Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          VXkWWr4n/O1Ij/gWIq2usr5quvPzwuk285PRFFn+bAc=
Subject key identifier:   CD:F6:83:CA:C6:6D:27:90:72:D9:99:42:EC:90:00:45:BD:21:BE:21
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       01965726C7D693D6A556859778165D8C382D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0590
Signing time:             Mon 21 Apr 2025 07:01:21 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:21 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:21 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: /ADbI3FztV/ymbLUDxuJM7Fg+I5OiHjDPiCMKAn7Wh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:c7:d6:93:d6:a5:56:85:97:78:16:5d:8c:38:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Apr 21 07:01:21 2025 GMT
            Not After : Apr 22 07:01:21 2025 GMT
        Subject: CN=cdf683cac66d279072d99942ec900045bd21be21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:28:0a:aa:c1:43:bf:db:98:e4:c8:fc:f8:02:
                    3e:56:30:59:d4:6e:db:e9:85:22:96:41:06:50:af:
                    c7:b1:6b:7f:0c:27:db:5c:04:3e:3f:a9:00:17:1f:
                    44:9b:4f:f9:73:c9:8f:04:b2:79:7b:af:ca:00:da:
                    97:cb:57:f9:c4:f1:f7:07:91:00:16:94:3a:9e:ef:
                    2f:75:fa:94:08:5c:de:3e:88:d1:ea:24:0f:47:8e:
                    1e:6a:66:0e:03:f8:c3:6e:fa:46:f0:8b:9c:5d:5c:
                    a3:56:4f:db:ad:50:6b:7e:72:c0:99:79:21:f8:6e:
                    2a:9e:b6:bd:e5:87:bb:07:ec:00:ba:b1:bd:a8:43:
                    6a:fa:82:05:ca:d8:b8:60:11:b9:6f:7e:9f:82:38:
                    cf:5e:90:14:db:0f:d7:58:a6:76:e0:ce:a1:61:24:
                    a3:00:c2:1b:c2:3f:5d:c6:28:c8:a8:9c:31:6f:6c:
                    80:66:57:b5:9c:63:0d:d5:9f:cd:43:2d:e4:c9:99:
                    16:2a:4d:72:e4:8f:09:8d:6b:f7:94:83:f5:d6:1e:
                    c1:b3:4a:46:bd:d3:43:06:50:f0:9c:15:c5:a0:9f:
                    e1:da:85:9b:65:d1:f1:2f:68:fd:6b:08:71:3a:a6:
                    88:de:e1:f2:b8:b9:7e:8f:81:ef:d4:12:b5:c8:1d:
                    1e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:F6:83:CA:C6:6D:27:90:72:D9:99:42:EC:90:00:45:BD:21:BE:21
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:c0:03:f9:dd:d7:48:c0:f3:58:62:7b:11:62:47:1c:70:9f:
         c7:c2:e3:9a:ab:b3:82:07:26:31:57:1c:30:27:7c:f1:bb:3f:
         b5:47:fd:90:bb:93:eb:14:f6:9e:e2:39:34:5c:36:08:20:8a:
         99:78:bf:3a:34:f3:93:6f:5e:40:65:87:c4:de:a2:e9:a6:03:
         a4:26:8a:38:45:7a:42:5f:98:f3:a1:38:5d:e4:81:f6:cb:e2:
         62:75:64:ea:67:94:e7:b0:71:1f:7c:6c:09:74:32:e4:53:05:
         a3:f8:88:c5:88:8a:a8:cd:de:48:25:85:97:62:0e:fb:53:e6:
         54:0f:d5:8e:e5:9f:3d:6b:3d:80:2d:ba:69:6d:44:bd:7e:10:
         31:00:2f:78:f0:37:b9:f0:3c:11:4b:71:fb:9e:43:1f:d9:ee:
         90:57:f5:ce:6d:02:93:a6:4b:cc:20:d7:68:59:c4:e0:5f:3f:
         82:d3:1f:0d:7c:2d:61:a9:8e:34:b8:2b:b1:ca:30:71:82:52:
         b1:d0:27:f4:ac:21:f0:a1:b6:5f:5e:cc:9a:fa:3b:a0:0e:2e:
         cc:13:af:88:79:75:35:bf:bc:12:15:8a:6f:12:57:11:f6:5f:
         96:96:48:c5:88:ee:9f:07:98:18:6e:22:98:7b:41:e7:0e:d2:
         4c:71:22:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJsfWk9alVoWXeBZdjDgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwNDIxMDcwMTIxWhcNMjUwNDIyMDcwMTIxWjAzMTEwLwYDVQQD
EyhjZGY2ODNjYWM2NmQyNzkwNzJkOTk5NDJlYzkwMDA0NWJkMjFiZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCgKqsFDv9uY5Mj8+AI+VjBZ1G7b
6YUilkEGUK/HsWt/DCfbXAQ+P6kAFx9Em0/5c8mPBLJ5e6/KANqXy1f5xPH3B5EA
FpQ6nu8vdfqUCFzePojR6iQPR44eamYOA/jDbvpG8IucXVyjVk/brVBrfnLAmXkh
+G4qnra95Ye7B+wAurG9qENq+oIFyti4YBG5b36fgjjPXpAU2w/XWKZ24M6hYSSj
AMIbwj9dxijIqJwxb2yAZle1nGMN1Z/NQy3kyZkWKk1y5I8JjWv3lIP11h7Bs0pG
vdNDBlDwnBXFoJ/h2oWbZdHxL2j9awhxOqaI3uHyuLl+j4Hv1BK1yB0e7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM32g8rGbSeQctmZQuyQAEW9Ib4hMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8AD+d3X
SMDzWGJ7EWJHHHCfx8LjmquzggcmMVccMCd88bs/tUf9kLuT6xT2nuI5NFw2CCCK
mXi/OjTzk29eQGWHxN6i6aYDpCaKOEV6Ql+Y86E4XeSB9sviYnVk6meU57BxH3xs
CXQy5FMFo/iIxYiKqM3eSCWFl2IO+1PmVA/VjuWfPWs9gC26aW1EvX4QMQAvePA3
ufA8EUtx+55DH9nukFf1zm0Ck6ZLzCDXaFnE4F8/gtMfDXwtYamONLgrscowcYJS
sdAn9Kwh8KG2X17Mmvo7oA4uzBOviHl1Nb+8EhWKbxJXEfZflpZIxYjunweYGG4i
mHtB5w7STHEiVg==
-----END CERTIFICATE-----