Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
File:                     sxU2q-49e1S4MDubxpqKq76XAOQ.mft (raw, json)
Hash identifier:          3petpgg2bAhNf1H/pypUYT/HASWSsHhLlZ1KMakdhfQ=
Subject key identifier:   1F:1A:00:EE:73:B7:BB:11:5D:4A:1B:E8:3B:F2:0E:98:35:D9:AD:9F
Authority key identifier: B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4
Certificate issuer:       /CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
Certificate serial:       01965CF1F6FEECBB8129D8E5F3CFDFC010E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
Manifest number:          0717
Signing time:             Tue 22 Apr 2025 10:01:23 +0000
Manifest this update:     Tue 22 Apr 2025 10:01:23 +0000
Manifest next update:     Wed 23 Apr 2025 10:01:23 +0000
Files and hashes:         1: sxU2q-49e1S4MDubxpqKq76XAOQ.crl (hash: srzqU2pzRDrYn0+PQ4veFwA2bLN0jrC3aJiTkL6bYJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 10:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f1:f6:fe:ec:bb:81:29:d8:e5:f3:cf:df:c0:10:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
        Validity
            Not Before: Apr 22 10:01:23 2025 GMT
            Not After : Apr 23 10:01:23 2025 GMT
        Subject: CN=1f1a00ee73b7bb115d4a1be83bf20e9835d9ad9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:1d:61:9f:e8:19:e6:50:26:9f:7e:b9:32:7f:
                    ab:33:f1:90:db:ed:14:32:4e:46:6a:1e:0c:21:f9:
                    db:0d:9a:6d:d1:98:44:29:29:85:02:76:e5:3e:05:
                    c7:4b:a6:34:17:aa:f5:2e:cc:61:c2:52:bf:23:ff:
                    28:5b:ea:7e:72:bb:ac:7d:b2:59:30:05:e3:94:dc:
                    c1:c2:e0:bb:a7:55:63:9d:1e:7d:e2:80:60:8c:ac:
                    3b:7c:73:43:25:11:24:ef:d0:d4:b7:5a:d2:bc:26:
                    5b:e2:dd:28:1b:ba:1a:e0:39:dc:c0:b4:3a:f1:a1:
                    c6:fc:09:89:73:64:61:82:f9:a6:00:bf:49:76:32:
                    76:02:5d:99:cf:19:f7:de:d4:13:fe:b3:6c:47:c9:
                    d7:dd:0b:9a:c9:e1:96:8d:b6:70:7f:ad:80:3e:be:
                    7d:04:90:99:94:e3:0b:0d:97:94:13:5f:11:3a:91:
                    ff:d1:f3:11:87:04:f9:de:70:20:ff:36:53:8c:88:
                    eb:23:08:df:56:37:7e:0d:d9:0b:75:59:1b:f6:46:
                    ee:c6:1a:54:7d:15:67:a5:31:ce:83:b7:8f:42:43:
                    8d:96:b0:7c:dd:fd:3e:64:1c:d4:51:0a:ec:53:44:
                    21:a0:6e:1f:86:b9:18:d9:8c:ca:3f:b1:54:d4:7e:
                    5c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:1A:00:EE:73:B7:BB:11:5D:4A:1B:E8:3B:F2:0E:98:35:D9:AD:9F
            X509v3 Authority Key Identifier:
                keyid:B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d1:fc:6a:2f:89:fe:bb:26:64:77:fa:fe:68:c5:5b:ab:43:
         2e:e3:39:6b:78:ab:5f:4b:f6:ea:dd:34:bf:0f:e2:eb:b3:66:
         1b:db:21:89:18:8b:fd:98:01:a5:68:05:d5:bf:6e:6c:17:69:
         d8:25:a2:05:83:75:24:69:60:f9:92:4b:4a:42:d6:bf:a5:11:
         67:96:a9:d9:0f:2e:18:b8:cc:48:2c:08:04:65:7c:f7:38:06:
         09:fe:f5:ef:90:99:3d:16:0f:26:bc:80:9e:04:cc:e4:5f:44:
         9d:a3:64:4b:43:23:01:8c:ea:9c:0d:03:11:25:3e:39:fa:86:
         29:4c:6b:67:8b:5c:fe:6b:e1:9a:76:8f:cc:bf:82:c5:97:e0:
         0c:be:b8:2a:38:eb:d3:c0:77:75:99:15:80:63:68:fa:16:ad:
         00:9e:b8:6d:e6:c5:bd:71:bb:6f:5c:9c:8c:34:47:38:6c:ff:
         03:1f:84:3e:4f:6e:80:da:a5:9a:a4:c7:ca:d3:43:a5:19:9d:
         ba:8d:16:4e:2a:eb:33:b6:72:e2:83:b8:0f:5b:de:e9:f8:a1:
         0d:84:ca:d9:e3:39:d7:d5:9e:eb:80:b1:26:2d:62:99:50:84:
         2f:89:90:c3:0e:47:f6:d4:f8:33:ac:98:20:be:b1:f8:82:13:
         fd:9e:75:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8fb+7LuBKdjl88/fwBDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTUzNmFiZWUzZDdiNTRiODMwM2I5YmM2OWE4YWFiYmU5
NzAwZTQwHhcNMjUwNDIyMTAwMTIzWhcNMjUwNDIzMTAwMTIzWjAzMTEwLwYDVQQD
EygxZjFhMDBlZTczYjdiYjExNWQ0YTFiZTgzYmYyMGU5ODM1ZDlhZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR1hn+gZ5lAmn365Mn+rM/GQ2+0U
Mk5Gah4MIfnbDZpt0ZhEKSmFAnblPgXHS6Y0F6r1LsxhwlK/I/8oW+p+crusfbJZ
MAXjlNzBwuC7p1VjnR594oBgjKw7fHNDJREk79DUt1rSvCZb4t0oG7oa4DncwLQ6
8aHG/AmJc2RhgvmmAL9JdjJ2Al2Zzxn33tQT/rNsR8nX3QuayeGWjbZwf62APr59
BJCZlOMLDZeUE18ROpH/0fMRhwT53nAg/zZTjIjrIwjfVjd+DdkLdVkb9kbuxhpU
fRVnpTHOg7ePQkONlrB83f0+ZBzUUQrsU0QhoG4fhrkY2YzKP7FU1H5chwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8aAO5zt7sRXUob6DvyDpg12a2fMB8GA1UdIwQY
MBaAFLMVNqvuPXtUuDA7m8aaiqu+lwDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMt
Y2NjODc3YjVhMzc1LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMtY2NjODc3YjVhMzc1
LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9H8ai+J
/rsmZHf6/mjFW6tDLuM5a3irX0v26t00vw/i67NmG9shiRiL/ZgBpWgF1b9ubBdp
2CWiBYN1JGlg+ZJLSkLWv6URZ5ap2Q8uGLjMSCwIBGV89zgGCf7175CZPRYPJryA
ngTM5F9EnaNkS0MjAYzqnA0DESU+OfqGKUxrZ4tc/mvhmnaPzL+CxZfgDL64Kjjr
08B3dZkVgGNo+hatAJ64bebFvXG7b1ycjDRHOGz/Ax+EPk9ugNqlmqTHytNDpRmd
uo0WTirrM7Zy4oO4D1ve6fihDYTK2eM519We64CxJi1imVCEL4mQww5H9tT4M6yY
IL6x+IIT/Z51ag==
-----END CERTIFICATE-----