Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          nyiADPyHz5FTg1gnunxlw0hQk6/G3gDRPVoybeuJTkk=
Subject key identifier:   15:AD:58:E5:B5:E9:92:15:B0:FE:B6:A1:43:F8:3E:BB:43:C7:D0:BF
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       01977AC2C6AA0AF5B9631871CBF4F41F3933
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0CF6
Signing time:             Mon 16 Jun 2025 22:01:14 +0000
Manifest this update:     Mon 16 Jun 2025 22:01:14 +0000
Manifest next update:     Tue 17 Jun 2025 22:01:14 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: oGmLfmO517DZ/GwEFoGoFK49W08vP2vnUVfkAlF7yJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:c2:c6:aa:0a:f5:b9:63:18:71:cb:f4:f4:1f:39:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Jun 16 22:01:14 2025 GMT
            Not After : Jun 17 22:01:14 2025 GMT
        Subject: CN=15ad58e5b5e99215b0feb6a143f83ebb43c7d0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e6:b3:b6:5f:82:1c:ac:a5:3d:cd:60:4f:fd:
                    ce:77:23:fa:3f:f4:b8:d8:d0:ae:47:bc:51:47:87:
                    de:bd:b1:7d:cd:ae:d8:7f:43:31:9c:3c:be:94:49:
                    f6:26:11:ba:86:41:32:be:91:c4:03:93:c9:4b:41:
                    5a:66:ea:85:f6:ac:ae:c1:07:1a:3e:cb:13:e6:bc:
                    e5:e2:92:b2:6a:b1:c3:bf:8e:27:4e:9c:c4:5c:59:
                    a9:85:d9:23:77:bb:0d:46:85:81:55:cb:67:3c:1c:
                    f3:48:12:22:2a:ca:5d:f7:7c:de:0d:f3:5a:c9:48:
                    13:08:50:66:c1:16:66:25:36:9d:c3:2c:d1:93:da:
                    20:19:cf:c1:3f:94:31:a0:73:56:3d:37:c8:72:cf:
                    a0:f9:ca:8e:97:ff:5a:d4:54:88:f7:9d:43:39:6b:
                    8c:f0:79:3e:86:f9:18:56:34:3b:55:0e:5c:dd:a6:
                    f9:b6:27:1b:53:70:aa:71:5e:a5:f8:12:d6:59:ed:
                    2b:19:4d:b8:21:77:38:48:aa:b6:cb:e0:eb:7d:c2:
                    60:3c:8f:76:fd:fc:12:49:1d:34:4c:3b:7b:82:2f:
                    e7:e0:ad:d7:48:de:82:db:e1:62:64:70:30:27:38:
                    17:0d:1d:c9:ac:2d:d9:af:30:c8:67:cb:50:8e:81:
                    02:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:AD:58:E5:B5:E9:92:15:B0:FE:B6:A1:43:F8:3E:BB:43:C7:D0:BF
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:24:cd:97:cd:b7:11:8c:c7:2e:ba:9a:40:a7:d8:a9:eb:46:
         0a:9a:8e:57:b7:62:b6:51:4e:c1:ce:e7:25:79:78:df:56:59:
         f0:1e:46:61:ca:a7:59:03:d3:3a:4b:d8:b5:74:71:fd:6c:ce:
         84:b5:60:69:4b:ea:61:c5:08:bb:c6:be:27:f0:04:e2:38:d1:
         90:3b:30:cc:3d:d5:51:5a:02:61:97:3f:6b:0b:6a:77:3e:92:
         f2:de:dd:06:80:78:c4:9e:78:c4:75:b7:22:91:32:e5:7e:b0:
         fe:d7:7f:44:01:70:fa:40:c0:06:4d:f9:51:f8:ea:30:31:ef:
         59:fa:c6:ea:f4:74:09:10:30:ef:a5:ef:d7:41:25:e8:29:56:
         bf:0c:b4:fc:3f:f5:e2:60:15:8b:b2:80:61:26:9e:c8:50:35:
         b3:20:80:e7:93:e6:e3:ec:a6:a5:74:bc:78:91:b6:ad:94:b9:
         1a:9a:2e:78:c2:25:0f:96:13:6a:0d:21:5b:05:30:74:74:b4:
         c9:6e:bb:6c:21:4d:79:9e:6f:39:76:7f:d9:88:4b:71:b1:f6:
         ae:dc:a0:8f:db:f8:1a:9a:ce:47:64:ae:35:d0:d1:6f:50:37:
         9d:d6:29:8f:1f:c3:b7:e7:96:33:61:43:21:ae:f3:44:f2:df:
         fd:05:1c:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6wsaqCvW5Yxhxy/T0HzkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUwNjE2MjIwMTE0WhcNMjUwNjE3MjIwMTE0WjAzMTEwLwYDVQQD
EygxNWFkNThlNWI1ZTk5MjE1YjBmZWI2YTE0M2Y4M2ViYjQzYzdkMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuaztl+CHKylPc1gT/3OdyP6P/S4
2NCuR7xRR4fevbF9za7Yf0MxnDy+lEn2JhG6hkEyvpHEA5PJS0FaZuqF9qyuwQca
PssT5rzl4pKyarHDv44nTpzEXFmphdkjd7sNRoWBVctnPBzzSBIiKspd93zeDfNa
yUgTCFBmwRZmJTadwyzRk9ogGc/BP5QxoHNWPTfIcs+g+cqOl/9a1FSI951DOWuM
8Hk+hvkYVjQ7VQ5c3ab5ticbU3CqcV6l+BLWWe0rGU24IXc4SKq2y+DrfcJgPI92
/fwSSR00TDt7gi/n4K3XSN6C2+FiZHAwJzgXDR3JrC3ZrzDIZ8tQjoECAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWtWOW16ZIVsP62oUP4PrtDx9C/MB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyTNl823
EYzHLrqaQKfYqetGCpqOV7ditlFOwc7nJXl431ZZ8B5GYcqnWQPTOkvYtXRx/WzO
hLVgaUvqYcUIu8a+J/AE4jjRkDswzD3VUVoCYZc/awtqdz6S8t7dBoB4xJ54xHW3
IpEy5X6w/td/RAFw+kDABk35UfjqMDHvWfrG6vR0CRAw76Xv10El6ClWvwy0/D/1
4mAVi7KAYSaeyFA1syCA55Pm4+ympXS8eJG2rZS5GpoueMIlD5YTag0hWwUwdHS0
yW67bCFNeZ5vOXZ/2YhLcbH2rtygj9v4GprOR2SuNdDRb1A3ndYpjx/Dt+eWM2FD
Ia7zRPLf/QUccw==
-----END CERTIFICATE-----