Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
File:                     Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft (raw, json)
Hash identifier:          z7glUb+xXI0ayjqhxpOkaCP5tJXjfJUHUjPZRCAt5jo=
Subject key identifier:   CA:D5:E2:1C:79:75:C5:F5:61:1E:FD:A0:32:06:2A:D8:46:AB:F9:5F
Authority key identifier: 62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0
Certificate issuer:       /CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
Certificate serial:       01987B9D93E3060FBA9CD20A0C446760C7F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
Manifest number:          1617
Signing time:             Tue 05 Aug 2025 19:03:01 +0000
Manifest this update:     Tue 05 Aug 2025 19:03:01 +0000
Manifest next update:     Wed 06 Aug 2025 19:03:01 +0000
Files and hashes:         1: Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl (hash: s79B71wbnVyQ1ilvM3/8pGyGCAltVYUELd6pW2d4LQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 19:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9d:93:e3:06:0f:ba:9c:d2:0a:0c:44:67:60:c7:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0
        Validity
            Not Before: Aug  5 19:03:01 2025 GMT
            Not After : Aug  6 19:03:01 2025 GMT
        Subject: CN=cad5e21c7975c5f5611efda032062ad846abf95f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:01:3d:19:fd:f5:0f:fc:0d:30:52:4a:7c:c8:
                    77:ab:1c:80:45:61:90:23:4b:ea:86:cf:22:cb:d0:
                    ca:62:c1:33:e6:94:c5:80:83:33:ed:af:9d:d3:57:
                    3b:9d:e9:15:8c:d6:ec:87:d1:00:71:cb:6c:eb:1d:
                    e3:a9:f9:0a:64:15:65:e8:56:dd:54:b6:3a:8e:5d:
                    4b:f6:c4:31:d1:c4:9c:4e:03:47:a7:e6:0c:c4:ab:
                    92:86:89:ad:da:06:51:bd:9d:88:47:f0:90:39:38:
                    b0:9a:af:1a:e5:9f:ca:1e:8f:62:8d:e4:e6:b3:e0:
                    34:bd:da:65:2c:20:2b:b4:b1:5c:48:3e:34:73:c5:
                    08:17:cf:02:01:84:1d:91:22:1f:ae:f4:a7:94:d4:
                    e2:97:21:d8:c6:05:bb:49:44:7d:3b:b5:9b:60:9e:
                    c9:30:df:ba:41:6a:38:dc:d1:81:e2:7b:8e:11:88:
                    55:3a:54:f3:27:66:72:8e:88:4b:4b:f2:4e:bb:7e:
                    db:56:54:5a:7d:90:9d:c1:a4:fc:15:b6:12:1d:62:
                    d5:73:7d:3b:2d:79:15:bf:cf:da:51:df:b2:53:5d:
                    23:44:e3:89:23:fe:2c:57:48:2b:79:c8:9c:43:96:
                    56:e6:de:d5:65:16:40:70:78:8d:be:5a:ce:86:91:
                    10:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D5:E2:1C:79:75:C5:F5:61:1E:FD:A0:32:06:2A:D8:46:AB:F9:5F
            X509v3 Authority Key Identifier:
                keyid:62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:6a:53:f6:b9:48:8d:fb:0a:09:69:ae:47:d4:c3:3d:28:07:
         e8:dc:b4:3d:ab:a5:61:60:37:d4:c7:22:52:63:83:1c:72:0d:
         da:94:5a:c6:b0:42:2d:8a:5d:66:65:7d:26:69:8e:4c:7c:96:
         09:c3:25:91:95:07:28:7f:62:f8:31:18:6f:9c:05:80:7e:31:
         3a:9f:c2:34:3e:ad:1b:bc:78:89:4f:82:2e:61:29:af:39:aa:
         67:f5:d9:e1:22:24:d0:07:60:1b:13:a0:08:f4:04:33:70:69:
         13:58:9a:2a:e0:01:91:bf:6c:4c:da:9a:5d:2f:1b:dd:ed:85:
         84:27:da:43:ca:b1:0b:5d:8e:81:7f:34:23:ee:9f:69:ce:c9:
         ff:99:e9:fa:2a:51:fa:89:8e:b6:8c:9f:cb:eb:69:1b:37:18:
         e1:ca:85:7a:49:8c:ef:9f:52:16:88:52:5e:46:45:79:5a:7c:
         d9:28:a3:c1:6a:bd:db:22:89:07:b0:67:bf:56:08:76:08:16:
         7a:16:e1:93:bb:a0:a4:08:6c:cd:ef:3d:62:6d:c5:6c:42:c1:
         18:31:fb:e7:ae:9a:22:83:87:40:df:49:c2:4f:48:bc:ca:00:
         de:a2:21:16:b8:d3:24:67:80:47:66:95:26:55:b8:0d:40:74:
         82:f3:af:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nZPjBg+6nNIKDERnYMfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDZlNGJmZmEyYjRkMWJjNDBlOTJiMzBhZjBkMjFhNzRi
MGJiZDAwHhcNMjUwODA1MTkwMzAxWhcNMjUwODA2MTkwMzAxWjAzMTEwLwYDVQQD
EyhjYWQ1ZTIxYzc5NzVjNWY1NjExZWZkYTAzMjA2MmFkODQ2YWJmOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwE9Gf31D/wNMFJKfMh3qxyARWGQ
I0vqhs8iy9DKYsEz5pTFgIMz7a+d01c7nekVjNbsh9EAccts6x3jqfkKZBVl6Fbd
VLY6jl1L9sQx0cScTgNHp+YMxKuShomt2gZRvZ2IR/CQOTiwmq8a5Z/KHo9ijeTm
s+A0vdplLCArtLFcSD40c8UIF88CAYQdkSIfrvSnlNTilyHYxgW7SUR9O7WbYJ7J
MN+6QWo43NGB4nuOEYhVOlTzJ2ZyjohLS/JOu37bVlRafZCdwaT8FbYSHWLVc307
LXkVv8/aUd+yU10jROOJI/4sV0grecicQ5ZW5t7VZRZAcHiNvlrOhpEQ8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrV4hx5dcX1YR79oDIGKthGq/lfMB8GA1UdIwQY
MBaAFGLW5L/6K00bxA6Sswrw0hp0sLvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDIt
ZjE1NTU0ZmE0YjBiLzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDItZjE1NTU0ZmE0YjBi
LzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWpT9rlI
jfsKCWmuR9TDPSgH6Ny0PaulYWA31MciUmODHHIN2pRaxrBCLYpdZmV9JmmOTHyW
CcMlkZUHKH9i+DEYb5wFgH4xOp/CND6tG7x4iU+CLmEprzmqZ/XZ4SIk0AdgGxOg
CPQEM3BpE1iaKuABkb9sTNqaXS8b3e2FhCfaQ8qxC12OgX80I+6fac7J/5np+ipR
+omOtoyfy+tpGzcY4cqFekmM759SFohSXkZFeVp82SijwWq92yKJB7Bnv1YIdggW
ehbhk7ugpAhsze89Ym3FbELBGDH7566aIoOHQN9Jwk9IvMoA3qIhFrjTJGeAR2aV
JlW4DUB0gvOvCg==
-----END CERTIFICATE-----