Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          RUcimrmmkyfqlar1HKkcpMnSdgW0RT9uMCup3mReTZA=
Subject key identifier:   F5:C2:ED:25:27:0C:4C:99:EF:73:EF:CF:D1:A2:B1:96:F0:37:82:5D
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019645202B71CA4F8C9398AA64550DCF0647
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          064B
Signing time:             Thu 17 Apr 2025 19:00:58 +0000
Manifest this update:     Thu 17 Apr 2025 19:00:58 +0000
Manifest next update:     Fri 18 Apr 2025 19:00:58 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: Gju1bVS7mh59BLLX+2ep1OtT+dZrKAGqTmn9GdH/2xw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:20:2b:71:ca:4f:8c:93:98:aa:64:55:0d:cf:06:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Apr 17 19:00:58 2025 GMT
            Not After : Apr 18 19:00:58 2025 GMT
        Subject: CN=f5c2ed25270c4c99ef73efcfd1a2b196f037825d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7e:84:54:b2:bb:ee:bc:82:30:94:33:62:33:
                    d0:0d:6b:3f:d3:5d:19:73:f0:66:ff:a6:3d:a8:fc:
                    b1:e3:82:b2:36:3e:f6:4e:35:f4:86:9b:7f:63:31:
                    ae:1a:c8:03:21:10:fd:6d:cb:4b:30:61:14:51:20:
                    91:c2:18:62:3e:c0:8d:84:b9:66:a0:7e:1c:c8:f7:
                    9c:0b:e9:cc:8d:05:10:c6:23:17:08:3a:f1:84:58:
                    42:34:7d:2a:7e:84:2f:71:65:1a:37:ab:84:bf:64:
                    fa:0b:f4:16:9c:3e:5d:ec:83:ab:2d:14:b6:85:b1:
                    c1:e7:5d:78:51:ff:9d:0b:b9:f1:a2:5f:77:a5:82:
                    ce:52:cb:04:23:5c:40:61:b2:19:f0:bd:68:a7:ef:
                    10:a3:07:11:34:12:b6:d6:14:bd:f9:8e:d9:0a:4e:
                    32:e1:eb:ce:e0:9c:a9:c9:53:24:06:c6:63:7e:32:
                    25:41:02:b9:6b:65:ef:ec:6d:af:41:79:ec:96:f8:
                    44:c1:6c:36:a7:d3:37:5c:c4:07:0e:f9:3f:22:86:
                    92:17:cc:69:97:43:8c:9e:7a:8a:ee:c8:b1:1d:53:
                    f0:27:8d:3d:c4:dc:e9:2d:5a:c1:d4:0f:a1:46:dc:
                    ec:b9:4e:23:92:4a:5d:9b:a5:43:8f:57:a7:36:ad:
                    d1:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:C2:ED:25:27:0C:4C:99:EF:73:EF:CF:D1:A2:B1:96:F0:37:82:5D
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:da:77:02:5b:37:10:22:01:3b:34:56:6c:a7:30:97:fc:53:
         48:b4:9a:61:2c:20:aa:e3:a4:cb:41:8c:ae:e5:ac:94:b8:09:
         3b:1b:5d:9f:fb:23:9b:08:ad:e2:d2:c8:96:82:a0:34:c6:8a:
         5e:3e:32:da:46:c5:89:d8:84:59:df:b0:9d:dd:0d:96:3b:0e:
         85:3a:df:7a:e2:c4:31:16:d4:9a:1e:87:7d:d2:ff:65:74:7f:
         1f:12:31:4b:48:28:25:8d:4e:86:aa:24:e5:2e:f7:82:d5:bb:
         48:1a:81:65:51:cb:e0:4a:b4:cf:02:54:65:ec:e0:67:4e:a1:
         35:0e:3f:59:80:34:7e:5b:c8:b1:88:4e:a8:82:9c:14:3c:3b:
         62:db:9d:5c:20:37:c1:f2:fa:16:bc:33:ad:8a:a7:f4:b9:13:
         f1:e6:cb:1b:aa:67:13:63:a8:d4:be:fa:67:96:cd:cc:60:35:
         b7:a0:56:ff:71:f5:45:23:0c:8c:55:9a:ce:b6:bd:4d:aa:cb:
         ef:c1:88:ad:38:d5:8f:1a:c1:04:68:39:fc:c0:5a:3c:1a:29:
         3a:22:41:a7:b4:25:43:7c:84:1e:64:a8:c7:24:e0:1b:05:18:
         f2:ed:3f:de:c2:e9:af:e6:41:ac:f1:d1:6d:15:12:1f:ee:7c:
         f8:60:33:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFICtxyk+Mk5iqZFUNzwZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjUwNDE3MTkwMDU4WhcNMjUwNDE4MTkwMDU4WjAzMTEwLwYDVQQD
EyhmNWMyZWQyNTI3MGM0Yzk5ZWY3M2VmY2ZkMWEyYjE5NmYwMzc4MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn6EVLK77ryCMJQzYjPQDWs/010Z
c/Bm/6Y9qPyx44KyNj72TjX0hpt/YzGuGsgDIRD9bctLMGEUUSCRwhhiPsCNhLlm
oH4cyPecC+nMjQUQxiMXCDrxhFhCNH0qfoQvcWUaN6uEv2T6C/QWnD5d7IOrLRS2
hbHB5114Uf+dC7nxol93pYLOUssEI1xAYbIZ8L1op+8QowcRNBK21hS9+Y7ZCk4y
4evO4JypyVMkBsZjfjIlQQK5a2Xv7G2vQXnslvhEwWw2p9M3XMQHDvk/IoaSF8xp
l0OMnnqK7sixHVPwJ409xNzpLVrB1A+hRtzsuU4jkkpdm6VDj1enNq3RtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXC7SUnDEyZ73Pvz9GisZbwN4JdMB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtp3Als3
ECIBOzRWbKcwl/xTSLSaYSwgquOky0GMruWslLgJOxtdn/sjmwit4tLIloKgNMaK
Xj4y2kbFidiEWd+wnd0NljsOhTrfeuLEMRbUmh6HfdL/ZXR/HxIxS0goJY1Ohqok
5S73gtW7SBqBZVHL4Eq0zwJUZezgZ06hNQ4/WYA0flvIsYhOqIKcFDw7YtudXCA3
wfL6FrwzrYqn9LkT8ebLG6pnE2Oo1L76Z5bNzGA1t6BW/3H1RSMMjFWazra9TarL
78GIrTjVjxrBBGg5/MBaPBopOiJBp7QlQ3yEHmSoxyTgGwUY8u0/3sLpr+ZBrPHR
bRUSH+58+GAzDw==
-----END CERTIFICATE-----