Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.mft
File:                     JUQ-PgOmf5RuY7Il9DyRS7kyXMs.mft (raw, json)
Hash identifier:          1P0bT59Bo5Zq+q4pncX11JgDktwlKOTIiMxYPvqyu/g=
Subject key identifier:   A4:4A:C0:59:A3:43:62:CC:04:53:34:79:AE:83:51:F7:2E:44:05:4C
Authority key identifier: 25:44:3E:3E:03:A6:7F:94:6E:63:B2:25:F4:3C:91:4B:B9:32:5C:CB
Certificate issuer:       /CN=25443e3e03a67f946e63b225f43c914bb9325ccb
Certificate serial:       01965727087E20ADDA01F801C67F57529E0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.mft
Manifest number:          0845
Signing time:             Mon 21 Apr 2025 07:01:37 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:37 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:37 +0000
Files and hashes:         1: JUQ-PgOmf5RuY7Il9DyRS7kyXMs.crl (hash: LNfRMqvHkP/jPGNY+VVm9jOGTqBNePZqQXE1Vveet5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:27:08:7e:20:ad:da:01:f8:01:c6:7f:57:52:9e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25443e3e03a67f946e63b225f43c914bb9325ccb
        Validity
            Not Before: Apr 21 07:01:37 2025 GMT
            Not After : Apr 22 07:01:37 2025 GMT
        Subject: CN=a44ac059a34362cc04533479ae8351f72e44054c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:28:62:c2:e5:e3:a3:09:b7:cc:61:6b:d7:bd:
                    02:82:ed:c4:5f:48:5c:b4:ae:10:2f:91:d8:08:5f:
                    54:49:1f:d9:92:f2:be:31:00:39:b9:d7:9e:c7:29:
                    ec:22:de:8f:32:ae:11:d1:be:b4:c9:56:f9:34:ac:
                    8d:89:bf:16:82:b8:ac:04:64:c2:8a:f9:08:09:a0:
                    9f:5e:1d:48:b7:4b:5c:c4:84:a2:a1:fb:29:68:ad:
                    ca:11:ea:63:ee:83:da:96:63:0a:e1:00:6f:37:c1:
                    1d:b9:15:0f:c5:f6:4f:a6:06:8d:b3:9d:68:4c:fe:
                    93:9b:ea:af:f8:8f:8a:36:04:e8:18:fb:7f:22:a6:
                    f5:8e:1c:e3:05:df:f2:54:ed:82:fc:e4:e6:8e:ac:
                    2e:d6:88:67:f3:9d:7b:8f:1b:8a:40:52:ff:f8:92:
                    ae:ca:92:33:b7:0d:96:1b:20:ea:56:24:be:ee:9a:
                    36:df:ba:2a:e0:cf:df:d6:af:7e:82:f6:52:91:c8:
                    a0:b5:16:c1:49:4f:ab:e2:4c:d3:57:ab:dd:82:7c:
                    ea:61:20:39:0c:68:35:4a:cc:21:2d:57:8e:1f:b8:
                    d0:d1:19:8e:44:63:fc:a7:ba:15:fd:c4:55:b0:d9:
                    6d:19:1b:c5:b4:a0:84:b0:d2:77:c6:1c:84:7a:10:
                    3e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:4A:C0:59:A3:43:62:CC:04:53:34:79:AE:83:51:F7:2E:44:05:4C
            X509v3 Authority Key Identifier:
