Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          HnEUC6WukQj81wlTkLWy7I1XG7W46sMtSRho2C3u6Uc=
Subject key identifier:   D9:AA:10:65:30:A2:29:4E:5E:63:EB:0D:F2:A0:C0:EC:07:54:B8:0A
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       019770082EBE70D607F4BDC0A769DB7E6A28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          08A8
Signing time:             Sat 14 Jun 2025 20:01:13 +0000
Manifest this update:     Sat 14 Jun 2025 20:01:13 +0000
Manifest next update:     Sun 15 Jun 2025 20:01:13 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: sSBC6cC2tfG//0WXLLN/Zc2BEYUZOmyuAToB7bZHMUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:08:2e:be:70:d6:07:f4:bd:c0:a7:69:db:7e:6a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Jun 14 20:01:13 2025 GMT
            Not After : Jun 15 20:01:13 2025 GMT
        Subject: CN=d9aa106530a2294e5e63eb0df2a0c0ec0754b80a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ae:89:27:52:a2:d9:a9:4d:4d:34:06:49:86:
                    64:e3:11:92:62:f6:4d:24:2c:7b:ae:54:fd:f0:0d:
                    c0:7f:0d:56:af:6e:f7:cf:0b:58:76:ec:33:c9:20:
                    87:dd:50:6c:74:d2:85:45:14:6d:80:ad:78:d6:1a:
                    ba:a6:4f:5f:5f:b8:75:25:e7:f5:ab:31:f1:07:a7:
                    ee:26:d9:a8:b2:ba:a8:38:1a:48:da:e3:ea:9d:46:
                    ee:5b:f7:4a:29:4b:72:19:8e:29:34:df:57:25:e2:
                    ed:08:f8:21:d2:58:eb:73:62:d2:d9:d7:7a:c1:36:
                    47:4b:72:6b:b3:97:2f:ec:98:37:87:25:f7:a4:76:
                    cf:af:21:af:01:86:2b:af:33:cb:88:6e:4c:41:90:
                    4d:75:b5:c6:cd:df:37:d3:7c:d7:6c:fa:8b:03:25:
                    49:61:ae:6a:46:ee:eb:4f:7e:44:ac:bf:f4:d0:88:
                    a1:1d:b0:27:02:6e:d6:30:2f:ff:68:8c:98:c0:f4:
                    c6:2b:98:53:31:a9:cd:96:18:00:b7:b3:96:4f:91:
                    bb:ff:a9:73:95:39:7e:09:7d:26:84:9f:41:3b:11:
                    db:4a:72:57:7e:7b:71:c3:45:bb:19:f1:12:46:d1:
                    28:bd:9f:26:36:9d:57:eb:b1:a5:0b:8a:2f:1c:63:
                    9d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AA:10:65:30:A2:29:4E:5E:63:EB:0D:F2:A0:C0:EC:07:54:B8:0A
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:82:73:5e:93:c1:53:11:a7:22:5f:6f:c1:30:99:6f:fb:a7:
         41:84:0b:62:3c:7d:0f:9d:0f:fd:98:a7:f4:b8:da:3c:ae:21:
         61:c0:18:d8:7a:8b:00:81:cf:b2:35:49:a5:c9:79:aa:60:e5:
         c8:fa:e1:e5:13:2c:39:a0:34:75:00:aa:15:3e:0d:8e:23:74:
         2b:c5:e7:68:6d:d8:02:b2:ae:cc:4e:ef:a1:78:29:df:a1:59:
         37:24:e9:2f:7c:fb:b5:b4:f4:71:20:6e:e8:10:df:43:20:5a:
         ea:28:21:54:81:77:b6:fa:fb:54:86:dd:0a:4f:40:48:2b:08:
         7e:a1:01:7a:93:67:49:85:60:85:12:b2:91:56:4d:17:86:b9:
         fe:61:59:a0:fe:06:15:79:06:da:83:42:60:e3:ef:61:b4:ac:
         6d:84:20:70:76:79:a1:66:0c:49:5a:d2:3d:b8:c7:14:cc:b8:
         e6:e7:45:30:d7:b8:5c:73:96:2d:a0:59:3d:3c:9e:30:53:9a:
         72:f4:b2:81:6b:17:43:77:8e:54:66:ad:6c:a0:27:80:e8:79:
         b1:0f:8b:80:6d:8f:eb:71:c3:6d:2e:d4:3d:03:b7:82:d2:53:
         ab:ed:f0:3d:87:cf:de:50:7b:d8:dc:dc:b6:28:83:d5:97:2e:
         78:96:a2:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwCC6+cNYH9L3Ap2nbfmooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUwNjE0MjAwMTEzWhcNMjUwNjE1MjAwMTEzWjAzMTEwLwYDVQQD
EyhkOWFhMTA2NTMwYTIyOTRlNWU2M2ViMGRmMmEwYzBlYzA3NTRiODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa6JJ1Ki2alNTTQGSYZk4xGSYvZN
JCx7rlT98A3Afw1Wr273zwtYduwzySCH3VBsdNKFRRRtgK141hq6pk9fX7h1Jef1
qzHxB6fuJtmosrqoOBpI2uPqnUbuW/dKKUtyGY4pNN9XJeLtCPgh0ljrc2LS2dd6
wTZHS3Jrs5cv7Jg3hyX3pHbPryGvAYYrrzPLiG5MQZBNdbXGzd8303zXbPqLAyVJ
Ya5qRu7rT35ErL/00IihHbAnAm7WMC//aIyYwPTGK5hTManNlhgAt7OWT5G7/6lz
lTl+CX0mhJ9BOxHbSnJXfntxw0W7GfESRtEovZ8mNp1X67GlC4ovHGOd9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmqEGUwoilOXmPrDfKgwOwHVLgKMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFoJzXpPB
UxGnIl9vwTCZb/unQYQLYjx9D50P/Zin9LjaPK4hYcAY2HqLAIHPsjVJpcl5qmDl
yPrh5RMsOaA0dQCqFT4NjiN0K8XnaG3YArKuzE7voXgp36FZNyTpL3z7tbT0cSBu
6BDfQyBa6ighVIF3tvr7VIbdCk9ASCsIfqEBepNnSYVghRKykVZNF4a5/mFZoP4G
FXkG2oNCYOPvYbSsbYQgcHZ5oWYMSVrSPbjHFMy45udFMNe4XHOWLaBZPTyeMFOa
cvSygWsXQ3eOVGatbKAngOh5sQ+LgG2P63HDbS7UPQO3gtJTq+3wPYfP3lB72Nzc
tiiD1ZcueJaiHQ==
-----END CERTIFICATE-----