Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          exMzu3kGl5/qvQs+rH/QBWNh/zNK398ymCu69jKb3AA=
Subject key identifier:   6F:48:CC:BD:AF:43:E2:F2:B4:D8:96:D2:FD:55:C4:9E:BF:6F:50:43
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019896A640BFDD5C11573872E54D6E23C2BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          1625
Signing time:             Mon 11 Aug 2025 01:02:14 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:14 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:14 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: YyhlV2A21BtPew+1D3Gl6kJjVOOZV4hU5C9oYlHc28Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:40:bf:dd:5c:11:57:38:72:e5:4d:6e:23:c2:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Aug 11 01:02:14 2025 GMT
            Not After : Aug 12 01:02:14 2025 GMT
        Subject: CN=6f48ccbdaf43e2f2b4d896d2fd55c49ebf6f5043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c9:7b:56:d0:fd:af:48:00:d2:ff:1a:e2:c1:
                    08:b7:17:57:ae:c7:0e:6b:a9:7f:3a:4c:04:ba:fe:
                    d3:63:6f:7b:95:2e:67:1e:ce:98:7d:3c:82:c1:b9:
                    61:f5:06:22:bc:8c:27:4a:e1:34:10:dc:01:93:83:
                    30:68:2a:4c:57:e9:a3:a3:f6:72:e0:54:cc:39:70:
                    34:26:84:ef:61:46:e5:48:d9:1d:22:9d:c9:da:b2:
                    c1:0e:51:0b:da:9c:84:83:65:46:cf:97:17:9f:e3:
                    42:f1:bd:a7:fe:0f:a2:90:a3:76:89:81:f2:a9:ad:
                    bd:0c:a5:60:37:a6:d7:0e:55:dc:e5:6e:69:77:a0:
                    21:01:83:90:fe:6d:d3:c5:4f:d7:0d:0b:cf:16:2b:
                    a9:99:e2:89:15:ca:7e:40:fa:36:23:00:c8:50:83:
                    aa:b7:12:44:56:4c:b5:7c:1c:1a:bd:3e:2f:0d:9b:
                    f8:81:d8:a7:7f:30:90:12:26:15:b0:ff:9c:18:78:
                    01:8f:9a:fa:c4:51:9e:47:d3:08:d4:d6:28:e8:16:
                    a0:a1:31:bb:dc:54:9d:10:a0:52:6f:76:02:aa:10:
                    10:c4:24:71:88:16:8c:e3:a2:ad:a2:0f:d1:70:0e:
                    e0:07:1f:51:87:fc:d8:34:87:33:8a:37:d9:11:2c:
                    a5:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:48:CC:BD:AF:43:E2:F2:B4:D8:96:D2:FD:55:C4:9E:BF:6F:50:43
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:9c:43:17:ea:c7:93:a0:5a:40:21:e2:fb:58:18:d5:8d:dd:
         63:8e:f0:9a:ae:b8:b4:bf:6a:54:f9:ad:59:18:15:cc:43:17:
         f4:90:1c:81:39:3b:b6:d4:90:b2:eb:94:51:41:4d:bc:68:6a:
         87:bd:0c:9f:7e:4d:94:24:24:f4:c2:c5:ef:28:16:1d:67:be:
         af:41:3f:59:de:c6:e6:d8:89:4b:9b:bc:bb:58:f6:f7:40:69:
         84:f8:4b:df:2a:0b:82:cb:da:a3:c8:ed:4d:84:24:d8:3f:18:
         d6:c3:6d:e4:63:a5:e7:b4:cf:09:36:25:eb:56:10:c7:57:b3:
         a5:03:7e:d8:a5:e4:f4:a2:3f:e1:a6:85:d0:32:27:f5:04:22:
         ef:9c:9c:35:6d:a3:98:49:2d:b2:ba:c3:01:87:ab:4f:e5:e1:
         e2:e6:04:d4:d3:83:7a:ad:15:93:04:f6:66:9b:c9:40:72:e6:
         dd:fa:a1:e9:29:e7:b3:f9:85:e3:d1:66:5b:32:36:c6:e6:2c:
         b2:04:a2:ed:fd:e8:41:3f:8f:1e:5e:c3:ea:d0:a3:16:46:e8:
         49:03:e8:01:3a:28:55:92:74:b1:cb:48:26:7c:af:17:20:c0:
         29:71:4f:06:09:4a:8b:fd:cf:47:67:48:27:9c:60:a4:a3:4b:
         a5:0a:37:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpkC/3VwRVzhy5U1uI8K6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUwODExMDEwMjE0WhcNMjUwODEyMDEwMjE0WjAzMTEwLwYDVQQD
Eyg2ZjQ4Y2NiZGFmNDNlMmYyYjRkODk2ZDJmZDU1YzQ5ZWJmNmY1MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMl7VtD9r0gA0v8a4sEItxdXrscO
a6l/OkwEuv7TY297lS5nHs6YfTyCwblh9QYivIwnSuE0ENwBk4MwaCpMV+mjo/Zy
4FTMOXA0JoTvYUblSNkdIp3J2rLBDlEL2pyEg2VGz5cXn+NC8b2n/g+ikKN2iYHy
qa29DKVgN6bXDlXc5W5pd6AhAYOQ/m3TxU/XDQvPFiupmeKJFcp+QPo2IwDIUIOq
txJEVky1fBwavT4vDZv4gdinfzCQEiYVsP+cGHgBj5r6xFGeR9MI1NYo6BagoTG7
3FSdEKBSb3YCqhAQxCRxiBaM46Ktog/RcA7gBx9Rh/zYNIczijfZESylFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9IzL2vQ+LytNiW0v1VxJ6/b1BDMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxJxDF+rH
k6BaQCHi+1gY1Y3dY47wmq64tL9qVPmtWRgVzEMX9JAcgTk7ttSQsuuUUUFNvGhq
h70Mn35NlCQk9MLF7ygWHWe+r0E/Wd7G5tiJS5u8u1j290BphPhL3yoLgsvao8jt
TYQk2D8Y1sNt5GOl57TPCTYl61YQx1ezpQN+2KXk9KI/4aaF0DIn9QQi75ycNW2j
mEktsrrDAYerT+Xh4uYE1NODeq0VkwT2ZpvJQHLm3fqh6Snns/mF49FmWzI2xuYs
sgSi7f3oQT+PHl7D6tCjFkboSQPoATooVZJ0sctIJnyvFyDAKXFPBglKi/3PR2dI
J5xgpKNLpQo37Q==
-----END CERTIFICATE-----