Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
File:                     cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft (raw, json)
Hash identifier:          t8IpYj9b7dvRcwgOfE54SCcfvb558hwGQtt0i4dFw9c=
Subject key identifier:   19:91:47:E9:F9:A8:15:B3:C4:89:FC:E7:C3:68:FB:95:CD:88:71:E9
Authority key identifier: 73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6
Certificate issuer:       /CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
Certificate serial:       01965500E93E3AD6BC45FD5166E7A43E36CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
Manifest number:          D2
Signing time:             Sun 20 Apr 2025 21:00:45 +0000
Manifest this update:     Sun 20 Apr 2025 21:00:45 +0000
Manifest next update:     Mon 21 Apr 2025 21:00:45 +0000
Files and hashes:         1: cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl (hash: DZeIm8tyjJgWw9GTYQV80eGq17Z8Up+zMVFv9E4Nfu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:00:e9:3e:3a:d6:bc:45:fd:51:66:e7:a4:3e:36:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
        Validity
            Not Before: Apr 20 21:00:45 2025 GMT
            Not After : Apr 21 21:00:45 2025 GMT
        Subject: CN=199147e9f9a815b3c489fce7c368fb95cd8871e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f2:a2:51:fc:8b:fd:b9:48:07:65:f7:55:cb:
                    3b:c6:18:15:0d:06:1c:a5:e0:89:b0:c3:b9:a7:3a:
                    2e:7d:0d:2b:cd:5c:a3:ff:80:eb:5f:83:0a:53:51:
                    fa:54:c8:8a:52:af:35:67:65:ab:78:39:e8:fd:fa:
                    9c:57:74:bb:06:df:11:5f:a4:c6:e8:1b:bb:e7:6f:
                    fd:f5:a9:bc:5d:20:32:0d:12:34:39:50:5e:bc:bd:
                    57:be:c5:0b:f2:00:9b:29:03:9f:00:05:ae:ce:cf:
                    61:5c:a8:6b:87:11:33:a6:cf:7a:e7:c8:65:71:7c:
                    6f:74:a5:65:11:ee:ad:40:d5:35:3a:2e:c3:54:fd:
                    58:d6:23:bb:35:1e:b4:49:5e:61:9f:da:8c:0e:ce:
                    b3:7a:f4:42:be:a6:95:b0:57:ef:7c:e8:0c:80:eb:
                    a8:af:54:8f:47:69:18:3d:aa:e6:ef:51:6e:49:ed:
                    2b:31:e3:76:19:64:68:f6:c9:c2:c4:58:1c:3d:dc:
                    9d:a1:e4:00:3f:05:d3:d7:96:ad:b3:37:ca:3b:65:
                    46:1c:51:ea:f4:be:06:c8:04:43:6d:01:8a:c0:4e:
                    39:b5:65:4a:9c:3f:05:a8:f6:3f:0d:67:4f:12:cd:
                    e0:69:a0:8c:ce:4b:aa:44:12:07:6f:d2:c5:35:44:
                    dd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:91:47:E9:F9:A8:15:B3:C4:89:FC:E7:C3:68:FB:95:CD:88:71:E9
            X509v3 Authority Key Identifier:
                keyid:73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:6d:57:a9:21:e0:17:ee:d1:d2:44:45:70:a1:ae:d9:4c:bc:
         7b:b5:16:17:f1:2a:de:c7:1a:52:9e:b9:84:86:a3:c9:7a:8d:
         1c:41:fc:10:4c:a7:91:14:92:59:3f:46:c1:9c:d7:d5:67:42:
         fd:d8:a2:0e:ef:a1:ee:b1:68:34:83:a3:51:d3:6c:98:49:12:
         f3:3c:79:e5:23:fa:27:09:d6:90:33:8a:c9:f1:83:9f:21:a5:
         5b:af:28:6b:99:ef:8f:57:19:cb:f4:bc:8b:ff:e9:7d:5a:39:
         1b:b2:b3:aa:2b:5f:0b:39:72:8c:83:c0:dd:8d:eb:f1:40:9d:
         59:d7:fa:07:3b:67:7c:58:eb:cc:c2:02:3f:5c:4b:f8:6c:1b:
         e7:3b:b9:fb:56:2f:76:b0:c0:fb:d7:05:d4:0f:2b:bc:13:ea:
         3a:49:57:4f:01:f2:6f:31:cb:9c:e0:98:91:b6:ee:53:6b:ce:
         07:55:de:e2:2f:18:90:db:8f:b1:12:f4:c2:c3:19:2e:a4:bb:
         17:06:63:d2:97:a0:a6:13:46:d9:f3:2f:82:50:26:51:89:00:
         84:e8:bf:cd:c9:b3:7e:15:8c:66:a0:08:13:07:aa:64:df:1c:
         1f:50:22:af:2b:9b:ab:5c:74:41:56:c3:85:40:06:6e:43:12:
         cf:f0:38:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAOk+Ota8Rf1RZuekPjbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDM4Y2RjNjI1MjJlNDg0YjA2MTVjNDI0MWM3ZTdhYTgy
MWQ4ZDYwHhcNMjUwNDIwMjEwMDQ1WhcNMjUwNDIxMjEwMDQ1WjAzMTEwLwYDVQQD
EygxOTkxNDdlOWY5YTgxNWIzYzQ4OWZjZTdjMzY4ZmI5NWNkODg3MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfKiUfyL/blIB2X3Vcs7xhgVDQYc
peCJsMO5pzoufQ0rzVyj/4DrX4MKU1H6VMiKUq81Z2WreDno/fqcV3S7Bt8RX6TG
6Bu752/99am8XSAyDRI0OVBevL1XvsUL8gCbKQOfAAWuzs9hXKhrhxEzps9658hl
cXxvdKVlEe6tQNU1Oi7DVP1Y1iO7NR60SV5hn9qMDs6zevRCvqaVsFfvfOgMgOuo
r1SPR2kYParm71FuSe0rMeN2GWRo9snCxFgcPdydoeQAPwXT15atszfKO2VGHFHq
9L4GyARDbQGKwE45tWVKnD8FqPY/DWdPEs3gaaCMzkuqRBIHb9LFNUTdLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmRR+n5qBWzxIn858No+5XNiHHpMB8GA1UdIwQY
MBaAFHMDjNxiUi5ISwYVxCQcfnqoIdjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjIt
MjkyOWI5ZjFkMTViLzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjItMjkyOWI5ZjFkMTVi
LzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs21XqSHg
F+7R0kRFcKGu2Uy8e7UWF/Eq3scaUp65hIajyXqNHEH8EEynkRSSWT9GwZzX1WdC
/diiDu+h7rFoNIOjUdNsmEkS8zx55SP6JwnWkDOKyfGDnyGlW68oa5nvj1cZy/S8
i//pfVo5G7KzqitfCzlyjIPA3Y3r8UCdWdf6BztnfFjrzMICP1xL+Gwb5zu5+1Yv
drDA+9cF1A8rvBPqOklXTwHybzHLnOCYkbbuU2vOB1Xe4i8YkNuPsRL0wsMZLqS7
FwZj0pegphNG2fMvglAmUYkAhOi/zcmzfhWMZqAIEweqZN8cH1Airyubq1x0QVbD
hUAGbkMSz/A4kw==
-----END CERTIFICATE-----