Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.mft
File:                     X78QDyDnniuCeH_mRaU_TChkKvY.mft (raw, json)
Hash identifier:          cag/lXqrECC2hl/Z4+rgPxiodjuzBJEMnfkwZ4y0uTc=
Subject key identifier:   E2:6D:EA:FD:EB:09:D2:BC:A2:65:3F:E0:B9:9C:26:1B:45:6C:9E:69
Authority key identifier: 5F:BF:10:0F:20:E7:9E:2B:82:78:7F:E6:45:A5:3F:4C:28:64:2A:F6
Certificate issuer:       /CN=5fbf100f20e79e2b82787fe645a53f4c28642af6
Certificate serial:       0196542512E5D9BCCFD9EE79EB91B558E177
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X78QDyDnniuCeH_mRaU_TChkKvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 17:00:37 +0000
Manifest this update:     Sun 20 Apr 2025 17:00:37 +0000
Manifest next update:     Mon 21 Apr 2025 17:00:37 +0000
Files and hashes:         1: X78QDyDnniuCeH_mRaU_TChkKvY.crl (hash: /5Jyde9jHy7QVcLEGMNKOvqGT6bfhNoHKi0gge6LWJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X78QDyDnniuCeH_mRaU_TChkKvY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:12:e5:d9:bc:cf:d9:ee:79:eb:91:b5:58:e1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbf100f20e79e2b82787fe645a53f4c28642af6
        Validity
            Not Before: Apr 20 17:00:37 2025 GMT
            Not After : Apr 21 17:00:37 2025 GMT
        Subject: CN=e26deafdeb09d2bca2653fe0b99c261b456c9e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:84:34:bf:f3:96:7f:16:31:94:dd:e0:59:58:
                    7c:2b:17:d8:b8:d6:9f:f2:18:18:72:e6:21:56:3d:
                    b2:a1:e2:61:50:b5:6b:b0:25:07:b7:86:41:ad:0b:
                    4a:e4:a5:f9:a5:f7:e3:56:c2:de:5b:66:6d:87:24:
                    d4:d3:ce:dc:25:e5:44:9e:ef:94:0f:85:0c:39:62:
                    7d:04:07:5e:06:a5:1e:f8:41:1e:83:bb:03:af:4c:
                    f1:73:02:0c:b2:32:1a:3d:e4:ec:75:9e:4e:61:a5:
                    f4:c4:3c:e6:19:ba:0b:4d:cb:57:dc:02:9a:7b:84:
                    28:f5:ee:92:24:09:9f:19:ae:a6:04:cd:69:ca:30:
                    b9:f2:11:74:2f:a9:d7:57:ee:ea:48:f4:fd:17:b3:
                    46:eb:cc:32:c7:80:5b:bf:4f:65:a1:a6:93:8c:c1:
                    0c:25:ca:ca:6f:b0:55:9d:c1:7c:ac:ac:d1:74:47:
                    2e:70:58:95:2b:ca:b5:1b:1f:cc:70:0f:70:dd:df:
                    d3:fb:2c:e1:50:d6:1c:b2:d7:09:b4:df:71:96:e8:
                    10:34:40:a8:e5:46:c5:bf:89:b3:bb:ff:51:5b:d4:
                    3f:a4:fd:4c:6e:ed:2a:2d:61:0b:1d:4d:6f:29:f5:
                    f3:1d:69:01:62:64:0e:58:d4:9a:24:5d:6c:06:38:
                    3e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6D:EA:FD:EB:09:D2:BC:A2:65:3F:E0:B9:9C:26:1B:45:6C:9E:69
            X509v3 Authority Key Identifier:
