Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          Hg0IpFI5YxPOoSJ9Jkd6wnvlqQZSV137pI5fF9kSvOg=
Subject key identifier:   81:EF:77:9B:50:26:21:C1:82:C9:9B:2D:80:D7:48:13:3D:0B:8D:95
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       01988B0EE72ED62DE64BB16A17B2CDA3F65A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0D08
Signing time:             Fri 08 Aug 2025 19:01:06 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:06 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:06 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: EKwfECceRAvf6RQALxZR+7s5Rt0U+VG3KmBhlvY7X7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:e7:2e:d6:2d:e6:4b:b1:6a:17:b2:cd:a3:f6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Aug  8 19:01:06 2025 GMT
            Not After : Aug  9 19:01:06 2025 GMT
        Subject: CN=81ef779b502621c182c99b2d80d748133d0b8d95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3b:28:ae:47:a4:b4:7b:31:48:d4:8a:f4:f5:
                    65:95:dd:2d:b5:1b:7c:e8:71:9e:61:a1:14:ea:6c:
                    14:67:50:ba:84:d6:35:ae:c9:a9:95:fb:e7:02:93:
                    80:4d:ed:67:63:bc:82:7e:03:41:97:6b:e3:80:35:
                    75:81:45:b0:13:10:39:7f:fa:9c:57:b0:41:84:26:
                    c6:41:b9:73:81:8a:a9:4c:63:c2:c3:db:be:df:64:
                    1d:a9:56:3a:46:1d:bc:0f:f6:01:10:d7:7f:fe:1a:
                    34:c0:a1:ae:bd:78:1c:02:9d:44:2f:84:d5:6d:1a:
                    ac:b8:3b:38:a3:97:5f:8a:7a:19:0b:da:22:6e:dc:
                    97:75:96:3d:c6:3f:86:cf:54:02:f2:0a:7b:ed:db:
                    c1:55:a3:6a:18:35:a2:7b:8a:f8:20:9c:85:8c:73:
                    13:24:9c:7b:fa:21:d8:6c:68:14:13:3b:05:a2:f0:
                    30:fb:54:a7:c2:31:0f:d1:54:18:b3:d8:48:85:96:
                    ba:c0:f8:b9:3c:09:67:cf:8f:a5:ac:cf:a2:55:8c:
                    69:74:a2:5e:91:ec:7c:33:82:1a:0e:f0:43:83:01:
                    59:c1:99:31:97:db:ca:f8:54:8d:b2:fa:77:8a:49:
                    c7:ee:6c:19:db:ff:d4:a9:5e:89:f5:d8:21:b0:ad:
                    ab:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:EF:77:9B:50:26:21:C1:82:C9:9B:2D:80:D7:48:13:3D:0B:8D:95
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:fc:6e:c7:c8:ed:e6:e1:b7:8a:7f:e3:8f:6c:dc:d6:37:f0:
         b8:9f:10:69:e3:6b:fc:a1:01:10:24:79:7f:31:fb:7a:28:07:
         66:a9:08:ce:1e:1a:d3:a7:db:7f:35:2f:00:37:6f:f4:44:18:
         f1:db:47:a7:a1:56:9d:78:a5:28:1a:19:8b:d1:59:92:d9:3d:
         dd:a0:50:8b:dd:38:14:46:3d:8e:22:d6:c4:9a:51:fb:64:28:
         a9:a8:4e:2a:8c:5f:6d:de:34:7b:81:85:a0:6e:b7:78:1a:e8:
         e0:8b:a0:42:e8:05:23:f1:8b:c6:50:7d:fa:c4:c4:b8:ef:b9:
         16:0d:7b:80:b8:7f:ef:66:4f:ae:59:0d:83:26:ce:f3:a3:ad:
         a6:2b:8b:8c:ab:86:fc:db:17:51:bf:a4:9f:10:7b:42:12:e0:
         c4:2b:7d:1e:10:d4:9e:6d:c6:7b:a4:e7:ac:68:60:53:d8:16:
         42:a9:fc:ee:2d:ae:d8:54:5d:56:6a:ed:bb:14:72:0c:e6:e8:
         3c:97:dd:a0:57:7e:8a:1e:f2:75:03:7c:43:a8:d7:80:27:cc:
         97:1e:25:bb:9c:1b:04:58:8d:5b:0e:8d:85:c0:1e:c4:d3:1f:
         da:ae:6c:ae:69:8f:7d:18:fd:fa:c5:3c:25:09:4e:21:18:4d:
         e9:ee:96:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDucu1i3mS7FqF7LNo/ZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUwODA4MTkwMTA2WhcNMjUwODA5MTkwMTA2WjAzMTEwLwYDVQQD
Eyg4MWVmNzc5YjUwMjYyMWMxODJjOTliMmQ4MGQ3NDgxMzNkMGI4ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjsorkektHsxSNSK9PVlld0ttRt8
6HGeYaEU6mwUZ1C6hNY1rsmplfvnApOATe1nY7yCfgNBl2vjgDV1gUWwExA5f/qc
V7BBhCbGQblzgYqpTGPCw9u+32QdqVY6Rh28D/YBENd//ho0wKGuvXgcAp1EL4TV
bRqsuDs4o5dfinoZC9oibtyXdZY9xj+Gz1QC8gp77dvBVaNqGDWie4r4IJyFjHMT
JJx7+iHYbGgUEzsFovAw+1SnwjEP0VQYs9hIhZa6wPi5PAlnz4+lrM+iVYxpdKJe
kex8M4IaDvBDgwFZwZkxl9vK+FSNsvp3iknH7mwZ2//UqV6J9dghsK2rSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHvd5tQJiHBgsmbLYDXSBM9C42VMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm/xux8jt
5uG3in/jj2zc1jfwuJ8QaeNr/KEBECR5fzH7eigHZqkIzh4a06fbfzUvADdv9EQY
8dtHp6FWnXilKBoZi9FZktk93aBQi904FEY9jiLWxJpR+2QoqahOKoxfbd40e4GF
oG63eBro4IugQugFI/GLxlB9+sTEuO+5Fg17gLh/72ZPrlkNgybO86OtpiuLjKuG
/NsXUb+knxB7QhLgxCt9HhDUnm3Ge6TnrGhgU9gWQqn87i2u2FRdVmrtuxRyDObo
PJfdoFd+ih7ydQN8Q6jXgCfMlx4lu5wbBFiNWw6NhcAexNMf2q5srmmPfRj9+sU8
JQlOIRhN6e6WDA==
-----END CERTIFICATE-----