Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
File:                     JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft (raw, json)
Hash identifier:          H7kzfW/DLaotOZXn8SGzDCXKvF3oVkZ/SSv3Qq8wJnA=
Subject key identifier:   01:72:0D:6A:D7:8C:00:72:63:6B:7D:C1:A5:F8:83:E6:9A:92:B1:42
Authority key identifier: 25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E
Certificate issuer:       /CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
Certificate serial:       01965538B6288255D881E1F47CDE8D13BDAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
Manifest number:          14F8
Signing time:             Sun 20 Apr 2025 22:01:42 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:42 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:42 +0000
Files and hashes:         1: JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl (hash: FRuZdcvyV7H0PA5cNcwR6wqjFI1wVPOuatOy7SgObrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:b6:28:82:55:d8:81:e1:f4:7c:de:8d:13:bd:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
        Validity
            Not Before: Apr 20 22:01:42 2025 GMT
            Not After : Apr 21 22:01:42 2025 GMT
        Subject: CN=01720d6ad78c0072636b7dc1a5f883e69a92b142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:b5:91:5c:48:b4:d1:c0:ec:03:9a:72:04:91:
                    a3:48:1c:26:fd:95:28:69:56:7b:de:80:75:18:db:
                    73:95:97:c1:73:2a:dc:84:6e:5e:7e:f0:d0:f8:ff:
                    1b:83:98:09:fc:0b:e6:a3:19:4d:ea:0a:17:e4:20:
                    20:e2:c5:2e:40:17:c8:41:4e:77:59:2e:42:d9:3b:
                    8b:13:2e:11:3a:d6:c7:ca:39:c7:ba:55:81:98:b7:
                    eb:d9:53:04:5b:59:60:e3:54:5a:54:43:8c:2a:ea:
                    56:5b:66:2c:0e:4b:32:e2:67:64:77:12:66:6e:ec:
                    4e:5a:21:32:89:03:f7:a5:ea:63:8a:06:f2:18:b5:
                    a4:0f:0c:0a:47:eb:24:b6:1b:1c:7b:44:e2:29:65:
                    b5:10:e1:89:f5:a6:57:2e:78:d1:cb:f2:43:7a:86:
                    d2:c0:3d:93:b5:21:34:b2:06:00:09:c6:87:bc:6e:
                    0e:3e:40:8c:14:b0:65:c3:f1:cf:7c:bc:ed:e6:0f:
                    75:f9:83:ad:f3:c3:64:85:a8:ed:97:69:c3:ec:e5:
                    3e:62:7f:87:54:f9:b1:ad:15:84:c9:bd:f4:38:a5:
                    f9:56:d7:57:14:25:90:4e:0d:ce:ba:45:e0:da:5e:
                    35:de:1a:9e:5a:d2:75:12:57:0c:5e:a3:95:3a:4d:
                    5e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:72:0D:6A:D7:8C:00:72:63:6B:7D:C1:A5:F8:83:E6:9A:92:B1:42
            X509v3 Authority Key Identifier:
                keyid:25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:0a:de:b6:49:f6:38:11:d7:83:6f:5b:a3:d1:fb:84:4f:c1:
         2f:ef:49:0e:ae:f9:3a:2a:1c:a0:22:0d:69:17:10:30:50:7e:
         f4:08:2f:bb:d8:ac:a0:0e:c1:de:29:47:53:37:3c:cf:72:94:
         fb:b6:91:2e:f9:18:0d:d3:09:89:5a:b0:00:fb:97:65:6b:9b:
         0a:99:87:76:80:a9:d0:05:1b:47:29:17:4d:43:10:03:c4:8f:
         fc:45:12:b6:e6:fa:78:9d:82:6a:9a:ec:93:3a:f5:5a:36:9b:
         34:7e:6a:cd:ce:bd:15:78:1e:19:78:3c:27:66:51:a4:e0:d8:
         e0:9e:a4:04:29:fd:8f:12:fa:c5:cc:ff:19:61:df:bb:2c:ec:
         fa:9a:15:b8:00:d9:d7:48:91:c5:56:e9:47:9b:41:57:20:f1:
         30:b1:b4:ff:0f:51:09:ea:ad:41:4c:b0:65:b9:ef:66:05:b1:
         3f:ba:5d:46:01:2e:d3:e1:4c:57:04:ff:a1:39:80:d1:32:de:
         9d:6c:8e:7b:b4:e9:ea:c1:a7:54:6d:68:d3:b4:a3:1c:3e:95:
         6e:88:3d:31:62:c5:09:3e:f6:57:ce:6b:3b:e3:28:fc:e0:3b:
         d9:96:38:c4:21:84:2f:5e:0c:36:c6:54:4a:7b:90:e3:60:13:
         27:4d:6c:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOLYoglXYgeH0fN6NE72vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmE4Nzk1ZjNlN2UyZDJjN2M5MGYxYzM2NjZjZjdmOTI4
M2RhOWUwHhcNMjUwNDIwMjIwMTQyWhcNMjUwNDIxMjIwMTQyWjAzMTEwLwYDVQQD
EygwMTcyMGQ2YWQ3OGMwMDcyNjM2YjdkYzFhNWY4ODNlNjlhOTJiMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LWRXEi00cDsA5pyBJGjSBwm/ZUo
aVZ73oB1GNtzlZfBcyrchG5efvDQ+P8bg5gJ/AvmoxlN6goX5CAg4sUuQBfIQU53
WS5C2TuLEy4ROtbHyjnHulWBmLfr2VMEW1lg41RaVEOMKupWW2YsDksy4mdkdxJm
buxOWiEyiQP3pepjigbyGLWkDwwKR+skthsce0TiKWW1EOGJ9aZXLnjRy/JDeobS
wD2TtSE0sgYACcaHvG4OPkCMFLBlw/HPfLzt5g91+YOt88Nkhajtl2nD7OU+Yn+H
VPmxrRWEyb30OKX5VtdXFCWQTg3OukXg2l413hqeWtJ1ElcMXqOVOk1eewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFyDWrXjAByY2t9waX4g+aakrFCMB8GA1UdIwQY
MBaAFCW6h5Xz5+LSx8kPHDZmz3+Sg9qeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMt
NGVkZGJlYjgzODdiLzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMtNGVkZGJlYjgzODdi
LzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAegretkn2
OBHXg29bo9H7hE/BL+9JDq75OiocoCINaRcQMFB+9Agvu9isoA7B3ilHUzc8z3KU
+7aRLvkYDdMJiVqwAPuXZWubCpmHdoCp0AUbRykXTUMQA8SP/EUStub6eJ2Caprs
kzr1WjabNH5qzc69FXgeGXg8J2ZRpODY4J6kBCn9jxL6xcz/GWHfuyzs+poVuADZ
10iRxVbpR5tBVyDxMLG0/w9RCeqtQUywZbnvZgWxP7pdRgEu0+FMVwT/oTmA0TLe
nWyOe7Tp6sGnVG1o07SjHD6Vbog9MWLFCT72V85rO+Mo/OA72ZY4xCGEL14MNsZU
SnuQ42ATJ01sHQ==
-----END CERTIFICATE-----