                keyid:5F:BF:10:0F:20:E7:9E:2B:82:78:7F:E6:45:A5:3F:4C:28:64:2A:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X78QDyDnniuCeH_mRaU_TChkKvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/33044c-3be5-4d17-a721-33f3c6b34602/1/X78QDyDnniuCeH_mRaU_TChkKvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:af:52:08:50:66:84:0e:a8:b7:b6:aa:8b:ef:ea:a1:3a:50:
         23:95:d5:66:d6:30:aa:16:ea:dd:33:4e:a6:54:23:9a:51:ab:
         8a:a6:75:33:59:88:25:43:d9:3d:0f:e7:ef:fc:d6:99:52:8f:
         a9:64:62:90:e1:eb:86:a8:af:19:05:13:b2:4b:71:53:01:e0:
         fd:f7:b9:99:f8:61:ac:d5:dd:3c:41:4f:f2:bd:bc:a2:58:31:
         87:87:de:60:8c:cf:3f:84:f3:b5:fb:cf:9a:61:dc:1a:16:52:
         05:36:b7:3c:68:9f:3a:e8:c7:f0:c6:bc:e9:cf:e0:c0:5d:51:
         1f:dc:76:34:43:6a:34:f3:6c:a6:ea:ac:a6:fb:ac:48:25:0f:
         46:49:c3:e9:8a:1e:62:be:0d:e1:4c:c7:eb:31:d4:1e:6c:c7:
         2e:ab:f3:87:eb:ef:9c:a4:90:18:4b:b7:2d:3c:c7:9d:23:87:
         bc:2a:54:12:59:3e:4c:35:fa:bc:c1:0f:de:f6:c5:df:7f:68:
         31:ef:99:26:d8:4d:af:a8:28:81:9f:f3:6f:e5:fd:f1:b7:cf:
         44:bb:66:4d:7b:0a:0b:5a:9b:ef:04:79:4e:d9:50:dd:7b:30:
         ea:22:2e:f5:53:91:70:b1:57:19:52:0b:77:f4:d3:4d:1f:4b:
         d7:d8:7e:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJRLl2bzP2e5565G1WOF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmYxMDBmMjBlNzllMmI4Mjc4N2ZlNjQ1YTUzZjRjMjg2
NDJhZjYwHhcNMjUwNDIwMTcwMDM3WhcNMjUwNDIxMTcwMDM3WjAzMTEwLwYDVQQD
EyhlMjZkZWFmZGViMDlkMmJjYTI2NTNmZTBiOTljMjYxYjQ1NmM5ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IQ0v/OWfxYxlN3gWVh8KxfYuNaf
8hgYcuYhVj2yoeJhULVrsCUHt4ZBrQtK5KX5pffjVsLeW2ZthyTU087cJeVEnu+U
D4UMOWJ9BAdeBqUe+EEeg7sDr0zxcwIMsjIaPeTsdZ5OYaX0xDzmGboLTctX3AKa
e4Qo9e6SJAmfGa6mBM1pyjC58hF0L6nXV+7qSPT9F7NG68wyx4Bbv09loaaTjMEM
JcrKb7BVncF8rKzRdEcucFiVK8q1Gx/McA9w3d/T+yzhUNYcstcJtN9xlugQNECo
5UbFv4mzu/9RW9Q/pP1Mbu0qLWELHU1vKfXzHWkBYmQOWNSaJF1sBjg+hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJt6v3rCdK8omU/4LmcJhtFbJ5pMB8GA1UdIwQY
MBaAFF+/EA8g554rgnh/5kWlP0woZCr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc4UUR5RG5uaXVDZUhfbVJhVV9UQ2hrS3ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMzA0NGMtM2JlNS00ZDE3LWE3MjEt
MzNmM2M2YjM0NjAyLzEvWDc4UUR5RG5uaXVDZUhfbVJhVV9UQ2hrS3ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMzA0NGMtM2JlNS00ZDE3LWE3MjEtMzNmM2M2YjM0NjAy
LzEvWDc4UUR5RG5uaXVDZUhfbVJhVV9UQ2hrS3ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAq9SCFBm
hA6ot7aqi+/qoTpQI5XVZtYwqhbq3TNOplQjmlGriqZ1M1mIJUPZPQ/n7/zWmVKP
qWRikOHrhqivGQUTsktxUwHg/fe5mfhhrNXdPEFP8r28olgxh4feYIzPP4TztfvP
mmHcGhZSBTa3PGifOujH8Ma86c/gwF1RH9x2NENqNPNspuqspvusSCUPRknD6Yoe
Yr4N4UzH6zHUHmzHLqvzh+vvnKSQGEu3LTzHnSOHvCpUElk+TDX6vMEP3vbF339o
Me+ZJthNr6gogZ/zb+X98bfPRLtmTXsKC1qb7wR5TtlQ3Xsw6iIu9VORcLFXGVIL
d/TTTR9L19h+lg==
-----END CERTIFICATE-----