Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          cDEwYSMyy5MyXqbl612C3aHbD01bjd0eOD04nQq7v78=
Subject key identifier:   D8:4B:32:15:30:52:31:D3:0E:56:D0:F6:94:34:12:E5:CF:6E:36:C4
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       01965726479C7A0D396BD5CEEE6741772807
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0A1C
Signing time:             Mon 21 Apr 2025 07:00:48 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:48 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:48 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: Xgnud6Byc7QGPkPmkGbHgA9RgwwQCF9K3MMaM49s4Ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:47:9c:7a:0d:39:6b:d5:ce:ee:67:41:77:28:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Apr 21 07:00:48 2025 GMT
            Not After : Apr 22 07:00:48 2025 GMT
        Subject: CN=d84b3215305231d30e56d0f6943412e5cf6e36c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d9:cb:4d:9d:96:dd:45:5f:1e:23:6b:b0:cb:
                    ba:98:4c:9e:5e:4b:f3:0b:a9:36:dc:1a:a2:77:78:
                    33:ad:86:c2:ae:4a:d3:b9:e2:1b:ac:8b:5e:62:bd:
                    78:f0:86:16:1a:4f:5e:6d:6f:57:49:7e:29:a7:55:
                    a3:09:d2:67:35:c9:25:96:e7:d3:79:d0:41:e2:0e:
                    11:4b:e3:b6:52:d1:1b:63:fd:53:f4:bf:c6:2c:08:
                    a5:cf:90:d6:f8:66:d4:5b:84:79:2a:8d:55:6a:e8:
                    4e:5a:e1:9b:10:a3:88:25:03:2f:11:70:32:a2:1b:
                    45:ef:ac:1d:9f:60:c3:d8:79:fd:08:b2:a3:a6:a9:
                    8c:1e:38:18:7c:9a:17:1b:5b:8f:9b:b8:b5:bd:e9:
                    16:70:4b:de:56:8b:c1:45:01:d4:27:d5:66:e4:c7:
                    08:96:bd:f1:75:b5:f3:68:1f:3c:41:14:1e:cf:24:
                    ed:a1:95:19:7d:2c:af:24:c5:de:09:14:23:91:9c:
                    f9:79:f6:22:5f:df:69:4f:06:21:b1:b8:ac:0b:e0:
                    4d:e1:60:13:95:75:77:09:f4:f1:92:f7:b9:4a:5e:
                    49:9b:48:a0:49:c3:d3:9f:8f:db:9a:7c:52:67:2e:
                    73:36:82:1e:16:5a:79:5e:5c:ee:20:8c:03:1a:4e:
                    40:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:4B:32:15:30:52:31:D3:0E:56:D0:F6:94:34:12:E5:CF:6E:36:C4
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:c1:ee:56:e8:87:d7:e7:67:1b:21:1b:b4:95:18:ae:cb:e1:
         fc:8d:ab:0a:23:83:ad:c2:62:d9:00:8e:2e:94:b7:78:38:2a:
         fb:c4:5f:51:34:ed:2d:6d:c7:a8:ab:db:3b:98:8e:f0:0e:04:
         67:28:b8:2e:1a:22:1e:4d:d6:48:63:94:cc:f3:1d:b2:ae:e2:
         82:18:e0:67:c1:b5:8e:d2:a7:ad:96:1d:22:48:80:31:c0:15:
         b6:4d:c9:8a:e5:11:74:ef:67:6b:b4:c5:0a:b6:96:74:e8:cb:
         bb:e7:6d:c1:d4:38:63:c6:88:e1:ed:73:7c:22:8a:ca:49:49:
         98:c0:27:6e:01:22:59:fc:61:cb:6e:30:0c:2b:2c:e2:e1:79:
         d5:30:16:38:e1:ee:56:a4:3b:1d:3e:f0:ad:7a:e0:bc:d7:32:
         d0:62:82:67:ba:d0:29:f9:a3:a7:9b:eb:3a:1a:e2:51:f8:0d:
         66:e5:7d:88:ff:b0:17:83:49:f3:be:b7:98:e8:11:ad:fa:18:
         11:5b:8e:07:db:fc:04:c8:b8:f7:84:b2:71:5e:e4:8e:25:9d:
         99:92:8c:f8:02:5e:87:6a:22:06:e1:2c:3c:95:db:92:c2:90:
         f8:99:c0:22:8e:aa:ad:9e:2a:fc:fe:88:82:7c:64:a3:97:16:
         f9:cb:d3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJkeceg05a9XO7mdBdygHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUwNDIxMDcwMDQ4WhcNMjUwNDIyMDcwMDQ4WjAzMTEwLwYDVQQD
EyhkODRiMzIxNTMwNTIzMWQzMGU1NmQwZjY5NDM0MTJlNWNmNmUzNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtnLTZ2W3UVfHiNrsMu6mEyeXkvz
C6k23Bqid3gzrYbCrkrTueIbrIteYr148IYWGk9ebW9XSX4pp1WjCdJnNckllufT
edBB4g4RS+O2UtEbY/1T9L/GLAilz5DW+GbUW4R5Ko1VauhOWuGbEKOIJQMvEXAy
ohtF76wdn2DD2Hn9CLKjpqmMHjgYfJoXG1uPm7i1vekWcEveVovBRQHUJ9Vm5McI
lr3xdbXzaB88QRQezyTtoZUZfSyvJMXeCRQjkZz5efYiX99pTwYhsbisC+BN4WAT
lXV3CfTxkve5Sl5Jm0igScPTn4/bmnxSZy5zNoIeFlp5XlzuIIwDGk5AtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhLMhUwUjHTDlbQ9pQ0EuXPbjbEMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8HuVuiH
1+dnGyEbtJUYrsvh/I2rCiODrcJi2QCOLpS3eDgq+8RfUTTtLW3HqKvbO5iO8A4E
Zyi4LhoiHk3WSGOUzPMdsq7ighjgZ8G1jtKnrZYdIkiAMcAVtk3JiuURdO9na7TF
CraWdOjLu+dtwdQ4Y8aI4e1zfCKKyklJmMAnbgEiWfxhy24wDCss4uF51TAWOOHu
VqQ7HT7wrXrgvNcy0GKCZ7rQKfmjp5vrOhriUfgNZuV9iP+wF4NJ8763mOgRrfoY
EVuOB9v8BMi494SycV7kjiWdmZKM+AJeh2oiBuEsPJXbksKQ+JnAIo6qrZ4q/P6I
gnxko5cW+cvT3A==
-----END CERTIFICATE-----