Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File:                     JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier:          VOSH5FyLC3s73iovYExe+ewCEEj3jVZ3evlUPTVsMI0=
Subject key identifier:   24:D8:89:7F:DC:33:9F:E5:CD:AB:1A:D3:4E:0A:6C:12:4B:B4:5C:1E
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer:       /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial:       019682109A2DBC03835D5C877D81F52CF751
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number:          0BF5
Signing time:             Tue 29 Apr 2025 15:00:48 +0000
Manifest this update:     Tue 29 Apr 2025 15:00:48 +0000
Manifest next update:     Wed 30 Apr 2025 15:00:48 +0000
Files and hashes:         1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: sTyglPsmsRBlscrgyc81BKGDlvtwuEKoh7+QT/3w/p8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:9a:2d:bc:03:83:5d:5c:87:7d:81:f5:2c:f7:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
        Validity
            Not Before: Apr 29 15:00:48 2025 GMT
            Not After : Apr 30 15:00:48 2025 GMT
        Subject: CN=24d8897fdc339fe5cdab1ad34e0a6c124bb45c1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8c:b6:80:1c:16:f8:f9:8b:4f:f4:6b:c7:94:
                    42:8e:e9:97:a9:55:b1:41:09:a7:cf:66:8b:6a:35:
                    89:b6:e7:e1:c8:48:6e:a2:ff:52:45:73:d2:c7:8d:
                    af:ac:4b:25:96:1b:30:6c:64:5b:6d:8d:4d:8f:74:
                    c4:85:49:58:ef:af:2f:fb:2a:6a:5b:18:15:6a:d7:
                    0d:bf:5d:bf:0f:f0:c5:04:53:a0:f0:e3:96:ef:b1:
                    01:f8:ee:d4:35:23:e2:54:47:f8:e1:51:77:54:62:
                    72:9f:fe:20:4f:bd:64:05:2f:ef:8e:27:66:fb:4d:
                    11:56:62:a2:75:ea:1a:35:22:57:ed:ad:3c:eb:61:
                    f3:09:36:23:c3:3e:d3:e1:15:ee:29:f6:af:e6:cc:
                    11:45:31:44:0a:bd:c0:a5:a7:22:41:29:37:6b:b3:
                    01:93:62:9c:a5:a2:86:65:81:ea:a0:8b:73:be:8d:
                    18:ab:79:ab:6c:0a:78:86:43:8f:b2:8d:1a:a0:87:
                    03:94:6f:43:50:4d:44:30:e5:0f:f2:59:12:4e:51:
                    4e:2f:16:4c:99:b2:21:c1:91:fb:e2:51:79:35:72:
                    2c:3f:52:c1:fb:94:f9:d8:e1:62:60:e9:aa:24:06:
                    6e:88:05:69:f4:dd:64:59:c4:9b:1d:46:87:d7:c2:
                    ea:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:D8:89:7F:DC:33:9F:E5:CD:AB:1A:D3:4E:0A:6C:12:4B:B4:5C:1E
            X509v3 Authority Key Identifier:
                keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:7f:74:37:a2:30:8c:f2:a6:6d:00:6f:96:1b:09:3a:b0:a6:
         88:70:8e:43:dd:1e:bc:3b:ab:7b:10:60:d6:0d:9e:48:8f:69:
         60:df:13:97:52:56:9a:dd:a1:46:8b:57:78:9f:5f:03:42:ad:
         e5:80:16:7f:61:f8:2d:81:39:7c:31:9a:93:80:c6:a4:54:a8:
         e9:f3:59:8d:c5:ea:f4:85:6e:fb:d3:b7:b7:49:43:a6:98:62:
         73:c7:2a:6f:81:cd:0b:20:d4:42:19:07:91:40:0c:d4:34:03:
         fe:4c:9d:5c:97:f6:c2:07:16:e4:de:80:39:0a:2b:6f:dc:93:
         21:d2:17:b0:46:96:59:14:60:e7:ec:ab:db:e2:bb:17:cb:7a:
         e4:c3:56:5b:cb:84:e6:4c:94:13:c1:3d:4f:ea:0f:50:a1:cd:
         b5:8c:e4:9d:4d:84:3d:a0:7a:78:bb:e8:dc:ab:7f:5f:6d:e3:
         68:17:73:07:89:14:2d:e1:42:d8:2e:bc:f7:d4:d3:31:ea:27:
         af:ba:da:ec:db:60:27:99:db:25:4d:15:f0:db:05:23:a5:f6:
         2e:45:75:bc:f1:ee:c3:d7:30:13:77:a6:e7:72:e7:c6:76:9d:
         65:c9:14:47:ff:65:90:cd:76:fd:0c:1c:ca:4f:0a:f3:d2:4b:
         6b:e6:1d:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEJotvAODXVyHfYH1LPdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjUwNDI5MTUwMDQ4WhcNMjUwNDMwMTUwMDQ4WjAzMTEwLwYDVQQD
EygyNGQ4ODk3ZmRjMzM5ZmU1Y2RhYjFhZDM0ZTBhNmMxMjRiYjQ1YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4y2gBwW+PmLT/Rrx5RCjumXqVWx
QQmnz2aLajWJtufhyEhuov9SRXPSx42vrEsllhswbGRbbY1Nj3TEhUlY768v+ypq
WxgVatcNv12/D/DFBFOg8OOW77EB+O7UNSPiVEf44VF3VGJyn/4gT71kBS/vjidm
+00RVmKideoaNSJX7a0862HzCTYjwz7T4RXuKfav5swRRTFECr3ApaciQSk3a7MB
k2KcpaKGZYHqoItzvo0Yq3mrbAp4hkOPso0aoIcDlG9DUE1EMOUP8lkSTlFOLxZM
mbIhwZH74lF5NXIsP1LB+5T52OFiYOmqJAZuiAVp9N1kWcSbHUaH18LqOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTYiX/cM5/lzasa004KbBJLtFweMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe390N6Iw
jPKmbQBvlhsJOrCmiHCOQ90evDurexBg1g2eSI9pYN8Tl1JWmt2hRotXeJ9fA0Kt
5YAWf2H4LYE5fDGak4DGpFSo6fNZjcXq9IVu+9O3t0lDpphic8cqb4HNCyDUQhkH
kUAM1DQD/kydXJf2wgcW5N6AOQorb9yTIdIXsEaWWRRg5+yr2+K7F8t65MNWW8uE
5kyUE8E9T+oPUKHNtYzknU2EPaB6eLvo3Kt/X23jaBdzB4kULeFC2C6899TTMeon
r7ra7NtgJ5nbJU0V8NsFI6X2LkV1vPHuw9cwE3em53LnxnadZckUR/9lkM12/Qwc
yk8K89JLa+Yd1g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:42:29 2025 by rpki-client