Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
File:                     8VzG8-5-0llTHW0Izp4JNztxYGI.mft (raw, json)
Hash identifier:          5PvQMrefL66vz2kCVPa0zsLRy3+mqIRba969PeDiSJQ=
Subject key identifier:   34:AA:24:F8:39:68:64:72:2C:1E:C7:15:F2:A2:4E:D2:AF:26:65:4C
Authority key identifier: F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62
Certificate issuer:       /CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
Certificate serial:       01965BA795827D3AC9D62BCCD43F826AC597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
Manifest number:          029E
Signing time:             Tue 22 Apr 2025 04:00:31 +0000
Manifest this update:     Tue 22 Apr 2025 04:00:31 +0000
Manifest next update:     Wed 23 Apr 2025 04:00:31 +0000
Files and hashes:         1: 8VzG8-5-0llTHW0Izp4JNztxYGI.crl (hash: hNNrUnjwEfvjj8SliTg8WTjlWmdGo+syz5QCA30gmB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:a7:95:82:7d:3a:c9:d6:2b:cc:d4:3f:82:6a:c5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
        Validity
            Not Before: Apr 22 04:00:31 2025 GMT
            Not After : Apr 23 04:00:31 2025 GMT
        Subject: CN=34aa24f8396864722c1ec715f2a24ed2af26654c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7c:10:60:f0:1d:c5:7b:1e:e1:71:19:ca:23:
                    d9:dd:e6:a4:e8:e8:c6:89:17:be:2f:91:d4:7a:9d:
                    70:dd:b5:0a:38:a5:2d:07:26:3b:4f:80:56:ec:06:
                    64:a2:bf:fb:4b:43:e5:61:6e:06:3e:81:be:d6:96:
                    98:08:a4:b9:3a:6d:32:83:b2:57:61:19:81:ec:ec:
                    bf:1b:9f:58:20:3e:4f:62:85:ee:83:f2:7b:70:dc:
                    87:ff:0f:19:3f:a3:0d:3f:4b:5d:7e:fb:76:79:d2:
                    5d:33:02:ef:77:76:af:dc:24:ee:d4:15:28:b5:32:
                    7e:97:89:cf:d1:5b:d7:e1:65:88:fb:ae:e4:a5:6c:
                    f6:d5:6a:48:91:1b:69:9f:6a:cd:7f:4e:af:fd:ef:
                    c5:17:5a:93:0f:e7:f3:ac:14:5b:40:8a:c0:43:dc:
                    3f:99:2b:e8:f0:82:d2:53:f4:95:99:07:dc:43:0e:
                    f8:c6:40:96:f6:b3:62:ee:f4:a5:1a:9c:a1:28:bf:
                    92:40:49:d2:0f:3a:59:45:8a:e3:1f:89:cf:cd:92:
                    39:9e:89:7a:ae:b3:ae:87:67:25:74:e8:f0:14:cc:
                    db:b5:cf:68:d4:a8:61:17:47:d5:35:67:6d:10:46:
                    29:d5:2c:bb:a5:1e:58:d5:f3:49:6e:ad:92:b1:2d:
                    64:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:AA:24:F8:39:68:64:72:2C:1E:C7:15:F2:A2:4E:D2:AF:26:65:4C
            X509v3 Authority Key Identifier:
                keyid:F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:a7:06:73:b1:f1:02:ab:b7:23:07:de:e3:98:2c:e0:9d:f7:
         42:90:9f:4b:00:66:1d:ca:e0:b7:7c:69:79:1b:01:7c:bd:2b:
         e7:0c:ce:6a:73:d6:a6:25:65:52:a9:8a:5f:44:61:d7:b1:98:
         e4:79:45:bf:8b:1b:42:fa:6a:f7:73:57:d3:5b:a0:03:c2:a0:
         fd:3e:ab:3e:79:09:b3:6d:a9:8f:e1:3f:cf:e3:f9:99:3f:0f:
         d6:e0:4a:7a:ae:c2:97:01:8c:8d:28:11:ad:d0:4f:36:8d:e5:
         d0:f8:1d:fa:2f:f0:28:1e:a2:da:cb:09:d0:62:75:39:61:af:
         de:28:21:b9:06:db:09:8e:41:1b:ec:08:f4:2b:7b:67:1f:be:
         54:ac:9c:ff:d7:ee:33:ec:11:b1:f6:4b:34:f9:80:bc:10:80:
         bf:b9:a0:dd:7c:e4:9d:7c:0f:d6:77:33:d6:e8:ba:99:6a:ea:
         ea:b6:5d:79:94:c8:71:0c:a8:7c:59:68:de:e7:0c:84:5f:e1:
         23:cc:0c:22:a9:75:76:18:4e:c1:b6:ab:fc:1f:69:a0:64:d4:
         56:1a:8c:08:f5:b7:d8:99:fd:3b:95:52:ac:0c:97:ed:67:c0:
         87:ae:53:ea:d5:0a:50:bd:75:59:cc:d0:ac:20:5c:cf:99:2f:
         5a:ee:b6:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbp5WCfTrJ1ivM1D+CasWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNWNjNmYzZWU3ZWQyNTk1MzFkNmQwOGNlOWUwOTM3M2I3
MTYwNjIwHhcNMjUwNDIyMDQwMDMxWhcNMjUwNDIzMDQwMDMxWjAzMTEwLwYDVQQD
EygzNGFhMjRmODM5Njg2NDcyMmMxZWM3MTVmMmEyNGVkMmFmMjY2NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnwQYPAdxXse4XEZyiPZ3eak6OjG
iRe+L5HUep1w3bUKOKUtByY7T4BW7AZkor/7S0PlYW4GPoG+1paYCKS5Om0yg7JX
YRmB7Oy/G59YID5PYoXug/J7cNyH/w8ZP6MNP0tdfvt2edJdMwLvd3av3CTu1BUo
tTJ+l4nP0VvX4WWI+67kpWz21WpIkRtpn2rNf06v/e/FF1qTD+fzrBRbQIrAQ9w/
mSvo8ILSU/SVmQfcQw74xkCW9rNi7vSlGpyhKL+SQEnSDzpZRYrjH4nPzZI5nol6
rrOuh2cldOjwFMzbtc9o1KhhF0fVNWdtEEYp1Sy7pR5Y1fNJbq2SsS1kxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSqJPg5aGRyLB7HFfKiTtKvJmVMMB8GA1UdIwQY
MBaAFPFcxvPuftJZUx1tCM6eCTc7cWBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgt
NjkxZWU0MWE2MDE0LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgtNjkxZWU0MWE2MDE0
LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6cGc7Hx
Aqu3Iwfe45gs4J33QpCfSwBmHcrgt3xpeRsBfL0r5wzOanPWpiVlUqmKX0Rh17GY
5HlFv4sbQvpq93NX01ugA8Kg/T6rPnkJs22pj+E/z+P5mT8P1uBKeq7ClwGMjSgR
rdBPNo3l0Pgd+i/wKB6i2ssJ0GJ1OWGv3ighuQbbCY5BG+wI9Ct7Zx++VKyc/9fu
M+wRsfZLNPmAvBCAv7mg3XzknXwP1ncz1ui6mWrq6rZdeZTIcQyofFlo3ucMhF/h
I8wMIql1dhhOwbar/B9poGTUVhqMCPW32Jn9O5VSrAyX7WfAh65T6tUKUL11WczQ
rCBcz5kvWu62iA==
-----END CERTIFICATE-----