Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.mft
File:                     pTW_JFBXN0H5Q16UghAWoi5rwUc.mft (raw, json)
Hash identifier:          yvPaDsWHmxS0CHYVcVUc2SKd45CmsAFUh7FkRaxgOBg=
Subject key identifier:   71:27:F7:16:01:39:C1:D9:8A:54:E1:2A:E3:81:44:61:4F:9D:53:22
Authority key identifier: A5:35:BF:24:50:57:37:41:F9:43:5E:94:82:10:16:A2:2E:6B:C1:47
Certificate issuer:       /CN=a535bf2450573741f9435e94821016a22e6bc147
Certificate serial:       0196545BF62433EB2360F313CBA4A22036B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pTW_JFBXN0H5Q16UghAWoi5rwUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 18:00:34 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:34 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:34 +0000
Files and hashes:         1: pTW_JFBXN0H5Q16UghAWoi5rwUc.crl (hash: V2iaN5qn4/4evXzpaDpf44jUITtO99rICxoXul44u14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pTW_JFBXN0H5Q16UghAWoi5rwUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5b:f6:24:33:eb:23:60:f3:13:cb:a4:a2:20:36:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a535bf2450573741f9435e94821016a22e6bc147
        Validity
            Not Before: Apr 20 18:00:34 2025 GMT
            Not After : Apr 21 18:00:34 2025 GMT
        Subject: CN=7127f7160139c1d98a54e12ae38144614f9d5322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:ff:10:75:86:cd:62:95:50:db:65:5b:cd:4e:
                    7e:f4:05:0e:ca:f7:e5:81:b4:50:fb:5d:81:d5:ed:
                    93:b0:f9:63:fe:bc:1f:e6:88:99:ea:09:6c:9c:05:
                    42:fd:56:0b:6b:c3:f2:62:d3:4b:a0:61:21:d3:92:
                    58:b3:a0:2e:86:7e:e3:5e:93:ab:1d:75:7b:77:ae:
                    14:3e:0e:94:e6:9e:d6:e3:a7:01:86:56:ea:ec:05:
                    fd:5c:d4:fb:58:cc:f7:1a:8a:21:96:54:0a:4a:61:
                    2d:6f:48:29:f6:76:6f:21:89:c4:8c:c1:f9:94:60:
                    5b:01:90:cf:3a:c0:cc:36:40:00:af:bf:e7:67:6c:
                    28:cb:12:b5:2c:f9:74:7c:4f:d6:a8:bf:65:30:a4:
                    b1:7d:fc:81:1c:44:cc:85:47:ce:e8:12:bf:11:dc:
                    b1:f2:fb:0c:35:9f:26:0e:12:a7:9f:6a:e6:31:bd:
                    0b:7f:60:6a:cb:df:bd:16:01:57:be:a8:7f:68:0c:
                    c3:28:37:27:0e:8f:07:b7:08:61:f8:38:84:7b:a0:
                    55:d3:c6:5b:a6:19:8f:d3:a6:d1:8e:28:e5:97:ff:
                    86:b0:4a:d4:24:44:b4:7f:06:98:8f:67:1c:2b:ce:
                    67:0a:8c:6e:9f:de:23:2d:92:8d:9d:1a:cb:60:a7:
                    9c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:27:F7:16:01:39:C1:D9:8A:54:E1:2A:E3:81:44:61:4F:9D:53:22
            X509v3 Authority Key Identifier:
