzNBg1m5cCi8+PqbGCJCklUoRwIRl7ZSQEFG77OKpi5xTL3Ys9BH3FcImp4G
3KWxUQwUrk/1Dfb84LeqtcpJeMap6YaYBdAaDcOgRYcjXj+34K7wvDRELineAmho
0f3y5frOPkLWHOGE+iW+mtB+RQBvUgEXQat1g+5UmbkCNb4qk+r6cQy2sheIVTdv
usc9JPj1O8aGf2zogvB9gk5SIzq4KrVnyqVMkQwOQAhNa4okM5Qf4P09rr2K6sLf
ap6LXkAQ4PBm4yctHai4qQQq95ZA3rjlXDsX+dCuB89lLhQm/bI/TLuv0oTuagNR
nNlyFCCQRi74Ng==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:31:48 2025 by rpki-client