Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
File:                     YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json)
Hash identifier:          VqD2EdwcRyToEX2o6SMDE1fmrIoNe3FbmBEWTsuO2zw=
Subject key identifier:   DD:7C:7D:AC:78:A9:1C:26:69:42:88:E4:AE:AD:09:70:CD:C7:F0:5E
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Certificate issuer:       /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial:       01988B0F50ED69E4C7A68D884E17EB4CA63C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
Manifest number:          1622
Signing time:             Fri 08 Aug 2025 19:01:33 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:33 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:33 +0000
Files and hashes:         1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=)
                          2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: /DIK35KZHIaF6yGzKDZ0nJrDP43AU/esd5WrJ3XJidM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:50:ed:69:e4:c7:a6:8d:88:4e:17:eb:4c:a6:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
        Validity
            Not Before: Aug  8 19:01:33 2025 GMT
            Not After : Aug  9 19:01:33 2025 GMT
        Subject: CN=dd7c7dac78a91c26694288e4aead0970cdc7f05e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:2c:4f:05:7e:a4:08:b6:1c:c6:12:0d:af:a3:
                    d4:6b:45:cc:a3:3b:15:0b:1e:e8:e3:fd:e5:dd:41:
                    64:5b:c1:fe:30:26:f0:38:8a:02:c4:7e:6a:3d:09:
                    6c:e0:7b:f6:52:2a:19:9d:e1:69:98:86:76:99:ed:
                    3b:fd:68:21:49:67:c1:f3:32:dd:27:a9:94:5f:98:
                    e0:8c:46:7c:16:0e:16:67:0b:c9:66:cd:56:12:86:
                    7a:b2:d8:8c:90:78:9b:32:df:44:5a:a7:0c:e0:e7:
                    9a:9d:23:55:0d:53:70:f9:95:f3:80:f8:92:d7:1d:
                    52:83:0a:2b:49:a9:23:4f:3b:3c:ec:e5:4b:8f:c1:
                    b0:1b:5b:6d:2c:94:16:50:5c:a8:b5:dc:45:96:4d:
                    48:18:e8:87:81:f5:d8:87:f9:3f:68:7a:74:3d:d1:
                    56:0f:e3:77:c2:fa:6d:57:02:e5:ad:48:ad:f7:b1:
                    98:60:0b:e1:19:d2:3a:35:b7:30:1d:c1:d8:3c:19:
                    5f:3d:26:31:fa:e4:8b:c3:56:b9:d2:49:89:48:46:
                    f6:89:c6:9f:46:26:e7:15:e6:f6:b0:d8:63:9d:8a:
                    0a:8f:49:e1:ae:8b:07:d3:68:b4:9e:cd:fa:3b:fb:
                    50:89:44:aa:7f:17:2b:93:b8:a6:3f:b4:f3:ed:8c:
                    ce:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:7C:7D:AC:78:A9:1C:26:69:42:88:E4:AE:AD:09:70:CD:C7:F0:5E
            X509v3 Authority Key Identifier:
                keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:02:8a:e4:7f:49:7f:c9:0f:bf:c5:92:8a:63:26:cc:24:60:
         af:40:58:52:f1:e6:c8:b2:4d:4e:74:cd:ec:a6:d5:61:67:34:
         b0:bf:ff:97:2f:06:7a:1a:ac:bc:c8:19:0a:fa:98:e0:e7:ea:
         f6:6b:53:f9:69:60:8b:d4:58:9a:a1:0a:d3:e4:f1:7e:99:1e:
         c6:66:eb:7a:2a:e6:07:44:3a:aa:07:6d:30:8f:0c:c8:10:8f:
         d9:f6:b6:82:ef:e3:eb:77:5c:b1:7e:35:68:3c:1a:94:96:be:
         2b:1f:c9:77:3b:71:51:55:25:07:38:9f:dd:0f:85:3e:23:4a:
         6f:b7:ee:5d:98:9c:8f:0c:26:ae:54:51:a9:ad:9b:aa:81:7c:
         c4:97:d6:2e:e7:48:b4:fe:83:fa:47:86:3e:ef:29:04:56:de:
         8b:c9:d8:11:11:06:08:4d:d3:8a:e0:f6:20:f8:ab:da:38:18:
         e5:a3:aa:93:49:23:0b:ce:a9:6b:9e:4e:89:60:f6:e2:ae:1f:
         47:cc:2e:f5:03:8b:97:48:5e:45:00:87:0d:14:1d:37:6e:59:
         95:8d:b2:b8:88:e3:a6:91:92:b8:8d:55:c0:29:33:9c:ac:7a:
         78:f1:67:eb:83:ba:69:a1:cd:5a:8f:cf:2a:94:f7:9f:a3:a5:
         4a:06:30:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD1DtaeTHpo2IThfrTKY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjUwODA4MTkwMTMzWhcNMjUwODA5MTkwMTMzWjAzMTEwLwYDVQQD
EyhkZDdjN2RhYzc4YTkxYzI2Njk0Mjg4ZTRhZWFkMDk3MGNkYzdmMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yxPBX6kCLYcxhINr6PUa0XMozsV
Cx7o4/3l3UFkW8H+MCbwOIoCxH5qPQls4Hv2UioZneFpmIZ2me07/WghSWfB8zLd
J6mUX5jgjEZ8Fg4WZwvJZs1WEoZ6stiMkHibMt9EWqcM4OeanSNVDVNw+ZXzgPiS
1x1SgworSakjTzs87OVLj8GwG1ttLJQWUFyotdxFlk1IGOiHgfXYh/k/aHp0PdFW
D+N3wvptVwLlrUit97GYYAvhGdI6NbcwHcHYPBlfPSYx+uSLw1a50kmJSEb2icaf
RibnFeb2sNhjnYoKj0nhrosH02i0ns36O/tQiUSqfxcrk7imP7Tz7YzOLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN18fax4qRwmaUKI5K6tCXDNx/BeMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnAKK5H9J
f8kPv8WSimMmzCRgr0BYUvHmyLJNTnTN7KbVYWc0sL//ly8GehqsvMgZCvqY4Ofq
9mtT+Wlgi9RYmqEK0+TxfpkexmbreirmB0Q6qgdtMI8MyBCP2fa2gu/j63dcsX41
aDwalJa+Kx/JdztxUVUlBzif3Q+FPiNKb7fuXZicjwwmrlRRqa2bqoF8xJfWLudI
tP6D+keGPu8pBFbei8nYEREGCE3TiuD2IPir2jgY5aOqk0kjC86pa55OiWD24q4f
R8wu9QOLl0heRQCHDRQdN25ZlY2yuIjjppGSuI1VwCkznKx6ePFn64O6aaHNWo/P
KpT3n6OlSgYwNA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:19 2025 by rpki-client