                keyid:A5:35:BF:24:50:57:37:41:F9:43:5E:94:82:10:16:A2:2E:6B:C1:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTW_JFBXN0H5Q16UghAWoi5rwUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f8d71-eec5-4d3d-a7a1-b032112051b1/1/pTW_JFBXN0H5Q16UghAWoi5rwUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:b5:d6:fa:1b:7d:f8:2b:0c:d9:cd:52:7b:c0:d4:a7:23:23:
         56:64:72:2e:82:fc:74:b0:62:b2:7f:bf:0e:5b:e8:03:2b:7b:
         5d:f7:73:db:ae:5e:b6:d1:9a:b6:d4:a8:7a:ed:53:7b:47:7e:
         a9:74:95:89:70:d1:63:7a:df:3d:50:44:62:60:95:4b:c9:73:
         9d:a2:72:1d:97:58:20:c4:97:19:a6:04:4a:29:61:25:b4:3c:
         79:68:d4:c7:53:5c:fb:cf:9c:48:2d:70:80:b3:4f:00:0a:78:
         39:b6:d7:60:4e:6f:53:cb:75:af:dc:b6:aa:ee:2d:75:ee:5d:
         98:fb:ba:bc:98:8e:14:36:00:55:95:8b:09:c2:b0:0b:36:08:
         fb:01:a0:57:00:38:dd:d0:06:f8:6a:f4:6f:f5:fd:3c:5a:5d:
         d4:58:8b:37:9e:ed:18:bb:6c:18:06:d5:25:2a:10:ec:4d:76:
         7f:b2:bf:1f:fb:90:38:df:3f:31:68:23:81:6b:c2:c8:f0:56:
         0a:29:47:b0:54:45:dd:9e:b9:f5:a9:5f:d2:c4:8b:a5:cc:28:
         39:01:0e:54:9c:d2:a1:bb:b8:69:4d:c0:f2:a6:9e:6d:bb:7e:
         f2:91:37:4f:77:23:41:52:c0:56:0b:58:98:29:1d:4c:31:d6:
         5b:0b:b6:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUW/YkM+sjYPMTy6SiIDa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzViZjI0NTA1NzM3NDFmOTQzNWU5NDgyMTAxNmEyMmU2
YmMxNDcwHhcNMjUwNDIwMTgwMDM0WhcNMjUwNDIxMTgwMDM0WjAzMTEwLwYDVQQD
Eyg3MTI3ZjcxNjAxMzljMWQ5OGE1NGUxMmFlMzgxNDQ2MTRmOWQ1MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4P8QdYbNYpVQ22VbzU5+9AUOyvfl
gbRQ+12B1e2TsPlj/rwf5oiZ6glsnAVC/VYLa8PyYtNLoGEh05JYs6Auhn7jXpOr
HXV7d64UPg6U5p7W46cBhlbq7AX9XNT7WMz3GoohllQKSmEtb0gp9nZvIYnEjMH5
lGBbAZDPOsDMNkAAr7/nZ2woyxK1LPl0fE/WqL9lMKSxffyBHETMhUfO6BK/Edyx
8vsMNZ8mDhKnn2rmMb0Lf2Bqy9+9FgFXvqh/aAzDKDcnDo8Htwhh+DiEe6BV08Zb
phmP06bRjijll/+GsErUJES0fwaYj2ccK85nCoxun94jLZKNnRrLYKec3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEn9xYBOcHZilThKuOBRGFPnVMiMB8GA1UdIwQY
MBaAFKU1vyRQVzdB+UNelIIQFqIua8FHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRXX0pGQlhOMEg1UTE2VWdoQVdvaTVyd1VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjhkNzEtZWVjNS00ZDNkLWE3YTEt
YjAzMjExMjA1MWIxLzEvcFRXX0pGQlhOMEg1UTE2VWdoQVdvaTVyd1VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjhkNzEtZWVjNS00ZDNkLWE3YTEtYjAzMjExMjA1MWIx
LzEvcFRXX0pGQlhOMEg1UTE2VWdoQVdvaTVyd1VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArXW+ht9
+CsM2c1Se8DUpyMjVmRyLoL8dLBisn+/DlvoAyt7Xfdz265ettGattSoeu1Te0d+
qXSViXDRY3rfPVBEYmCVS8lznaJyHZdYIMSXGaYESilhJbQ8eWjUx1Nc+8+cSC1w
gLNPAAp4ObbXYE5vU8t1r9y2qu4tde5dmPu6vJiOFDYAVZWLCcKwCzYI+wGgVwA4
3dAG+Gr0b/X9PFpd1FiLN57tGLtsGAbVJSoQ7E12f7K/H/uQON8/MWgjgWvCyPBW
CilHsFRF3Z659alf0sSLpcwoOQEOVJzSobu4aU3A8qaebbt+8pE3T3cjQVLAVgtY
mCkdTDHWWwu2Gg==
-----END CERTIFICATE-----