                keyid:25:44:3E:3E:03:A6:7F:94:6E:63:B2:25:F4:3C:91:4B:B9:32:5C:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/bf70fd-86dc-4d5c-af7e-62a6e2866fc3/1/JUQ-PgOmf5RuY7Il9DyRS7kyXMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:81:46:bb:0f:8f:06:fc:43:1d:b8:0e:63:15:c5:b6:bf:8f:
         43:bc:9c:8b:c5:17:71:da:96:d7:ab:41:ff:da:a7:be:47:05:
         fa:df:34:9a:7b:fb:12:ee:47:dc:28:18:bb:1e:26:ab:83:64:
         f1:1d:a3:f8:d2:7a:48:ca:f4:f9:fc:b5:08:07:c5:54:08:68:
         83:68:39:2a:a0:18:25:2a:fc:b5:59:be:ea:a0:1d:a9:6b:ef:
         9e:f1:aa:c0:03:c6:f6:f8:81:18:36:95:df:54:7c:aa:7f:0b:
         ad:b9:35:34:82:2a:17:20:48:7f:f0:7c:7a:fe:07:cc:b9:8f:
         88:85:43:6b:f8:bf:20:cb:45:fd:7d:47:8f:16:53:76:15:89:
         7e:b4:77:2d:0b:6b:72:6f:15:ed:c0:4e:dc:8d:16:2a:c7:a4:
         73:cd:2d:80:de:73:64:13:67:a3:13:26:dd:1c:cc:38:78:2e:
         e5:d7:1c:2c:1a:df:2f:5e:50:29:35:03:73:44:7d:f3:cb:ec:
         81:30:6f:7f:69:77:75:19:e7:f4:62:85:9a:fc:12:58:23:16:
         67:f4:92:69:12:11:48:90:5b:ce:0d:6f:ca:a8:c4:a9:e7:aa:
         82:f4:98:0d:99:29:a1:2a:94:b8:3d:3f:e5:ee:45:19:2d:6f:
         4e:c9:8f:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJwh+IK3aAfgBxn9XUp4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDQzZTNlMDNhNjdmOTQ2ZTYzYjIyNWY0M2M5MTRiYjkz
MjVjY2IwHhcNMjUwNDIxMDcwMTM3WhcNMjUwNDIyMDcwMTM3WjAzMTEwLwYDVQQD
EyhhNDRhYzA1OWEzNDM2MmNjMDQ1MzM0NzlhZTgzNTFmNzJlNDQwNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyhiwuXjowm3zGFr170Cgu3EX0hc
tK4QL5HYCF9USR/ZkvK+MQA5udeexynsIt6PMq4R0b60yVb5NKyNib8WgrisBGTC
ivkICaCfXh1It0tcxISiofspaK3KEepj7oPalmMK4QBvN8EduRUPxfZPpgaNs51o
TP6Tm+qv+I+KNgToGPt/Iqb1jhzjBd/yVO2C/OTmjqwu1ohn8517jxuKQFL/+JKu
ypIztw2WGyDqViS+7po237oq4M/f1q9+gvZSkcigtRbBSU+r4kzTV6vdgnzqYSA5
DGg1SswhLVeOH7jQ0RmORGP8p7oV/cRVsNltGRvFtKCEsNJ3xhyEehA+FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRKwFmjQ2LMBFM0ea6DUfcuRAVMMB8GA1UdIwQY
MBaAFCVEPj4Dpn+UbmOyJfQ8kUu5MlzLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVRLVBnT21mNVJ1WTdJbDlEeVJTN2t5WE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iZjcwZmQtODZkYy00ZDVjLWFmN2Ut
NjJhNmUyODY2ZmMzLzEvSlVRLVBnT21mNVJ1WTdJbDlEeVJTN2t5WE1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iZjcwZmQtODZkYy00ZDVjLWFmN2UtNjJhNmUyODY2ZmMz
LzEvSlVRLVBnT21mNVJ1WTdJbDlEeVJTN2t5WE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYFGuw+P
BvxDHbgOYxXFtr+PQ7yci8UXcdqW16tB/9qnvkcF+t80mnv7Eu5H3CgYux4mq4Nk
8R2j+NJ6SMr0+fy1CAfFVAhog2g5KqAYJSr8tVm+6qAdqWvvnvGqwAPG9viBGDaV
31R8qn8Lrbk1NIIqFyBIf/B8ev4HzLmPiIVDa/i/IMtF/X1HjxZTdhWJfrR3LQtr
cm8V7cBO3I0WKsekc80tgN5zZBNnoxMm3RzMOHgu5dccLBrfL15QKTUDc0R988vs
gTBvf2l3dRnn9GKFmvwSWCMWZ/SSaRIRSJBbzg1vyqjEqeeqgvSYDZkpoSqUuD0/
5e5FGS1vTsmPXg==
-----END CERTIFICATE-----