Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          MSsYGUqkHth22WsBdn6OzmSv1S2I+HuBZy7InQrrEBY=
Subject key identifier:   AF:E0:F1:F8:92:0D:3C:8F:EA:71:5F:B9:3E:CF:2E:DB:E3:72:85:C7
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019698CFA5C59AC6EB07C7EE6C765869F4E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          151D
Signing time:             Sun 04 May 2025 01:01:07 +0000
Manifest this update:     Sun 04 May 2025 01:01:07 +0000
Manifest next update:     Mon 05 May 2025 01:01:07 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: R03Z+PTprRSbGVDrDSniqi1v2ceiADgd8oDnE7SjLyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:98:cf:a5:c5:9a:c6:eb:07:c7:ee:6c:76:58:69:f4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: May  4 01:01:07 2025 GMT
            Not After : May  5 01:01:07 2025 GMT
        Subject: CN=afe0f1f8920d3c8fea715fb93ecf2edbe37285c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4a:79:48:b6:3f:08:52:bd:30:15:7f:e6:49:
                    4a:86:55:54:7c:28:48:1b:4c:25:3b:46:ac:c9:64:
                    e8:f4:52:6c:36:63:8d:ec:1a:75:5f:64:87:88:3b:
                    a8:fa:e9:23:b3:ac:fb:27:2a:83:eb:04:51:fd:1b:
                    4c:f6:86:3c:76:ae:b7:25:8c:c8:0f:79:88:41:26:
                    4d:cd:16:13:33:44:c0:4a:18:07:78:cf:39:7b:21:
                    5e:7b:de:98:d2:f2:82:3a:45:d2:fb:4e:e6:a0:58:
                    85:56:ba:03:b8:74:84:c8:57:36:87:35:4f:8d:fd:
                    16:28:b0:98:98:ee:7a:5b:45:05:5b:5c:c9:56:03:
                    c2:6c:f1:53:cf:ca:08:4f:78:b9:30:d3:c9:7e:4c:
                    07:33:1d:ba:1c:73:cc:37:eb:59:e7:95:64:85:45:
                    b3:9a:8d:03:f5:a2:d2:e2:67:73:8e:8b:30:bc:21:
                    ad:78:5f:5e:4f:15:52:f4:9f:7e:63:f6:06:a3:a7:
                    b9:89:cc:13:69:a4:05:21:c5:1c:24:23:62:af:90:
                    4a:42:07:ff:d8:7e:95:2e:eb:15:34:c2:62:db:22:
                    cf:87:23:b2:03:02:b6:b6:03:7a:35:d5:6e:bc:c8:
                    e7:c9:91:2c:f4:2f:71:cd:18:97:2c:37:9f:a1:16:
                    d6:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:E0:F1:F8:92:0D:3C:8F:EA:71:5F:B9:3E:CF:2E:DB:E3:72:85:C7
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:59:07:f8:cc:7f:3d:71:29:36:73:85:07:cb:96:90:6d:06:
         94:a9:c7:99:dc:7f:f6:df:c5:dc:05:90:ef:08:d6:40:ea:19:
         26:f7:af:3c:33:43:2b:9d:40:8f:9d:41:2b:c7:9a:ac:bf:5d:
         ef:c3:a5:fa:27:b7:04:f7:5f:e3:84:b8:35:de:7f:f6:67:73:
         83:b0:a2:05:97:f2:ed:a9:a1:20:07:47:98:aa:e5:2f:bb:b8:
         1e:fc:68:19:f0:bc:f4:88:7d:79:4a:77:b8:96:c7:eb:00:70:
         94:3d:96:3a:37:21:c2:59:5f:ec:40:33:ac:08:f0:d0:54:97:
         60:f4:f7:e5:fd:5b:6a:e6:1d:92:6d:49:a8:7c:9b:90:a2:73:
         6b:f9:71:7c:8f:6b:f6:85:9a:1d:75:10:ed:c3:b8:56:84:f8:
         14:2a:2a:1c:9b:15:c8:c4:d4:52:62:ee:d1:d2:c9:38:a7:02:
         15:6e:1b:b0:5f:96:4b:a7:56:59:54:75:81:93:f6:d9:09:1a:
         17:bc:8e:24:36:85:90:82:71:92:dd:e4:c8:47:de:ce:fc:0e:
         68:af:b9:5c:5b:61:ac:94:2c:70:11:32:04:f0:05:05:57:32:
         67:cc:cc:e6:bc:ae:8b:ed:7f:09:5b:8b:52:d2:ac:81:c6:70:
         33:87:cd:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaYz6XFmsbrB8fubHZYafTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUwNTA0MDEwMTA3WhcNMjUwNTA1MDEwMTA3WjAzMTEwLwYDVQQD
EyhhZmUwZjFmODkyMGQzYzhmZWE3MTVmYjkzZWNmMmVkYmUzNzI4NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0p5SLY/CFK9MBV/5klKhlVUfChI
G0wlO0asyWTo9FJsNmON7Bp1X2SHiDuo+ukjs6z7JyqD6wRR/RtM9oY8dq63JYzI
D3mIQSZNzRYTM0TAShgHeM85eyFee96Y0vKCOkXS+07moFiFVroDuHSEyFc2hzVP
jf0WKLCYmO56W0UFW1zJVgPCbPFTz8oIT3i5MNPJfkwHMx26HHPMN+tZ55VkhUWz
mo0D9aLS4mdzjoswvCGteF9eTxVS9J9+Y/YGo6e5icwTaaQFIcUcJCNir5BKQgf/
2H6VLusVNMJi2yLPhyOyAwK2tgN6NdVuvMjnyZEs9C9xzRiXLDefoRbWhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/g8fiSDTyP6nFfuT7PLtvjcoXHMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlkH+Mx/
PXEpNnOFB8uWkG0GlKnHmdx/9t/F3AWQ7wjWQOoZJvevPDNDK51Aj51BK8earL9d
78Ol+ie3BPdf44S4Nd5/9mdzg7CiBZfy7amhIAdHmKrlL7u4HvxoGfC89Ih9eUp3
uJbH6wBwlD2WOjchwllf7EAzrAjw0FSXYPT35f1bauYdkm1JqHybkKJza/lxfI9r
9oWaHXUQ7cO4VoT4FCoqHJsVyMTUUmLu0dLJOKcCFW4bsF+WS6dWWVR1gZP22Qka
F7yOJDaFkIJxkt3kyEfezvwOaK+5XFthrJQscBEyBPAFBVcyZ8zM5ryui+1/CVuL
UtKsgcZwM4fN7w==
-----END CERTIFICATE-----