Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          AkDjE/MsMEPQN2/vtfHHwGsJJSz/ZBWWwyvops0aqVA=
Subject key identifier:   C5:B2:DF:49:DC:F9:1D:B0:6C:5C:5D:D3:0B:8C:2F:2B:A3:74:3F:E6
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       01965CF0EB90CEC5417FE4F853FE418F01BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          08C7
Signing time:             Tue 22 Apr 2025 10:00:14 +0000
Manifest this update:     Tue 22 Apr 2025 10:00:14 +0000
Manifest next update:     Wed 23 Apr 2025 10:00:14 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: lMO7hM1nNEjjdfS+Ai/NSqwFSPyFplty3Z9AEAy8880=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f0:eb:90:ce:c5:41:7f:e4:f8:53:fe:41:8f:01:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Apr 22 10:00:14 2025 GMT
            Not After : Apr 23 10:00:14 2025 GMT
        Subject: CN=c5b2df49dcf91db06c5c5dd30b8c2f2ba3743fe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9b:be:7d:06:6d:c7:49:50:8e:51:d4:58:7b:
                    0c:11:6c:4e:f0:83:ff:d4:eb:59:4d:f6:b6:59:b5:
                    ce:79:8f:57:8a:92:fd:3c:02:28:df:56:6c:eb:42:
                    09:c3:5b:73:a6:76:b9:0f:e2:71:80:4d:15:3d:e5:
                    bf:f9:f9:3c:b0:a9:d6:47:fb:be:f2:b0:4c:38:e9:
                    2c:a6:51:08:f1:b6:51:a1:66:76:69:ee:fb:32:80:
                    07:0f:62:ac:e2:c5:12:ac:16:60:b5:7c:76:eb:df:
                    87:e1:e1:f1:f0:48:6c:71:13:4d:74:a6:3e:23:26:
                    50:c5:e2:98:25:6d:24:77:89:0b:01:e8:34:5c:81:
                    aa:70:d4:20:90:25:00:81:57:92:dd:0a:5b:a0:e6:
                    19:24:59:93:d7:c4:05:65:e2:75:f2:b5:32:23:60:
                    ee:ec:a1:5c:0b:5c:05:42:62:97:61:de:fe:66:a5:
                    57:c0:fe:83:0a:16:6a:4c:67:dd:bc:55:24:31:d4:
                    7d:7e:1d:38:02:37:7f:42:5d:09:eb:de:50:86:ee:
                    1d:1a:2d:f6:07:2a:f3:50:c7:0f:e2:40:d5:13:ef:
                    e8:bc:bb:ce:99:78:b1:72:54:ab:6a:3b:66:09:49:
                    20:42:64:23:9d:85:dd:d3:04:93:84:fd:dd:cb:01:
                    ad:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:B2:DF:49:DC:F9:1D:B0:6C:5C:5D:D3:0B:8C:2F:2B:A3:74:3F:E6
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:45:c3:a6:e4:06:84:73:23:12:30:7c:ad:ba:3b:2d:a9:98:
         93:d2:df:de:e9:cb:1d:af:46:10:ef:8a:94:35:b4:b8:f0:57:
         64:5b:1d:e8:4f:0f:f6:f0:82:66:24:9c:cd:fb:fd:aa:b9:16:
         02:9e:2d:f7:dd:c4:bf:1f:72:65:60:c2:ca:fc:10:01:70:3c:
         22:ba:87:34:0b:11:2f:a5:5e:19:8d:56:11:4a:d9:4c:0f:ae:
         44:9e:81:05:35:f3:9b:f0:b6:4d:90:dd:f8:1f:ec:ca:f2:f5:
         b6:15:39:20:cc:72:b0:6f:ff:68:5b:89:9f:53:91:03:e7:dc:
         a7:a8:c9:ef:07:4e:68:d7:0c:12:22:17:39:98:be:9e:68:ab:
         9d:78:bb:8d:33:0d:92:e4:bf:68:96:b8:83:0b:7e:8c:31:83:
         af:d3:16:27:8c:49:ad:5f:d5:68:62:c6:d8:a9:ef:87:b3:48:
         67:ab:e1:c4:71:45:ce:6e:7b:17:b7:7d:f4:45:6b:33:4b:14:
         35:dd:95:4d:83:b0:33:ab:fd:ef:f5:a1:a4:19:51:a7:51:26:
         0b:3f:74:01:8b:ec:a2:c3:45:17:dd:4c:a1:78:05:49:b7:c9:
         9b:d5:d3:02:84:cc:c2:9b:67:77:0e:62:10:59:09:31:1c:36:
         2b:9d:08:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8OuQzsVBf+T4U/5BjwG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUwNDIyMTAwMDE0WhcNMjUwNDIzMTAwMDE0WjAzMTEwLwYDVQQD
EyhjNWIyZGY0OWRjZjkxZGIwNmM1YzVkZDMwYjhjMmYyYmEzNzQzZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZu+fQZtx0lQjlHUWHsMEWxO8IP/
1OtZTfa2WbXOeY9XipL9PAIo31Zs60IJw1tzpna5D+JxgE0VPeW/+fk8sKnWR/u+
8rBMOOksplEI8bZRoWZ2ae77MoAHD2Ks4sUSrBZgtXx269+H4eHx8EhscRNNdKY+
IyZQxeKYJW0kd4kLAeg0XIGqcNQgkCUAgVeS3QpboOYZJFmT18QFZeJ18rUyI2Du
7KFcC1wFQmKXYd7+ZqVXwP6DChZqTGfdvFUkMdR9fh04Ajd/Ql0J695Qhu4dGi32
ByrzUMcP4kDVE+/ovLvOmXixclSrajtmCUkgQmQjnYXd0wSThP3dywGtqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWy30nc+R2wbFxd0wuMLyujdD/mMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEXDpuQG
hHMjEjB8rbo7LamYk9Lf3unLHa9GEO+KlDW0uPBXZFsd6E8P9vCCZiSczfv9qrkW
Ap4t993Evx9yZWDCyvwQAXA8IrqHNAsRL6VeGY1WEUrZTA+uRJ6BBTXzm/C2TZDd
+B/syvL1thU5IMxysG//aFuJn1ORA+fcp6jJ7wdOaNcMEiIXOZi+nmirnXi7jTMN
kuS/aJa4gwt+jDGDr9MWJ4xJrV/VaGLG2Knvh7NIZ6vhxHFFzm57F7d99EVrM0sU
Nd2VTYOwM6v97/WhpBlRp1EmCz90AYvsosNFF91MoXgFSbfJm9XTAoTMwptndw5i
EFkJMRw2K50IBQ==
-----END CERTIFICATE-----