Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          kxGdH9k63Z5YG3SywpR07arCMNBbjYzICTFEcspm78o=
Subject key identifier:   21:05:84:D5:3A:AB:B4:1E:41:B3:4B:D5:6D:AE:55:E6:CC:52:F7:1F
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       01987DF808FF5ABE8A98ECFD2CDB9E2FFFD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0ED7
Signing time:             Wed 06 Aug 2025 06:01:03 +0000
Manifest this update:     Wed 06 Aug 2025 06:01:03 +0000
Manifest next update:     Thu 07 Aug 2025 06:01:03 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: k4KRVu6qqkdKDnIgG26SSJeqJ9McOusMX5D8BySCs4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:f8:08:ff:5a:be:8a:98:ec:fd:2c:db:9e:2f:ff:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Aug  6 06:01:03 2025 GMT
            Not After : Aug  7 06:01:03 2025 GMT
        Subject: CN=210584d53aabb41e41b34bd56dae55e6cc52f71f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:21:2c:12:62:8a:7d:2b:d6:1e:8d:ee:58:4e:
                    bb:f3:33:d6:8a:23:a2:2d:3d:2d:60:93:a8:b7:0f:
                    e9:7c:30:b4:55:73:02:b6:8c:ad:3d:e1:33:63:29:
                    24:ae:a0:ca:35:04:4b:6a:03:01:89:ad:ce:55:b5:
                    c5:e7:10:51:7e:46:6d:62:67:04:e8:6e:55:6d:0e:
                    51:a5:e6:f4:9c:76:18:7f:66:64:03:5c:46:69:b2:
                    7d:f7:86:70:e4:86:7c:4a:4b:d9:a7:56:12:e6:c5:
                    e2:6d:03:47:fb:df:ef:94:04:88:ab:3b:41:c2:ef:
                    6b:52:12:bf:49:4f:f6:b4:a5:3f:c3:1d:cf:cd:0f:
                    53:99:e3:0a:fb:20:59:68:a3:d3:71:4d:fe:a5:cb:
                    3e:84:00:fd:da:60:70:80:e5:77:c0:3b:af:f9:8a:
                    e1:40:83:f4:a8:9a:b2:68:6c:b9:d9:d3:bf:12:dd:
                    b4:78:8f:6f:1d:50:b7:79:c7:0a:ae:ef:05:86:39:
                    fc:8d:f4:a0:be:cb:8b:75:fc:a9:d1:fd:9f:59:0e:
                    5b:91:c1:c7:f9:09:2c:6e:d7:26:35:d9:2d:1e:ca:
                    fb:6b:c8:94:a3:6f:49:1d:a0:30:f5:2f:91:33:d3:
                    25:ea:54:b2:3a:a5:df:e7:84:ff:e5:e2:b1:38:79:
                    bd:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:05:84:D5:3A:AB:B4:1E:41:B3:4B:D5:6D:AE:55:E6:CC:52:F7:1F
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:6a:b4:94:10:64:c2:42:eb:cc:fe:12:74:29:3b:1e:2d:23:
         7b:a4:a7:2f:e2:6e:05:51:e8:50:31:cd:c4:06:9e:77:26:db:
         e3:4f:b4:5e:89:af:64:5e:5d:aa:6d:44:e5:a6:92:91:2d:6b:
         b7:dd:b1:18:d1:86:e8:d0:44:c7:4e:7c:05:f1:5f:8e:7c:e1:
         7d:30:b5:51:8a:06:0d:f4:67:6d:72:01:68:91:13:a1:2a:14:
         39:f9:1f:50:62:fa:83:c0:85:0f:82:ca:47:32:9b:b2:60:ba:
         e3:3c:65:89:3b:0c:82:9d:69:04:52:89:70:af:f7:c7:f1:ff:
         14:0e:0e:4d:6a:15:2c:7d:b2:f6:05:9d:a0:15:2e:40:44:9e:
         db:b2:eb:86:d1:8d:7e:23:89:9a:ab:90:20:a8:76:78:8e:bd:
         e5:fc:b2:2f:66:8d:2f:52:33:65:b2:42:19:18:78:8c:a2:c9:
         ea:48:37:73:08:12:67:41:98:3f:00:2c:62:90:63:d0:bb:7e:
         fe:f7:43:3c:07:27:e1:55:07:f2:25:1d:9b:43:88:ed:52:f9:
         d7:b9:a0:d2:c0:25:f6:64:a5:1e:7f:dd:12:01:92:27:35:0d:
         e5:5c:3a:76:21:50:c2:2c:50:d3:5a:d8:fe:e3:c4:44:83:12:
         d0:fc:cc:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9+Aj/Wr6KmOz9LNueL//VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjUwODA2MDYwMTAzWhcNMjUwODA3MDYwMTAzWjAzMTEwLwYDVQQD
EygyMTA1ODRkNTNhYWJiNDFlNDFiMzRiZDU2ZGFlNTVlNmNjNTJmNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SEsEmKKfSvWHo3uWE678zPWiiOi
LT0tYJOotw/pfDC0VXMCtoytPeEzYykkrqDKNQRLagMBia3OVbXF5xBRfkZtYmcE
6G5VbQ5Rpeb0nHYYf2ZkA1xGabJ994Zw5IZ8SkvZp1YS5sXibQNH+9/vlASIqztB
wu9rUhK/SU/2tKU/wx3PzQ9TmeMK+yBZaKPTcU3+pcs+hAD92mBwgOV3wDuv+Yrh
QIP0qJqyaGy52dO/Et20eI9vHVC3eccKru8Fhjn8jfSgvsuLdfyp0f2fWQ5bkcHH
+QksbtcmNdktHsr7a8iUo29JHaAw9S+RM9Ml6lSyOqXf54T/5eKxOHm9owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEFhNU6q7QeQbNL1W2uVebMUvcfMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmq0lBBk
wkLrzP4SdCk7Hi0je6SnL+JuBVHoUDHNxAaedybb40+0XomvZF5dqm1E5aaSkS1r
t92xGNGG6NBEx058BfFfjnzhfTC1UYoGDfRnbXIBaJEToSoUOfkfUGL6g8CFD4LK
RzKbsmC64zxliTsMgp1pBFKJcK/3x/H/FA4OTWoVLH2y9gWdoBUuQESe27LrhtGN
fiOJmquQIKh2eI695fyyL2aNL1IzZbJCGRh4jKLJ6kg3cwgSZ0GYPwAsYpBj0Lt+
/vdDPAcn4VUH8iUdm0OI7VL517mg0sAl9mSlHn/dEgGSJzUN5Vw6diFQwixQ01rY
/uPERIMS0PzMvQ==
-----END CERTIFICATE-----