Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          tv346wjzno/W+gDI/ZtZzXFs2Ug+kxplN5bCvXmVCiA=
Subject key identifier:   69:45:34:4D:EB:34:95:C8:17:CE:3F:18:DA:B1:EB:6B:F0:AF:E5:C5
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       01977007955C04F1BAA5A0C61B9224BE1CE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 20:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:34 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: dYbBioFpj/SrE5Hntxh2T2aeUxkrsgnAWN2vQO/Zu8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:95:5c:04:f1:ba:a5:a0:c6:1b:92:24:be:1c:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Jun 14 20:00:34 2025 GMT
            Not After : Jun 15 20:00:34 2025 GMT
        Subject: CN=6945344deb3495c817ce3f18dab1eb6bf0afe5c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:04:37:2f:d1:ce:8f:92:ff:0f:7e:eb:85:11:
                    4a:57:73:7c:3d:e0:d7:86:44:b5:f7:85:b7:7d:30:
                    f3:c8:eb:f5:6f:6e:2b:f3:8e:70:29:ac:f2:69:bb:
                    f6:ac:ca:36:66:ff:d0:7a:12:f5:f2:a6:86:82:93:
                    3e:d1:40:42:a4:93:96:18:f3:d7:e5:b6:3d:1c:2a:
                    14:c8:ad:8f:aa:c6:b6:a3:8b:e5:77:41:15:fe:7c:
                    8f:c2:cc:59:4f:2d:66:f0:1a:f5:d6:ea:1d:d4:8e:
                    d5:d8:1f:a7:6f:2f:b2:43:73:29:53:1a:f3:8c:c8:
                    f0:5b:66:8c:15:c5:5e:21:dd:9a:67:c8:08:8e:31:
                    9e:39:42:6e:5f:66:7a:45:50:59:e1:3e:27:fb:9d:
                    f1:f8:24:bf:ba:4b:6f:76:62:37:13:d9:cb:4a:31:
                    5a:69:d7:08:89:44:06:9f:10:70:f7:b8:14:dd:be:
                    60:c8:b8:f4:5f:4d:c9:b2:6d:18:4d:49:23:c3:53:
                    d4:68:41:5b:80:b8:50:fc:ea:3f:45:8f:ca:4a:80:
                    73:e5:38:8a:38:e5:4e:65:ae:0d:78:e2:b9:cc:9e:
                    99:64:12:c3:f1:15:3b:86:41:04:e6:61:9b:58:ce:
                    10:da:eb:cc:79:11:8b:3f:03:fd:90:ef:00:26:66:
                    5d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:45:34:4D:EB:34:95:C8:17:CE:3F:18:DA:B1:EB:6B:F0:AF:E5:C5
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:9e:8d:b9:a2:0a:22:f7:ad:38:f6:07:92:a7:bf:0f:8a:ec:
         ba:ca:95:0c:0c:69:92:f1:5e:a3:a0:ae:7a:97:a9:55:d4:e0:
         23:44:82:b2:c8:92:9d:7a:61:0f:95:b9:8b:aa:db:15:71:97:
         a6:82:8f:dc:f3:2a:b3:5f:bb:ad:62:4c:9d:8b:d3:f9:7c:77:
         81:e0:9d:3b:3f:03:2c:13:00:42:f0:92:cf:ff:c3:fd:ee:b6:
         5e:af:8f:b7:f7:c2:7b:b5:22:9a:8c:77:f7:92:67:8d:a8:3e:
         c9:88:a0:c2:a4:2f:e1:d6:40:01:7b:70:1a:d8:a8:62:27:4e:
         50:76:0c:af:f1:f0:31:61:08:20:de:ad:cd:2a:01:6b:ed:f4:
         c4:8f:a5:f1:d6:35:13:d6:04:30:28:c7:6b:84:4a:07:6a:fa:
         3a:a3:38:c0:99:0e:f0:19:9b:2d:72:f9:4f:1d:18:2c:f7:bb:
         6e:ac:ae:f8:27:05:de:38:a6:63:7b:c1:a5:c4:5c:5d:77:00:
         2e:8e:93:b0:eb:a4:4b:3b:ed:ff:76:37:49:4b:d1:09:1a:6f:
         e4:9f:f3:66:6c:e9:0e:b4:e0:ab:d6:3e:fd:9c:0a:61:19:55:
         e9:74:03:a6:23:0d:29:4b:34:f8:bf:33:6c:df:36:e9:07:13:
         a1:f9:f8:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB5VcBPG6paDGG5IkvhzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUwNjE0MjAwMDM0WhcNMjUwNjE1MjAwMDM0WjAzMTEwLwYDVQQD
Eyg2OTQ1MzQ0ZGViMzQ5NWM4MTdjZTNmMThkYWIxZWI2YmYwYWZlNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgQ3L9HOj5L/D37rhRFKV3N8PeDX
hkS194W3fTDzyOv1b24r845wKazyabv2rMo2Zv/QehL18qaGgpM+0UBCpJOWGPPX
5bY9HCoUyK2Pqsa2o4vld0EV/nyPwsxZTy1m8Br11uod1I7V2B+nby+yQ3MpUxrz
jMjwW2aMFcVeId2aZ8gIjjGeOUJuX2Z6RVBZ4T4n+53x+CS/uktvdmI3E9nLSjFa
adcIiUQGnxBw97gU3b5gyLj0X03Jsm0YTUkjw1PUaEFbgLhQ/Oo/RY/KSoBz5TiK
OOVOZa4NeOK5zJ6ZZBLD8RU7hkEE5mGbWM4Q2uvMeRGLPwP9kO8AJmZdzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlFNE3rNJXIF84/GNqx62vwr+XFMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFp6NuaIK
IvetOPYHkqe/D4rsusqVDAxpkvFeo6CuepepVdTgI0SCssiSnXphD5W5i6rbFXGX
poKP3PMqs1+7rWJMnYvT+Xx3geCdOz8DLBMAQvCSz//D/e62Xq+Pt/fCe7Uimox3
95Jnjag+yYigwqQv4dZAAXtwGtioYidOUHYMr/HwMWEIIN6tzSoBa+30xI+l8dY1
E9YEMCjHa4RKB2r6OqM4wJkO8BmbLXL5Tx0YLPe7bqyu+CcF3jimY3vBpcRcXXcA
Lo6TsOukSzvt/3Y3SUvRCRpv5J/zZmzpDrTgq9Y+/ZwKYRlV6XQDpiMNKUs0+L8z
bN826QcTofn4IQ==
-----END CERTIFICATE-----