Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
File:                     pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft (raw, json)
Hash identifier:          xlTrCETIIpnlxgYw4lvynh8pKxLftehKtqfFmMWUQ44=
Subject key identifier:   E9:20:C9:92:C8:75:77:64:8C:3D:6E:A5:F8:8A:8D:FA:83:0F:1A:E0
Authority key identifier: A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0
Certificate issuer:       /CN=a475e651f81aab603392f25521b7c9ab5bd281c0
Certificate serial:       019654C9D7462EC6BF1FBF3C8AF039C2AEDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
Manifest number:          032A
Signing time:             Sun 20 Apr 2025 20:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:35 +0000
Files and hashes:         1: pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl (hash: euHXuvmTm8YutpihosjL3+oFsZ5V182iRv/HfNb/I2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 20:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:c9:d7:46:2e:c6:bf:1f:bf:3c:8a:f0:39:c2:ae:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a475e651f81aab603392f25521b7c9ab5bd281c0
        Validity
            Not Before: Apr 20 20:00:35 2025 GMT
            Not After : Apr 21 20:00:35 2025 GMT
        Subject: CN=e920c992c87577648c3d6ea5f88a8dfa830f1ae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e7:db:fe:fb:af:d2:1d:28:19:df:6e:cf:4d:
                    e8:a2:0c:fa:fe:89:11:d4:1f:53:b6:78:3a:aa:9f:
                    9f:d3:74:9f:41:c0:59:ca:44:82:06:a9:d4:e6:79:
                    e8:14:8d:10:dc:85:2e:c2:b1:02:3c:22:07:29:f7:
                    91:fa:5c:42:f6:39:80:d1:06:1e:a6:c0:93:7b:33:
                    c9:db:06:92:e7:40:65:68:81:6f:cd:22:fd:cc:a5:
                    06:36:07:79:b0:c7:09:d8:63:17:c4:aa:7a:1b:52:
                    19:38:d6:72:fc:69:33:6e:0c:f3:19:3f:4f:a3:ea:
                    0f:b5:5c:4e:c0:90:7f:f5:e0:5b:67:6b:36:cd:b3:
                    7c:dc:8d:30:ff:34:e4:fb:39:84:fa:21:49:47:60:
                    00:44:4d:1a:02:e6:a2:53:c6:87:28:b1:a0:4c:ee:
                    64:55:a0:56:84:f3:7d:b9:a7:c1:5d:f1:50:3c:31:
                    48:a1:3d:9c:37:bb:79:f7:61:54:10:bc:62:24:ff:
                    92:37:0e:18:e5:cb:7b:60:c5:c7:15:36:83:ee:4f:
                    e8:23:e6:a9:9d:9a:14:1d:4c:46:6b:80:58:51:30:
                    ca:75:72:59:52:58:9e:1a:9b:9e:9f:23:3c:1b:53:
                    be:28:6c:da:a9:79:1b:25:81:10:86:b6:6b:7c:a3:
                    0a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:20:C9:92:C8:75:77:64:8C:3D:6E:A5:F8:8A:8D:FA:83:0F:1A:E0
            X509v3 Authority Key Identifier:
                keyid:A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:58:c3:5e:96:d9:b3:a0:d1:e8:13:9f:50:d3:b0:fc:56:02:
         fe:8d:45:0a:98:a0:76:02:71:40:73:0b:82:b5:00:8d:2a:2c:
         37:83:16:00:cd:5a:5e:30:53:32:54:42:c0:85:89:c4:67:c5:
         00:8f:90:d6:9a:a5:a1:79:d0:26:4c:0d:c0:4e:89:f3:11:c6:
         a6:38:d9:23:2d:b2:04:6f:ff:dc:1b:61:91:e7:7a:50:0c:e2:
         52:ff:1f:4b:81:c3:e1:53:5e:c5:84:65:f0:62:af:02:fb:65:
         6b:90:77:50:4e:b9:cf:47:0c:d4:46:95:54:7e:9a:b0:b3:b5:
         2d:70:b2:cd:64:a9:c7:6b:33:22:e6:2b:c8:a5:86:47:a2:b4:
         f3:cb:fe:3a:c7:77:11:28:00:d8:52:c4:e2:f7:b3:27:4b:56:
         5f:13:4f:8d:8f:2f:71:66:79:5c:8e:b3:78:51:cb:dd:e0:c5:
         e2:6d:ea:c0:70:0e:b9:63:bc:6a:66:d5:7e:a8:e3:84:a1:77:
         86:a9:14:be:eb:13:d2:05:2e:c4:1c:c0:9d:0e:14:36:7d:61:
         82:df:84:91:ae:cf:17:f7:a9:67:73:43:89:f0:a5:60:83:1d:
         b1:48:9a:61:67:47:20:3f:ea:01:f5:6e:81:16:6e:02:5f:b2:
         e2:06:11:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUyddGLsa/H788ivA5wq7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzVlNjUxZjgxYWFiNjAzMzkyZjI1NTIxYjdjOWFiNWJk
MjgxYzAwHhcNMjUwNDIwMjAwMDM1WhcNMjUwNDIxMjAwMDM1WjAzMTEwLwYDVQQD
EyhlOTIwYzk5MmM4NzU3NzY0OGMzZDZlYTVmODhhOGRmYTgzMGYxYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ofb/vuv0h0oGd9uz03oogz6/okR
1B9Ttng6qp+f03SfQcBZykSCBqnU5nnoFI0Q3IUuwrECPCIHKfeR+lxC9jmA0QYe
psCTezPJ2waS50BlaIFvzSL9zKUGNgd5sMcJ2GMXxKp6G1IZONZy/GkzbgzzGT9P
o+oPtVxOwJB/9eBbZ2s2zbN83I0w/zTk+zmE+iFJR2AARE0aAuaiU8aHKLGgTO5k
VaBWhPN9uafBXfFQPDFIoT2cN7t592FUELxiJP+SNw4Y5ct7YMXHFTaD7k/oI+ap
nZoUHUxGa4BYUTDKdXJZUlieGpuenyM8G1O+KGzaqXkbJYEQhrZrfKMKzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkgyZLIdXdkjD1upfiKjfqDDxrgMB8GA1UdIwQY
MBaAFKR15lH4GqtgM5LyVSG3yatb0oHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYt
NzdjZmQyMTViNzMyLzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYtNzdjZmQyMTViNzMy
LzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv1jDXpbZ
s6DR6BOfUNOw/FYC/o1FCpigdgJxQHMLgrUAjSosN4MWAM1aXjBTMlRCwIWJxGfF
AI+Q1pqloXnQJkwNwE6J8xHGpjjZIy2yBG//3Bthked6UAziUv8fS4HD4VNexYRl
8GKvAvtla5B3UE65z0cM1EaVVH6asLO1LXCyzWSpx2szIuYryKWGR6K088v+Osd3
ESgA2FLE4vezJ0tWXxNPjY8vcWZ5XI6zeFHL3eDF4m3qwHAOuWO8ambVfqjjhKF3
hqkUvusT0gUuxBzAnQ4UNn1hgt+Eka7PF/epZ3NDifClYIMdsUiaYWdHID/qAfVu
gRZuAl+y4gYRoQ==
-----END CERTIFICATE-----