Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File:                     ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier:          S7NTcX07j0r+xabojqdMfqWR1OBx52nFyRbhrk2nVy8=
Subject key identifier:   5E:98:34:EE:2A:12:2A:51:80:E2:80:E7:D1:16:07:FB:24:A2:68:74
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer:       /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial:       01975346D9A9E9D9CA6CBA5A487F3890FC5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number:          070F
Signing time:             Mon 09 Jun 2025 06:00:41 +0000
Manifest this update:     Mon 09 Jun 2025 06:00:41 +0000
Manifest next update:     Tue 10 Jun 2025 06:00:41 +0000
Files and hashes:         1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
                          2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: lUYTtiY+h6LHdm2kEJd57DED7RD29DrKOV0Umhq06P0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:46:d9:a9:e9:d9:ca:6c:ba:5a:48:7f:38:90:fc:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
        Validity
            Not Before: Jun  9 06:00:41 2025 GMT
            Not After : Jun 10 06:00:41 2025 GMT
        Subject: CN=5e9834ee2a122a5180e280e7d11607fb24a26874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:48:16:d4:af:54:9e:9a:cd:24:e5:ac:93:f5:
                    7d:e7:3c:cf:09:90:ef:7c:b5:b9:8d:26:b3:24:df:
                    64:08:d0:a3:21:f5:be:89:5d:4c:4f:ea:43:62:6c:
                    18:50:55:07:6d:f7:38:11:ff:c6:79:39:e4:88:41:
                    30:a0:1b:91:3f:b0:4f:62:11:1f:42:94:c1:af:75:
                    9b:16:3d:5a:d6:ea:94:de:8a:d8:3f:e4:8f:62:4f:
                    cc:7a:af:6f:01:56:c7:f8:ff:1f:33:a6:83:c5:34:
                    00:88:f4:2e:59:d9:2c:60:27:45:31:3f:ef:f0:f2:
                    bd:c1:3b:4f:69:7a:d7:23:21:9d:17:58:c4:aa:b1:
                    30:e7:4a:9c:8f:72:6d:65:30:2b:4d:e0:8c:a4:cb:
                    6b:66:33:d1:30:89:59:ca:b5:65:8d:ed:20:65:5f:
                    bd:80:cd:82:6e:8a:79:de:d0:62:f8:1a:ea:42:cc:
                    b3:1f:79:08:3b:75:8f:de:d6:66:55:25:bd:60:d3:
                    e3:62:8f:2f:ab:3d:e9:83:35:1d:02:da:47:a3:86:
                    3b:8c:33:78:0e:0a:32:65:32:a1:92:e1:da:e0:63:
                    74:c5:be:b9:78:63:e2:e6:c1:ed:58:44:11:1d:23:
                    22:c9:cf:e9:ff:1d:da:a1:92:a0:16:31:39:4c:c1:
                    20:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:98:34:EE:2A:12:2A:51:80:E2:80:E7:D1:16:07:FB:24:A2:68:74
            X509v3 Authority Key Identifier:
                keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:97:6d:59:7d:fd:6e:aa:dc:80:9b:21:42:de:ff:1d:96:33:
         68:02:0d:6f:c5:da:71:87:3b:0d:79:85:ee:21:07:e2:dd:ef:
         54:69:05:82:32:42:ea:c4:d9:f8:6d:b6:dc:4a:67:48:72:a5:
         02:4c:aa:92:06:7d:17:60:59:ec:a4:19:9f:34:8e:9c:0b:54:
         8a:ed:e9:54:c2:4d:aa:ff:ce:ad:ad:9d:d0:dc:b8:07:5a:e7:
         af:ef:14:c8:49:48:80:e2:72:b9:6c:16:c7:9b:58:e6:84:31:
         4e:6a:33:99:e1:11:e9:70:0e:e6:8a:fc:c8:98:98:3e:50:e2:
         f5:9d:02:4e:ec:d0:a0:99:4c:55:e6:2f:dc:2b:78:20:d6:77:
         78:a2:7d:72:1e:47:81:c8:e6:ed:e7:22:b1:c3:1f:f7:5d:b5:
         7e:4f:26:cf:d4:60:e6:82:37:ee:0a:7e:7c:4b:6b:fa:ee:93:
         8f:9e:91:3f:b3:ca:f9:3a:d2:29:bd:ab:9a:35:5a:ef:a0:e8:
         9a:d1:38:0d:cf:7e:10:17:e0:88:55:a0:ad:74:ac:df:06:1c:
         f2:13:b2:ec:8e:81:84:57:62:d0:86:99:d2:fe:5d:63:e3:b0:
         83:ba:44:c8:19:d3:de:a3:23:50:b0:b4:19:fd:f0:36:f7:f8:
         6a:85:23:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTRtmp6dnKbLpaSH84kPxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwNjA5MDYwMDQxWhcNMjUwNjEwMDYwMDQxWjAzMTEwLwYDVQQD
Eyg1ZTk4MzRlZTJhMTIyYTUxODBlMjgwZTdkMTE2MDdmYjI0YTI2ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEgW1K9UnprNJOWsk/V95zzPCZDv
fLW5jSazJN9kCNCjIfW+iV1MT+pDYmwYUFUHbfc4Ef/GeTnkiEEwoBuRP7BPYhEf
QpTBr3WbFj1a1uqU3orYP+SPYk/Meq9vAVbH+P8fM6aDxTQAiPQuWdksYCdFMT/v
8PK9wTtPaXrXIyGdF1jEqrEw50qcj3JtZTArTeCMpMtrZjPRMIlZyrVlje0gZV+9
gM2Cbop53tBi+BrqQsyzH3kIO3WP3tZmVSW9YNPjYo8vqz3pgzUdAtpHo4Y7jDN4
DgoyZTKhkuHa4GN0xb65eGPi5sHtWEQRHSMiyc/p/x3aoZKgFjE5TMEggwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6YNO4qEipRgOKA59EWB/skomh0MB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZdtWX39
bqrcgJshQt7/HZYzaAINb8XacYc7DXmF7iEH4t3vVGkFgjJC6sTZ+G223EpnSHKl
AkyqkgZ9F2BZ7KQZnzSOnAtUiu3pVMJNqv/Ora2d0Ny4B1rnr+8UyElIgOJyuWwW
x5tY5oQxTmozmeER6XAO5or8yJiYPlDi9Z0CTuzQoJlMVeYv3Ct4INZ3eKJ9ch5H
gcjm7eciscMf9121fk8mz9Rg5oI37gp+fEtr+u6Tj56RP7PK+TrSKb2rmjVa76Do
mtE4Dc9+EBfgiFWgrXSs3wYc8hOy7I6BhFdi0IaZ0v5dY+Owg7pEyBnT3qMjULC0
Gf3wNvf4aoUjjw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:12:47 2025 by rpki-client