Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          j0diT/F/BaiFiQg4CEGNuohk0qn/m2LCz1RgwHphnZ0=
Subject key identifier:   0A:F4:04:74:D6:92:7F:39:3B:C3:27:26:91:85:A2:B6:70:04:F3:5B
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       019653EE1ED5CA7BF5C5D346CC87436E02E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          089D
Signing time:             Sun 20 Apr 2025 16:00:36 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:36 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:36 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: yiNvf4UjTe++vbDmbXEN8XnzI1bWEk75WW0EPPyAPmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:1e:d5:ca:7b:f5:c5:d3:46:cc:87:43:6e:02:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Apr 20 16:00:36 2025 GMT
            Not After : Apr 21 16:00:36 2025 GMT
        Subject: CN=0af40474d6927f393bc327269185a2b67004f35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:a6:38:0b:ad:8d:1a:3c:71:ec:0d:fd:4f:0c:
                    79:94:dc:c2:0b:89:95:a3:f0:46:04:56:f5:1c:ad:
                    89:13:89:2e:da:9b:05:3a:4e:a6:31:98:ec:43:8a:
                    33:f3:9e:fe:20:9c:cb:54:ca:1c:bf:b6:b7:d2:74:
                    62:7a:28:be:c8:61:35:21:a9:ad:ae:fd:f4:dc:ca:
                    1e:0c:9f:9d:29:c7:9c:e9:57:ae:4a:02:db:36:ad:
                    fc:63:ba:c2:c5:a2:b4:d0:ad:b4:bd:00:ab:9c:ea:
                    61:42:da:34:11:46:55:26:4d:45:5b:ee:fa:99:38:
                    90:8d:d6:5b:ea:6a:bc:db:45:fe:6e:f3:18:63:81:
                    31:fa:01:08:c0:58:92:96:8e:3b:b9:9b:52:45:fb:
                    a4:ae:45:3b:eb:e9:ce:a4:e8:a8:27:b1:b4:79:c5:
                    72:eb:d9:ba:17:17:5a:d8:0f:69:80:9c:51:2a:48:
                    a9:b2:9a:d7:40:71:3a:00:ad:4f:b3:60:5a:90:35:
                    ad:0a:ab:56:1b:90:03:d2:15:c7:7a:3c:e0:c4:f4:
                    df:d1:4c:28:c1:3b:47:a2:76:41:00:e1:6e:da:7a:
                    c9:3c:22:e3:15:d1:60:c7:bf:14:7d:7b:4b:3a:d8:
                    53:4b:17:35:bf:59:92:4a:fd:fa:9f:d8:32:2e:9e:
                    c3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:F4:04:74:D6:92:7F:39:3B:C3:27:26:91:85:A2:B6:70:04:F3:5B
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:7c:0c:89:fb:a8:30:02:80:a6:e3:2b:c7:b1:68:9c:43:30:
         b8:de:3f:29:4b:a7:bb:20:71:50:9e:de:69:16:09:71:0a:55:
         fc:5c:7e:5a:31:7c:a1:6c:46:5e:ae:84:be:65:0d:e1:8c:9f:
         71:bb:54:12:b3:d6:fa:2c:ba:f2:69:c0:7c:7e:cb:58:8d:dc:
         4b:99:00:61:0a:ee:33:9b:45:da:a3:82:2d:6c:6f:f8:fd:d4:
         82:aa:2c:d7:0e:c0:b5:72:4d:30:02:35:f5:6d:18:6d:76:90:
         ff:db:50:2c:c1:6b:db:05:2f:79:c8:5b:a6:60:7f:3d:18:dc:
         e7:9f:f6:7e:6e:bb:9c:5d:59:3f:9d:ea:99:e9:47:54:4e:a9:
         36:43:36:54:fc:dd:26:72:62:5b:d0:57:4d:ec:7f:c1:fb:1d:
         61:22:53:e8:97:27:b8:e0:d7:24:fc:37:19:4e:f6:ce:b3:a6:
         4a:8e:ee:eb:e8:49:74:1e:48:da:b1:61:b3:39:7d:d0:83:4c:
         cf:31:58:9d:a7:4b:98:ab:44:46:7e:91:e5:97:06:f2:75:2c:
         01:be:29:5f:11:8f:ef:d3:f2:eb:de:92:ad:13:77:f8:03:6f:
         89:8b:bb:ec:fa:e0:d3:f7:87:96:98:73:35:33:b1:b1:37:70:
         ab:a6:27:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7h7Vynv1xdNGzIdDbgLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwNDIwMTYwMDM2WhcNMjUwNDIxMTYwMDM2WjAzMTEwLwYDVQQD
EygwYWY0MDQ3NGQ2OTI3ZjM5M2JjMzI3MjY5MTg1YTJiNjcwMDRmMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qY4C62NGjxx7A39Twx5lNzCC4mV
o/BGBFb1HK2JE4ku2psFOk6mMZjsQ4oz857+IJzLVMocv7a30nRieii+yGE1Iamt
rv303MoeDJ+dKcec6VeuSgLbNq38Y7rCxaK00K20vQCrnOphQto0EUZVJk1FW+76
mTiQjdZb6mq820X+bvMYY4Ex+gEIwFiSlo47uZtSRfukrkU76+nOpOioJ7G0ecVy
69m6Fxda2A9pgJxRKkipsprXQHE6AK1Ps2BakDWtCqtWG5AD0hXHejzgxPTf0Uwo
wTtHonZBAOFu2nrJPCLjFdFgx78UfXtLOthTSxc1v1mSSv36n9gyLp7D/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAr0BHTWkn85O8MnJpGForZwBPNbMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXwMifuo
MAKApuMrx7FonEMwuN4/KUunuyBxUJ7eaRYJcQpV/Fx+WjF8oWxGXq6EvmUN4Yyf
cbtUErPW+iy68mnAfH7LWI3cS5kAYQruM5tF2qOCLWxv+P3Ugqos1w7AtXJNMAI1
9W0YbXaQ/9tQLMFr2wUvechbpmB/PRjc55/2fm67nF1ZP53qmelHVE6pNkM2VPzd
JnJiW9BXTex/wfsdYSJT6JcnuODXJPw3GU72zrOmSo7u6+hJdB5I2rFhszl90INM
zzFYnadLmKtERn6R5ZcG8nUsAb4pXxGP79Py696SrRN3+ANviYu77Prg0/eHlphz
NTOxsTdwq6Yn+A==
-----END CERTIFICATE-----