Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
File:                     jDzPk_fIB93gQgrVSGrinrXcdfk.mft (raw, json)
Hash identifier:          uKIJIM0PyDbJYlcHwgS+HLwFZ0d4T/jva+Uv78apuZI=
Subject key identifier:   97:DD:77:1C:A9:F8:86:A5:DF:EB:AB:DE:8C:43:D5:63:57:BA:90:B3
Authority key identifier: 8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9
Certificate issuer:       /CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
Certificate serial:       019653EEA3D7AEF07FF1AD6ADC2297F983C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
Manifest number:          1500
Signing time:             Sun 20 Apr 2025 16:01:10 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:10 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:10 +0000
Files and hashes:         1: jDzPk_fIB93gQgrVSGrinrXcdfk.crl (hash: WWrZL746XxlZfvjjtRQ/KBtP4+Cuy3XuZ8vSxrcnMFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:a3:d7:ae:f0:7f:f1:ad:6a:dc:22:97:f9:83:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c3ccf93f7c807dde0420ad5486ae29eb5dc75f9
        Validity
            Not Before: Apr 20 16:01:10 2025 GMT
            Not After : Apr 21 16:01:10 2025 GMT
        Subject: CN=97dd771ca9f886a5dfebabde8c43d56357ba90b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:84:1a:61:e3:19:e0:3d:86:1a:5b:52:e9:af:
                    ea:58:1f:eb:08:3e:5e:65:bc:05:0b:d8:85:98:95:
                    14:bf:2e:75:3c:ca:32:03:94:76:6f:60:a4:51:95:
                    93:77:c6:87:8c:fb:0d:41:06:c9:60:5c:15:a2:1d:
                    36:08:06:88:a3:4c:d8:00:5b:d0:39:f0:ac:99:83:
                    fb:4f:94:0b:a0:d5:ca:3c:e1:26:4d:d6:86:56:f4:
                    36:22:1e:5a:60:7e:96:16:9f:94:79:de:68:61:aa:
                    f6:52:5f:85:d6:ac:4e:ed:c8:12:ac:1e:4f:3e:27:
                    35:a3:bf:82:55:1e:8a:6b:be:6b:a8:34:0b:2a:51:
                    39:9b:7e:1e:56:db:6c:e9:43:4c:38:37:26:9a:e6:
                    b7:18:4b:f0:34:64:37:b9:be:cf:ee:d5:6a:55:41:
                    51:9f:11:5f:1b:3e:1d:bb:24:73:a7:21:73:3d:76:
                    f3:b5:5a:f0:4e:ff:ad:fc:36:d9:60:c5:a0:ef:9a:
                    c6:b1:dc:c2:f5:c8:71:60:01:b3:f1:3c:e2:9e:fd:
                    b8:d3:53:8a:4a:09:bd:57:f9:d2:60:7d:ce:f7:e6:
                    10:dd:94:27:c6:10:c9:a4:9b:55:0d:88:40:ca:36:
                    e3:25:93:fc:82:0c:db:02:7d:02:de:30:02:dd:16:
                    85:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:DD:77:1C:A9:F8:86:A5:DF:EB:AB:DE:8C:43:D5:63:57:BA:90:B3
            X509v3 Authority Key Identifier:
