Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
File:                     BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft (raw, json)
Hash identifier:          gvxBvQcUD5LJiYw8Hb5OM+BO3+NuSoNIYE1kIDs9WJM=
Subject key identifier:   D8:6D:F2:DD:22:DB:35:0C:A8:C5:6E:7D:CB:B4:90:1B:47:0D:21:BF
Authority key identifier: 06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04
Certificate issuer:       /CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
Certificate serial:       01974E578AB3E0A3385F2616AA61E932CD32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
Manifest number:          0A47
Signing time:             Sun 08 Jun 2025 07:00:49 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:49 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:49 +0000
Files and hashes:         1: BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl (hash: Res3bD7v742gwvSS2+Zay04yi/Q5UaY1vbyZDSAwUQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:8a:b3:e0:a3:38:5f:26:16:aa:61:e9:32:cd:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
        Validity
            Not Before: Jun  8 07:00:49 2025 GMT
            Not After : Jun  9 07:00:49 2025 GMT
        Subject: CN=d86df2dd22db350ca8c56e7dcbb4901b470d21bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6a:34:84:9c:52:be:14:24:40:c9:84:b7:24:
                    17:13:39:71:eb:10:7e:88:30:54:1f:58:c6:89:92:
                    0f:6b:eb:22:d6:7e:09:ae:30:af:4e:1a:5d:b8:7b:
                    0e:65:5d:80:ee:44:42:ad:07:93:e2:0d:a7:d4:2b:
                    cc:8a:64:19:88:d3:c7:0e:02:c2:f1:8e:3b:65:24:
                    86:ef:69:ac:42:22:0b:90:f3:f1:9f:8c:c7:6c:58:
                    6c:d4:c6:69:c9:bc:ba:00:c3:e3:61:84:e5:ff:20:
                    7d:68:24:80:f0:e5:c7:07:fa:b8:1a:ee:72:2b:2a:
                    66:2e:b0:e1:b0:f9:43:1b:9a:17:3a:86:76:98:64:
                    29:55:e3:ce:a7:b2:12:82:d7:7f:d8:a0:2d:06:e0:
                    4a:36:aa:ba:94:05:3e:5c:d9:c6:a3:c5:55:d6:de:
                    1c:e9:89:6f:70:ab:53:11:bc:41:78:08:66:b8:14:
                    a0:29:c2:f6:ad:4d:96:3c:17:2d:f4:71:e1:9a:81:
                    0a:a8:44:74:b9:14:45:ab:ab:0b:0c:42:20:48:aa:
                    31:c0:8f:2a:5f:78:a2:7a:e5:b9:7f:5f:ca:fe:50:
                    69:8b:41:fb:5f:d2:e1:9e:80:38:20:39:db:92:33:
                    27:bd:47:35:e7:21:89:10:f3:70:ad:13:3b:0c:07:
                    81:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:6D:F2:DD:22:DB:35:0C:A8:C5:6E:7D:CB:B4:90:1B:47:0D:21:BF
            X509v3 Authority Key Identifier:
                keyid:06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:8d:95:01:b6:6d:aa:3e:5e:fd:07:16:85:97:16:da:32:9b:
         4c:90:b6:9f:2f:54:a8:75:a7:33:5a:27:20:5d:af:ef:19:b9:
         2c:2c:ce:5d:76:da:9b:50:64:d8:57:9c:7c:55:59:56:d7:34:
         0f:c9:93:23:e8:35:bf:19:c1:1b:64:1a:79:6e:74:d9:1a:ca:
         10:04:4f:a4:cc:ff:27:0a:af:b7:0b:4b:3d:36:a3:67:22:ae:
         4b:a3:11:03:2e:f8:9d:23:67:02:80:aa:74:e5:c5:63:55:25:
         14:f9:fe:2a:83:ba:74:85:1b:f2:f4:07:de:17:58:67:6c:ab:
         76:3d:57:3e:49:74:31:7c:d9:a7:62:b9:47:b1:c2:28:1a:5d:
         d9:0f:6b:21:d6:8a:3e:02:8c:fd:06:6f:75:d6:d5:44:27:e0:
         31:55:b2:93:90:5d:9e:f3:8e:4c:88:6d:92:c3:98:21:c9:fd:
         2f:13:f5:4d:33:89:d5:ae:ac:8f:5e:34:6a:05:c3:96:db:27:
         28:fd:03:55:66:05:41:7a:e8:5b:60:ec:73:8b:a8:0a:0f:b9:
         95:9c:a8:35:04:cd:8c:5b:28:b3:02:43:43:db:e9:38:a0:b8:
         4c:32:54:ef:6f:9f:99:81:b6:c9:1f:17:f1:a2:12:dc:af:2e:
         09:f1:19:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV4qz4KM4XyYWqmHpMs0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDE4ZTdiNTJiZDMyNjhhYTRkNWQzYWE1NzdmNDdkMGYx
ODc1MDQwHhcNMjUwNjA4MDcwMDQ5WhcNMjUwNjA5MDcwMDQ5WjAzMTEwLwYDVQQD
EyhkODZkZjJkZDIyZGIzNTBjYThjNTZlN2RjYmI0OTAxYjQ3MGQyMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWo0hJxSvhQkQMmEtyQXEzlx6xB+
iDBUH1jGiZIPa+si1n4JrjCvThpduHsOZV2A7kRCrQeT4g2n1CvMimQZiNPHDgLC
8Y47ZSSG72msQiILkPPxn4zHbFhs1MZpyby6AMPjYYTl/yB9aCSA8OXHB/q4Gu5y
KypmLrDhsPlDG5oXOoZ2mGQpVePOp7ISgtd/2KAtBuBKNqq6lAU+XNnGo8VV1t4c
6YlvcKtTEbxBeAhmuBSgKcL2rU2WPBct9HHhmoEKqER0uRRFq6sLDEIgSKoxwI8q
X3iieuW5f1/K/lBpi0H7X9LhnoA4IDnbkjMnvUc15yGJEPNwrRM7DAeBtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNht8t0i2zUMqMVufcu0kBtHDSG/MB8GA1UdIwQY
MBaAFAYBjntSvTJoqk1dOqV39H0PGHUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2Qt
MWQ5ZmU4YWExMmFiLzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2QtMWQ5ZmU4YWExMmFi
LzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv42VAbZt
qj5e/QcWhZcW2jKbTJC2ny9UqHWnM1onIF2v7xm5LCzOXXbam1Bk2FecfFVZVtc0
D8mTI+g1vxnBG2QaeW502RrKEARPpMz/JwqvtwtLPTajZyKuS6MRAy74nSNnAoCq
dOXFY1UlFPn+KoO6dIUb8vQH3hdYZ2yrdj1XPkl0MXzZp2K5R7HCKBpd2Q9rIdaK
PgKM/QZvddbVRCfgMVWyk5BdnvOOTIhtksOYIcn9LxP1TTOJ1a6sj140agXDltsn
KP0DVWYFQXroW2Dsc4uoCg+5lZyoNQTNjFsoswJDQ9vpOKC4TDJU72+fmYG2yR8X
8aIS3K8uCfEZjA==
-----END CERTIFICATE-----