Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          WmASm89Y+ncIdu5sNbyioe0V+bdZwACZG6OTPyLxubI=
Subject key identifier:   70:C7:F2:96:03:B4:39:2F:B0:3A:FF:99:57:A3:18:D2:F9:2A:13:2F
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       01977564AA44B13F78A1195934132DF8429D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          02AB
Signing time:             Sun 15 Jun 2025 21:00:20 +0000
Manifest this update:     Sun 15 Jun 2025 21:00:20 +0000
Manifest next update:     Mon 16 Jun 2025 21:00:20 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: eHUPvLRf2g5iK55FdklI+Uj6+pkgy1kkatI+1b5zWjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:75:64:aa:44:b1:3f:78:a1:19:59:34:13:2d:f8:42:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Jun 15 21:00:20 2025 GMT
            Not After : Jun 16 21:00:20 2025 GMT
        Subject: CN=70c7f29603b4392fb03aff9957a318d2f92a132f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:30:11:8b:cf:69:52:3e:d7:f9:3f:9e:e5:50:
                    b0:1d:c3:12:de:21:4e:88:fd:a7:ab:a1:46:35:49:
                    1a:07:d6:f4:8a:a5:2e:5e:e1:ab:56:41:fc:b4:eb:
                    d2:10:6b:ed:7d:c8:72:c1:49:dc:ac:3e:28:ed:94:
                    fd:54:d5:68:e2:ec:ee:45:41:00:7a:5d:4d:ca:c3:
                    78:ab:d5:5b:22:96:4f:b9:dd:a4:d5:b7:b1:c0:a6:
                    a9:ff:17:89:ad:5d:d9:a3:fe:dc:02:8a:36:3c:59:
                    ff:92:67:51:63:87:e2:26:9b:3c:84:43:05:a5:62:
                    db:79:b8:f9:d8:7b:1a:fe:5c:f1:7c:2f:98:72:0e:
                    ce:18:f7:14:bf:0e:2e:19:15:de:93:e9:de:b0:43:
                    01:0f:79:6e:1e:1a:a1:7e:cc:02:e7:45:fa:db:cc:
                    59:21:03:1a:07:20:a6:57:44:61:f9:fe:59:f0:ec:
                    0a:54:bf:7a:e4:3f:1c:ec:2c:8f:1b:65:50:0f:98:
                    13:b9:49:09:b9:4d:6d:89:13:db:84:0a:16:77:20:
                    89:9a:a1:a6:fc:1d:08:7a:f0:61:3a:63:da:54:e8:
                    f1:57:50:fc:81:87:fd:72:ee:9f:45:bd:1c:b2:09:
                    62:03:a3:c9:6f:4a:f0:91:4f:0c:94:c8:38:1a:a9:
                    a5:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C7:F2:96:03:B4:39:2F:B0:3A:FF:99:57:A3:18:D2:F9:2A:13:2F
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7e:ae:90:a4:a4:3c:d6:ec:29:19:4e:a1:94:5f:da:04:00:
         4e:c9:c6:e9:46:ee:c6:5b:f8:f5:52:4c:ad:4b:80:3b:72:e3:
         26:0c:04:2c:df:b4:99:37:14:83:cf:87:1d:ea:f2:cd:b1:c1:
         4d:13:c3:77:ab:23:6c:fb:c9:51:74:03:fb:58:d9:d8:fc:fe:
         8b:b4:e8:76:6b:90:30:73:92:ad:63:06:5c:62:a0:3c:93:52:
         78:ae:86:54:4d:57:9b:59:47:e4:45:97:75:75:0b:21:a0:87:
         84:17:cd:0a:e3:4e:7d:93:9a:25:75:cd:4b:47:b6:f3:84:7b:
         f9:bf:cb:eb:df:58:9f:cd:19:43:58:f7:31:37:ee:86:c3:fa:
         f9:86:1c:46:87:0c:79:30:db:5d:83:63:bb:98:b6:21:08:45:
         55:f9:8b:50:1c:2a:75:3c:f3:ff:09:72:21:eb:59:34:e3:09:
         c2:1b:6f:8b:39:0f:31:0f:1c:2e:c5:a2:15:cc:e5:02:0b:f3:
         80:bd:d5:b0:d8:18:70:ef:7c:de:96:2c:43:e0:97:8c:91:90:
         21:ef:cb:43:1d:6c:35:89:04:d8:b4:93:c6:70:6f:f9:6a:a4:
         de:1b:55:7f:6a:c2:65:56:f9:ce:78:80:2c:4b:b5:1f:51:55:
         be:6a:ea:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd1ZKpEsT94oRlZNBMt+EKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwNjE1MjEwMDIwWhcNMjUwNjE2MjEwMDIwWjAzMTEwLwYDVQQD
Eyg3MGM3ZjI5NjAzYjQzOTJmYjAzYWZmOTk1N2EzMThkMmY5MmExMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTARi89pUj7X+T+e5VCwHcMS3iFO
iP2nq6FGNUkaB9b0iqUuXuGrVkH8tOvSEGvtfchywUncrD4o7ZT9VNVo4uzuRUEA
el1NysN4q9VbIpZPud2k1bexwKap/xeJrV3Zo/7cAoo2PFn/kmdRY4fiJps8hEMF
pWLbebj52Hsa/lzxfC+Ycg7OGPcUvw4uGRXek+nesEMBD3luHhqhfswC50X628xZ
IQMaByCmV0Rh+f5Z8OwKVL965D8c7CyPG2VQD5gTuUkJuU1tiRPbhAoWdyCJmqGm
/B0IevBhOmPaVOjxV1D8gYf9cu6fRb0csgliA6PJb0rwkU8MlMg4Gqml2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDH8pYDtDkvsDr/mVejGNL5KhMvMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn6ukKSk
PNbsKRlOoZRf2gQATsnG6Ubuxlv49VJMrUuAO3LjJgwELN+0mTcUg8+HHeryzbHB
TRPDd6sjbPvJUXQD+1jZ2Pz+i7TodmuQMHOSrWMGXGKgPJNSeK6GVE1Xm1lH5EWX
dXULIaCHhBfNCuNOfZOaJXXNS0e284R7+b/L699Yn80ZQ1j3MTfuhsP6+YYcRocM
eTDbXYNju5i2IQhFVfmLUBwqdTzz/wlyIetZNOMJwhtvizkPMQ8cLsWiFczlAgvz
gL3VsNgYcO983pYsQ+CXjJGQIe/LQx1sNYkE2LSTxnBv+Wqk3htVf2rCZVb5zniA
LEu1H1FVvmrqGA==
-----END CERTIFICATE-----