Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
File:                     yigmXgq4MyeqVJI0yrsT64_2ZDc.mft (raw, json)
Hash identifier:          doEwyxmoaeQKjuZaD0LfCUybK1QEzD+jBHE366q1/1k=
Subject key identifier:   A5:BA:53:28:77:F6:32:76:D3:6F:05:C5:77:81:7A:26:E1:37:21:A0
Authority key identifier: CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37
Certificate issuer:       /CN=ca28265e0ab83327aa549234cabb13eb8ff66437
Certificate serial:       0196865AB3212CD7A27BE532628AE0E1056C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
Manifest number:          0E78
Signing time:             Wed 30 Apr 2025 11:00:13 +0000
Manifest this update:     Wed 30 Apr 2025 11:00:13 +0000
Manifest next update:     Thu 01 May 2025 11:00:13 +0000
Files and hashes:         1: yigmXgq4MyeqVJI0yrsT64_2ZDc.crl (hash: P62zk3bxrbDrJZTijXiRq8G7nHTCt7A5YgFPYbEyPc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 11:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:5a:b3:21:2c:d7:a2:7b:e5:32:62:8a:e0:e1:05:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca28265e0ab83327aa549234cabb13eb8ff66437
        Validity
            Not Before: Apr 30 11:00:13 2025 GMT
            Not After : May  1 11:00:13 2025 GMT
        Subject: CN=a5ba532877f63276d36f05c577817a26e13721a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3f:1d:55:22:ef:73:11:05:6d:7e:02:38:27:
                    12:d1:36:55:53:38:a9:d6:d3:40:5c:3d:d3:e3:19:
                    e7:65:1e:76:e8:cf:3a:10:5f:94:0a:3a:8b:5c:61:
                    66:65:9d:3c:e2:17:50:34:40:7a:f6:7b:1c:3a:06:
                    2e:1a:c9:a1:82:76:dc:00:8e:17:73:e3:08:58:91:
                    6f:82:b1:2f:04:07:95:39:33:f7:f7:b6:3c:66:33:
                    cd:6b:ba:6c:d6:21:d0:9d:b5:61:49:66:37:40:39:
                    78:6d:96:c6:70:90:c6:a0:b8:49:8a:b1:66:6f:73:
                    19:18:f8:29:09:a6:db:c4:1b:19:e3:8e:bd:fc:b9:
                    df:21:8a:fa:d0:83:3a:c8:3c:ec:e3:88:f0:ef:ef:
                    8b:7f:be:b9:20:89:37:0f:f3:d2:13:46:33:12:b4:
                    7f:17:49:0e:3c:71:65:23:31:76:ff:15:87:78:d8:
                    97:5e:56:04:d5:ef:9a:78:08:d5:82:65:be:07:75:
                    84:00:0d:e4:4b:15:88:b6:0e:50:61:6c:75:4e:ec:
                    6f:9d:97:cb:45:6a:6d:82:c5:25:5e:32:cf:fa:39:
                    b9:2a:d9:77:38:d7:95:6e:83:0c:25:ff:87:f0:a1:
                    27:6b:59:e7:75:66:59:37:17:6b:0e:ee:b8:34:0f:
                    c7:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BA:53:28:77:F6:32:76:D3:6F:05:C5:77:81:7A:26:E1:37:21:A0
            X509v3 Authority Key Identifier:
                keyid:CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:bd:ee:05:73:58:28:f1:44:ae:1e:c6:0e:94:21:e7:9e:11:
         34:3e:23:43:ab:20:43:8b:91:21:c2:28:7b:e9:3d:62:3b:c6:
         97:da:f6:8c:f9:6a:46:8c:43:aa:9c:0a:1c:05:7a:b5:ba:ea:
         1e:ac:90:2f:41:fc:02:37:78:8e:dc:1b:47:5e:fe:f7:c3:b4:
         5d:93:64:cc:11:90:68:07:55:c9:dd:cd:03:44:b0:ab:b0:3c:
         e0:d7:fb:bc:5a:30:71:4b:8d:d6:38:41:ba:53:4a:8e:53:37:
         3e:66:89:0b:62:77:60:c6:bf:c7:fd:ee:79:b6:2e:59:8e:0a:
         61:99:82:fa:34:0e:3f:9e:d0:b4:b5:09:97:a4:67:1d:26:82:
         43:30:13:a9:44:5d:47:80:3e:c9:4a:e6:fa:8d:17:53:06:95:
         3f:a3:b0:3e:a2:8d:17:8d:bf:97:17:d9:12:3d:d0:f7:49:96:
         ca:14:5d:ae:22:66:a3:27:1d:a5:52:d3:b2:e0:7d:2f:4e:03:
         7a:ba:d5:53:7f:56:4d:1a:5a:41:ee:65:19:91:48:dc:1d:d6:
         24:d0:e2:04:ea:35:d2:0a:58:83:be:06:d2:42:6b:7f:74:02:
         67:4e:db:26:ed:74:19:0a:7e:57:2f:3c:9c:35:fe:73:5b:39:
         98:e1:0c:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGWrMhLNeie+UyYorg4QVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjgyNjVlMGFiODMzMjdhYTU0OTIzNGNhYmIxM2ViOGZm
NjY0MzcwHhcNMjUwNDMwMTEwMDEzWhcNMjUwNTAxMTEwMDEzWjAzMTEwLwYDVQQD
EyhhNWJhNTMyODc3ZjYzMjc2ZDM2ZjA1YzU3NzgxN2EyNmUxMzcyMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz8dVSLvcxEFbX4COCcS0TZVUzip
1tNAXD3T4xnnZR526M86EF+UCjqLXGFmZZ084hdQNEB69nscOgYuGsmhgnbcAI4X
c+MIWJFvgrEvBAeVOTP397Y8ZjPNa7ps1iHQnbVhSWY3QDl4bZbGcJDGoLhJirFm
b3MZGPgpCabbxBsZ4469/LnfIYr60IM6yDzs44jw7++Lf765IIk3D/PSE0YzErR/
F0kOPHFlIzF2/xWHeNiXXlYE1e+aeAjVgmW+B3WEAA3kSxWItg5QYWx1TuxvnZfL
RWptgsUlXjLP+jm5Ktl3ONeVboMMJf+H8KEna1nndWZZNxdrDu64NA/HdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW6Uyh39jJ2028FxXeBeibhNyGgMB8GA1UdIwQY
MBaAFMooJl4KuDMnqlSSNMq7E+uP9mQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEt
MTJkZmQ1ZTM5NWY5LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEtMTJkZmQ1ZTM5NWY5
LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUr3uBXNY
KPFErh7GDpQh554RND4jQ6sgQ4uRIcIoe+k9YjvGl9r2jPlqRoxDqpwKHAV6tbrq
HqyQL0H8Ajd4jtwbR17+98O0XZNkzBGQaAdVyd3NA0Swq7A84Nf7vFowcUuN1jhB
ulNKjlM3PmaJC2J3YMa/x/3uebYuWY4KYZmC+jQOP57QtLUJl6RnHSaCQzATqURd
R4A+yUrm+o0XUwaVP6OwPqKNF42/lxfZEj3Q90mWyhRdriJmoycdpVLTsuB9L04D
errVU39WTRpaQe5lGZFI3B3WJNDiBOo10gpYg74G0kJrf3QCZ07bJu10GQp+Vy88
nDX+c1s5mOEMTA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:26:39 2025 by rpki-client