                keyid:8C:3C:CF:93:F7:C8:07:DD:E0:42:0A:D5:48:6A:E2:9E:B5:DC:75:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDzPk_fIB93gQgrVSGrinrXcdfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1834ac-2030-441f-82e2-681dbff8515e/1/jDzPk_fIB93gQgrVSGrinrXcdfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:98:a6:f0:a3:54:a6:09:d3:8d:c7:6f:ab:73:5d:17:52:bd:
         1c:44:6f:cf:e5:87:22:18:1a:00:09:50:08:09:05:7b:f8:07:
         5c:ee:11:50:8d:b2:64:db:14:67:c5:3b:1c:09:98:16:b4:8e:
         62:51:1e:41:73:b0:9b:32:9f:dd:82:c8:b6:7f:f6:fb:c3:d6:
         62:f0:a7:63:08:35:bb:55:3e:8e:3b:80:66:da:06:26:d2:2b:
         ad:91:3d:2b:b7:ba:ce:59:9c:ad:f9:b7:c0:b8:3a:da:6c:cc:
         5b:00:2b:3e:29:c5:ce:5c:01:3c:d1:18:74:37:e7:dd:32:d3:
         83:c1:08:2d:ea:8e:c6:fd:eb:02:88:6e:0d:cc:69:ce:68:47:
         2c:c2:4c:df:0a:a4:6b:e9:e1:72:15:3a:a7:b4:db:99:34:d3:
         ae:5a:40:8c:6f:49:54:65:e4:50:77:08:a2:17:bf:3c:37:0f:
         a4:76:f0:f0:ae:be:4c:61:1a:2d:f9:6f:f8:b5:9e:ad:6a:d1:
         30:ed:f2:aa:b9:c5:6b:dc:b3:f8:69:d0:c9:88:33:03:13:74:
         e3:89:4c:66:c7:9f:92:9f:fc:16:8e:6a:66:10:ba:48:19:f2:
         1c:69:b8:e6:79:64:93:d7:e4:a8:ef:83:00:64:84:59:06:ae:
         07:79:2e:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7qPXrvB/8a1q3CKX+YPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjM2NjZjkzZjdjODA3ZGRlMDQyMGFkNTQ4NmFlMjllYjVk
Yzc1ZjkwHhcNMjUwNDIwMTYwMTEwWhcNMjUwNDIxMTYwMTEwWjAzMTEwLwYDVQQD
Eyg5N2RkNzcxY2E5Zjg4NmE1ZGZlYmFiZGU4YzQzZDU2MzU3YmE5MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4QaYeMZ4D2GGltS6a/qWB/rCD5e
ZbwFC9iFmJUUvy51PMoyA5R2b2CkUZWTd8aHjPsNQQbJYFwVoh02CAaIo0zYAFvQ
OfCsmYP7T5QLoNXKPOEmTdaGVvQ2Ih5aYH6WFp+Ued5oYar2Ul+F1qxO7cgSrB5P
Pic1o7+CVR6Ka75rqDQLKlE5m34eVtts6UNMODcmmua3GEvwNGQ3ub7P7tVqVUFR
nxFfGz4duyRzpyFzPXbztVrwTv+t/DbZYMWg75rGsdzC9chxYAGz8Tzinv2401OK
Sgm9V/nSYH3O9+YQ3ZQnxhDJpJtVDYhAyjbjJZP8ggzbAn0C3jAC3RaFVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfddxyp+Ial3+ur3oxD1WNXupCzMB8GA1UdIwQY
MBaAFIw8z5P3yAfd4EIK1Uhq4p613HX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTIt
NjgxZGJmZjg1MTVlLzEvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xODM0YWMtMjAzMC00NDFmLTgyZTItNjgxZGJmZjg1MTVl
LzEvakR6UGtfZklCOTNnUWdyVlNHcmluclhjZGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpim8KNU
pgnTjcdvq3NdF1K9HERvz+WHIhgaAAlQCAkFe/gHXO4RUI2yZNsUZ8U7HAmYFrSO
YlEeQXOwmzKf3YLItn/2+8PWYvCnYwg1u1U+jjuAZtoGJtIrrZE9K7e6zlmcrfm3
wLg62mzMWwArPinFzlwBPNEYdDfn3TLTg8EILeqOxv3rAohuDcxpzmhHLMJM3wqk
a+nhchU6p7TbmTTTrlpAjG9JVGXkUHcIohe/PDcPpHbw8K6+TGEaLflv+LWerWrR
MO3yqrnFa9yz+GnQyYgzAxN044lMZsefkp/8Fo5qZhC6SBnyHGm45nlkk9fkqO+D
AGSEWQauB3ku5Q==
-----END CERTIFICATE-----