Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.mft
File:                     pyiF7ybebTsiYKtj0sXKD4Y33wM.mft (raw, json)
Hash identifier:          7FDkes2iDf2TZCke7nhs110vWVc0AG+I0WF1XnBF7lY=
Subject key identifier:   7D:CC:CF:2A:EA:E1:02:DD:47:85:6C:58:3C:58:BB:7C:56:01:26:AD
Authority key identifier: A7:28:85:EF:26:DE:6D:3B:22:60:AB:63:D2:C5:CA:0F:86:37:DF:03
Certificate issuer:       /CN=a72885ef26de6d3b2260ab63d2c5ca0f8637df03
Certificate serial:       019649A24645D998620EEEA50238B55740B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pyiF7ybebTsiYKtj0sXKD4Y33wM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.mft
Manifest number:          140B
Signing time:             Fri 18 Apr 2025 16:01:33 +0000
Manifest this update:     Fri 18 Apr 2025 16:01:33 +0000
Manifest next update:     Sat 19 Apr 2025 16:01:33 +0000
Files and hashes:         1: pyiF7ybebTsiYKtj0sXKD4Y33wM.crl (hash: P1k9VAnNCg/OPRyypm1oyDgKkoj0AVNiB4qfaPshKdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pyiF7ybebTsiYKtj0sXKD4Y33wM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a2:46:45:d9:98:62:0e:ee:a5:02:38:b5:57:40:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a72885ef26de6d3b2260ab63d2c5ca0f8637df03
        Validity
            Not Before: Apr 18 16:01:33 2025 GMT
            Not After : Apr 19 16:01:33 2025 GMT
        Subject: CN=7dcccf2aeae102dd47856c583c58bb7c560126ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:45:21:fa:e4:bf:ff:4b:ee:f8:f8:4b:7c:f5:
                    0c:43:42:fc:88:dd:e4:e4:ca:d0:38:2f:e0:9d:02:
                    15:ac:be:a2:f4:0f:9c:36:28:5e:39:f0:76:22:b7:
                    15:42:ca:41:23:23:f7:77:75:b0:b5:e2:9c:1a:1f:
                    cb:90:7b:fb:fc:93:b2:d3:06:53:de:0a:b0:fc:eb:
                    03:f4:3e:8f:49:29:25:76:c9:47:e3:e2:ac:5f:35:
                    a6:fa:21:9a:4e:9a:80:1e:fb:bf:6b:be:b2:a6:49:
                    8c:24:67:fa:ef:b1:f0:7f:c4:b2:b3:b3:e0:9b:10:
                    a6:31:05:4c:53:8a:61:be:c8:87:dc:c6:b9:a2:ee:
                    d4:45:27:a9:fc:0d:d1:1a:75:2c:b6:0b:57:ce:b4:
                    c3:a7:46:dc:61:cf:06:61:b0:75:94:e1:2d:36:42:
                    8d:b3:81:ca:24:48:c9:79:39:ed:12:ea:32:2f:6a:
                    80:a5:ad:88:20:e6:c6:e2:d6:3c:e9:86:63:d8:d9:
                    5a:4d:a5:b4:b1:51:7a:22:08:ff:c4:20:4f:40:14:
                    51:9f:d2:99:88:48:92:64:09:e7:7b:45:94:cf:88:
                    a7:d2:82:77:72:87:b3:da:68:bd:37:c1:58:9d:85:
                    79:18:be:db:2c:9a:cb:61:5f:99:8e:aa:27:f1:76:
                    dd:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:CC:CF:2A:EA:E1:02:DD:47:85:6C:58:3C:58:BB:7C:56:01:26:AD
            X509v3 Authority Key Identifier:
