Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
File:                     BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft (raw, json)
Hash identifier:          ov/OltBArc+Mlm/h+EvSCig5vZ7Jnsmbzejcxk7o/wo=
Subject key identifier:   7B:72:5E:23:B7:75:08:0C:1D:9E:30:C9:6C:86:FB:6F:43:A1:63:18
Authority key identifier: 06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04
Certificate issuer:       /CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
Certificate serial:       01965349BA3FB2A387E8A9587ECDE80F7D46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
Manifest number:          09C5
Signing time:             Sun 20 Apr 2025 13:01:02 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:02 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:02 +0000
Files and hashes:         1: BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl (hash: YR1cTSlWkuGmW9MOvYQ1Q3+gkZZpP2WhYz9HnEihsxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:ba:3f:b2:a3:87:e8:a9:58:7e:cd:e8:0f:7d:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
        Validity
            Not Before: Apr 20 13:01:02 2025 GMT
            Not After : Apr 21 13:01:02 2025 GMT
        Subject: CN=7b725e23b775080c1d9e30c96c86fb6f43a16318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d1:b4:61:cc:cb:6c:79:e2:9a:a5:af:16:14:
                    ca:8e:7a:3c:b5:1f:1a:f0:b1:52:01:1d:47:25:f3:
                    eb:a7:ec:94:7a:f0:55:09:38:ae:6f:c1:94:d0:a2:
                    14:2b:82:74:d1:d1:c5:23:9d:0f:fe:57:8d:f1:3d:
                    23:4d:b0:9e:06:bb:d5:88:21:6c:d3:19:3c:b6:61:
                    87:05:cd:d8:49:ef:fa:ef:92:7e:1c:9b:c5:1c:30:
                    5a:7a:17:84:55:7f:84:b8:75:73:ca:19:33:5d:f3:
                    86:40:7a:57:52:80:bc:9e:f8:ac:42:82:75:5d:35:
                    c5:85:0a:3c:e3:6a:b8:c2:9f:44:e4:a5:41:e5:95:
                    93:7b:14:cc:aa:db:ee:fa:70:e0:af:49:67:f5:6f:
                    2f:f5:ee:17:e2:94:eb:cd:6a:bc:28:19:28:a4:a5:
                    05:30:71:4e:7b:6e:3c:6c:7c:34:27:7a:90:bb:15:
                    b7:c7:9f:4c:db:21:de:8c:f3:71:d5:15:a1:1e:8f:
                    0b:a2:a4:c2:a0:4b:d4:c1:dd:69:8a:16:00:c1:db:
                    80:4f:91:61:a3:aa:88:30:ba:7f:f4:b5:aa:d3:6e:
                    e3:3f:24:93:d0:e7:86:8f:af:ce:42:b1:76:87:1a:
                    70:f5:d9:0b:43:9a:8c:f9:8a:37:27:ce:74:c0:be:
                    1f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:72:5E:23:B7:75:08:0C:1D:9E:30:C9:6C:86:FB:6F:43:A1:63:18
            X509v3 Authority Key Identifier:
                keyid:06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:72:08:f0:3a:6a:e0:ea:60:81:a0:b3:68:09:26:19:fc:83:
         b7:62:c8:2b:1c:3f:f4:47:0a:a9:56:eb:58:9b:62:ea:2b:35:
         b4:6b:0f:7f:31:a7:81:4f:0a:92:e3:a3:c7:55:47:88:96:4d:
         09:16:d2:9e:5e:92:ab:22:33:0f:35:92:2c:bd:c7:32:c3:59:
         7f:6d:31:e7:00:4c:b9:4a:02:f0:07:1e:0e:09:0e:d9:62:a6:
         c5:6d:0d:80:9f:e6:2a:f6:d9:f2:64:cd:16:00:bd:85:e6:31:
         2e:38:d7:da:ac:6c:59:10:f0:92:14:e2:7f:1c:ef:a9:cc:04:
         f4:a1:4d:b3:ef:dc:51:29:91:24:1f:c9:a3:df:52:bd:13:12:
         64:a1:21:ff:19:29:ed:28:8c:56:df:1e:5b:e2:61:a9:f8:3c:
         8c:90:bc:80:38:50:99:cd:5e:40:07:51:9c:42:d7:7b:65:be:
         14:13:e5:ce:38:4e:f4:81:07:db:80:b8:70:3e:db:9f:64:73:
         9a:fd:f1:4d:01:8f:13:ec:c0:f4:74:3a:47:20:3a:40:ca:ea:
         c8:62:66:e4:da:83:d5:56:63:27:53:48:f9:e4:b3:74:3b:99:
         2d:a9:2e:8b:ac:91:83:20:1b:d1:cf:a5:1b:d0:c3:4a:8a:9e:
         48:9e:12:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSbo/sqOH6KlYfs3oD31GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDE4ZTdiNTJiZDMyNjhhYTRkNWQzYWE1NzdmNDdkMGYx
ODc1MDQwHhcNMjUwNDIwMTMwMTAyWhcNMjUwNDIxMTMwMTAyWjAzMTEwLwYDVQQD
Eyg3YjcyNWUyM2I3NzUwODBjMWQ5ZTMwYzk2Yzg2ZmI2ZjQzYTE2MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtG0YczLbHnimqWvFhTKjno8tR8a
8LFSAR1HJfPrp+yUevBVCTiub8GU0KIUK4J00dHFI50P/leN8T0jTbCeBrvViCFs
0xk8tmGHBc3YSe/675J+HJvFHDBaeheEVX+EuHVzyhkzXfOGQHpXUoC8nvisQoJ1
XTXFhQo842q4wp9E5KVB5ZWTexTMqtvu+nDgr0ln9W8v9e4X4pTrzWq8KBkopKUF
MHFOe248bHw0J3qQuxW3x59M2yHejPNx1RWhHo8LoqTCoEvUwd1pihYAwduAT5Fh
o6qIMLp/9LWq027jPyST0OeGj6/OQrF2hxpw9dkLQ5qM+Yo3J850wL4fyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtyXiO3dQgMHZ4wyWyG+29DoWMYMB8GA1UdIwQY
MBaAFAYBjntSvTJoqk1dOqV39H0PGHUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2Qt
MWQ5ZmU4YWExMmFiLzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2QtMWQ5ZmU4YWExMmFi
LzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2nII8Dpq
4OpggaCzaAkmGfyDt2LIKxw/9EcKqVbrWJti6is1tGsPfzGngU8KkuOjx1VHiJZN
CRbSnl6SqyIzDzWSLL3HMsNZf20x5wBMuUoC8AceDgkO2WKmxW0NgJ/mKvbZ8mTN
FgC9heYxLjjX2qxsWRDwkhTifxzvqcwE9KFNs+/cUSmRJB/Jo99SvRMSZKEh/xkp
7SiMVt8eW+Jhqfg8jJC8gDhQmc1eQAdRnELXe2W+FBPlzjhO9IEH24C4cD7bn2Rz
mv3xTQGPE+zA9HQ6RyA6QMrqyGJm5NqD1VZjJ1NI+eSzdDuZLakui6yRgyAb0c+l
G9DDSoqeSJ4SGQ==
-----END CERTIFICATE-----