Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          JB1xNfLVGfuaIVPuyXX6NP8hyUd94y800A/gUTw+6Ec=
Subject key identifier:   13:EB:82:8A:C0:1C:3D:13:14:63:F9:2D:23:1F:88:23:03:5C:04:1C
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       01968E8280D8A7E95DDF48A680DB61FC1330
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          01ED
Signing time:             Fri 02 May 2025 01:00:39 +0000
Manifest this update:     Fri 02 May 2025 01:00:39 +0000
Manifest next update:     Sat 03 May 2025 01:00:39 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: c9VCApsOHFy3br2KHStv5VcXnYELMEyGeICQxyn4/E0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 19:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8e:82:80:d8:a7:e9:5d:df:48:a6:80:db:61:fc:13:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: May  2 01:00:39 2025 GMT
            Not After : May  3 01:00:39 2025 GMT
        Subject: CN=13eb828ac01c3d131463f92d231f8823035c041c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6f:60:5e:b9:38:88:1f:ec:f6:0f:53:ec:70:
                    a7:bd:ed:b5:a4:f1:e8:b8:96:09:a6:c2:42:e6:fd:
                    70:c8:fa:1c:ba:13:d0:b6:43:23:45:d0:b7:13:ef:
                    c8:7d:54:e8:33:5f:fc:7f:7a:13:a3:61:90:f6:b9:
                    a6:c7:5f:ee:b0:0f:ea:1f:60:8e:40:69:9f:c4:3a:
                    3c:e7:a1:8f:06:16:c2:0b:b4:34:9e:5e:54:73:1b:
                    62:c1:92:2e:83:73:3b:08:fa:1d:1a:ea:5b:6f:d1:
                    39:58:0b:a2:2d:b2:5a:e7:ee:bf:42:bc:b8:5f:a3:
                    44:76:1b:5f:47:3d:4c:8d:61:97:f5:00:90:2d:59:
                    de:4b:76:e3:32:fb:51:50:a3:47:6e:e9:3a:bd:d7:
                    9b:75:10:f9:cf:28:a6:e8:2e:04:9c:77:bf:9b:c7:
                    aa:1c:e4:f8:56:66:78:1d:ac:73:3d:86:3a:4e:cd:
                    b1:aa:cc:29:46:b5:d9:2a:84:6e:de:d0:df:e0:13:
                    72:b4:36:16:e2:5c:8a:ca:c3:20:f4:5e:78:ee:5c:
                    b0:06:20:6c:4b:64:c2:7f:b2:39:34:6c:b2:df:0e:
                    c3:29:ec:6f:8a:4e:8f:74:0e:fe:5a:f8:b0:47:64:
                    19:d5:b3:2c:14:fb:8b:cf:c2:e6:6b:4e:10:f9:06:
                    3d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:EB:82:8A:C0:1C:3D:13:14:63:F9:2D:23:1F:88:23:03:5C:04:1C
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d5:99:5b:01:9a:75:3e:80:89:8c:32:70:44:8b:d9:41:8c:
         61:22:be:da:b0:93:d1:50:10:b9:70:e6:3d:2d:47:93:3a:05:
         ee:a9:6f:04:11:1f:f5:2d:b2:51:35:4e:b5:47:1d:a5:da:8b:
         ef:fd:1c:ee:f3:96:7d:0a:25:cc:e2:bf:33:58:e3:5a:33:3d:
         19:60:d3:02:15:21:8d:ea:88:76:54:d8:7d:44:58:90:3e:eb:
         d9:a3:22:2c:48:7b:17:1f:31:0c:7e:83:09:2e:93:bb:ed:34:
         56:a8:ad:48:f9:ba:65:33:e9:2f:ea:1a:46:54:94:95:a7:a5:
         a4:93:d4:c4:44:73:a1:28:6c:50:a5:94:14:0f:37:75:9d:5d:
         90:ae:2c:c2:01:1f:df:7f:45:46:c6:c1:52:0f:ea:27:e6:19:
         f4:30:60:ec:ef:d7:d6:62:d5:f2:79:21:f1:fe:b0:e3:d6:d9:
         25:21:c9:2a:9e:9f:0a:45:08:83:d5:4e:e1:d4:b6:f9:c4:47:
         a2:ed:e0:4d:e0:14:a7:ef:35:ee:93:f2:cd:8f:39:22:b4:5a:
         35:ef:57:14:55:a1:8b:f8:04:58:d8:5c:9b:de:97:02:a1:4d:
         49:c6:39:00:4e:21:30:11:06:d9:65:6c:76:d0:93:8d:60:3c:
         e5:c2:01:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaOgoDYp+ld30imgNth/BMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjUwNTAyMDEwMDM5WhcNMjUwNTAzMDEwMDM5WjAzMTEwLwYDVQQD
EygxM2ViODI4YWMwMWMzZDEzMTQ2M2Y5MmQyMzFmODgyMzAzNWMwNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m9gXrk4iB/s9g9T7HCnve21pPHo
uJYJpsJC5v1wyPocuhPQtkMjRdC3E+/IfVToM1/8f3oTo2GQ9rmmx1/usA/qH2CO
QGmfxDo856GPBhbCC7Q0nl5UcxtiwZIug3M7CPodGupbb9E5WAuiLbJa5+6/Qry4
X6NEdhtfRz1MjWGX9QCQLVneS3bjMvtRUKNHbuk6vdebdRD5zyim6C4EnHe/m8eq
HOT4VmZ4HaxzPYY6Ts2xqswpRrXZKoRu3tDf4BNytDYW4lyKysMg9F547lywBiBs
S2TCf7I5NGyy3w7DKexvik6PdA7+WviwR2QZ1bMsFPuLz8Lma04Q+QY9/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPrgorAHD0TFGP5LSMfiCMDXAQcMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNWZWwGa
dT6AiYwycESL2UGMYSK+2rCT0VAQuXDmPS1HkzoF7qlvBBEf9S2yUTVOtUcdpdqL
7/0c7vOWfQolzOK/M1jjWjM9GWDTAhUhjeqIdlTYfURYkD7r2aMiLEh7Fx8xDH6D
CS6Tu+00VqitSPm6ZTPpL+oaRlSUlaelpJPUxERzoShsUKWUFA83dZ1dkK4swgEf
339FRsbBUg/qJ+YZ9DBg7O/X1mLV8nkh8f6w49bZJSHJKp6fCkUIg9VO4dS2+cRH
ou3gTeAUp+817pPyzY85IrRaNe9XFFWhi/gEWNhcm96XAqFNScY5AE4hMBEG2WVs
dtCTjWA85cIB0w==
-----END CERTIFICATE-----