                keyid:A7:28:85:EF:26:DE:6D:3B:22:60:AB:63:D2:C5:CA:0F:86:37:DF:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pyiF7ybebTsiYKtj0sXKD4Y33wM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ed259b-d7bf-4de4-bbf0-0e7180f9874d/1/pyiF7ybebTsiYKtj0sXKD4Y33wM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:07:46:54:f5:21:36:f0:8c:6b:50:c2:9b:b1:be:dc:dc:38:
         26:41:2c:4b:04:8a:8b:a8:98:6b:75:25:4a:06:e8:f1:68:e6:
         ef:28:d0:dd:ff:7f:10:54:2d:00:d0:6b:dc:ac:ac:06:3d:2b:
         d8:3a:85:7d:2a:51:93:e6:db:a1:c8:41:ea:4c:6f:bd:0c:be:
         f5:4c:1e:45:45:9a:96:4b:3b:ee:df:86:28:e0:f2:01:aa:f0:
         e6:32:9c:51:f8:db:2b:ae:92:f3:5a:b3:cf:b7:dc:bd:a2:66:
         f6:55:94:35:45:00:e5:08:99:58:27:53:f7:26:4a:cc:14:3d:
         a4:bb:25:32:7a:b3:d0:e3:8b:38:94:55:f6:2d:70:db:7d:40:
         5e:d3:a3:a4:bf:0e:14:08:68:9c:9e:75:89:1d:b5:1d:25:80:
         8f:29:75:15:2e:9d:d1:c3:07:8a:43:c8:c4:1c:63:98:86:b0:
         a4:21:68:fd:26:39:50:e8:73:46:40:cc:cc:7f:99:d1:80:15:
         c0:3c:3c:ed:ac:13:b0:e5:2d:94:2f:8f:f5:79:5d:68:8f:34:
         09:38:d8:46:96:f3:6b:cf:36:11:90:25:4a:96:37:43:34:60:
         26:52:c9:4c:c3:e4:61:6d:ee:2b:1e:bf:97:56:19:02:8e:68:
         cd:6d:0e:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJokZF2ZhiDu6lAji1V0CyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3Mjg4NWVmMjZkZTZkM2IyMjYwYWI2M2QyYzVjYTBmODYz
N2RmMDMwHhcNMjUwNDE4MTYwMTMzWhcNMjUwNDE5MTYwMTMzWjAzMTEwLwYDVQQD
Eyg3ZGNjY2YyYWVhZTEwMmRkNDc4NTZjNTgzYzU4YmI3YzU2MDEyNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUUh+uS//0vu+PhLfPUMQ0L8iN3k
5MrQOC/gnQIVrL6i9A+cNiheOfB2IrcVQspBIyP3d3WwteKcGh/LkHv7/JOy0wZT
3gqw/OsD9D6PSSkldslH4+KsXzWm+iGaTpqAHvu/a76ypkmMJGf677Hwf8Sys7Pg
mxCmMQVMU4phvsiH3Ma5ou7URSep/A3RGnUstgtXzrTDp0bcYc8GYbB1lOEtNkKN
s4HKJEjJeTntEuoyL2qApa2IIObG4tY86YZj2NlaTaW0sVF6Igj/xCBPQBRRn9KZ
iEiSZAnne0WUz4in0oJ3coez2mi9N8FYnYV5GL7bLJrLYV+Zjqon8XbdfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3Mzyrq4QLdR4VsWDxYu3xWASatMB8GA1UdIwQY
MBaAFKcohe8m3m07ImCrY9LFyg+GN98DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHlpRjd5YmViVHNpWUt0ajBzWEtENFkzM3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9lZDI1OWItZDdiZi00ZGU0LWJiZjAt
MGU3MTgwZjk4NzRkLzEvcHlpRjd5YmViVHNpWUt0ajBzWEtENFkzM3dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9lZDI1OWItZDdiZi00ZGU0LWJiZjAtMGU3MTgwZjk4NzRk
LzEvcHlpRjd5YmViVHNpWUt0ajBzWEtENFkzM3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASgdGVPUh
NvCMa1DCm7G+3Nw4JkEsSwSKi6iYa3UlSgbo8Wjm7yjQ3f9/EFQtANBr3KysBj0r
2DqFfSpRk+bbochB6kxvvQy+9UweRUWalks77t+GKODyAarw5jKcUfjbK66S81qz
z7fcvaJm9lWUNUUA5QiZWCdT9yZKzBQ9pLslMnqz0OOLOJRV9i1w231AXtOjpL8O
FAhonJ51iR21HSWAjyl1FS6d0cMHikPIxBxjmIawpCFo/SY5UOhzRkDMzH+Z0YAV
wDw87awTsOUtlC+P9XldaI80CTjYRpbza882EZAlSpY3QzRgJlLJTMPkYW3uKx6/
l1YZAo5ozW0ONw==
-----END CERTIFICATE-----