Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          +ndlLA9Ii31HSY0QC2MX2RbOsA4EPOSckNCmkTkuIXQ=
Subject key identifier:   48:3E:73:70:7A:E8:0A:AD:CE:9A:B0:F4:BA:BD:36:73:D1:D5:4A:5F
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       01964C34787BC7356957BC64DA7B051457F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 04:00:29 +0000
Manifest this update:     Sat 19 Apr 2025 04:00:29 +0000
Manifest next update:     Sun 20 Apr 2025 04:00:29 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: yPWeXue/8LiujPSYVk6NAU7XsjayJYJy3ZOKuIjm8dg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:34:78:7b:c7:35:69:57:bc:64:da:7b:05:14:57:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Apr 19 04:00:29 2025 GMT
            Not After : Apr 20 04:00:29 2025 GMT
        Subject: CN=483e73707ae80aadce9ab0f4babd3673d1d54a5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:97:ea:1f:31:3a:37:49:e4:a0:42:4b:2d:aa:
                    7a:6d:64:1e:2e:a1:f8:00:b1:8d:15:dc:cb:f4:d7:
                    9d:72:f3:20:4f:ed:cc:6a:08:b2:77:0b:1b:1a:76:
                    8d:37:de:03:8c:7f:e7:b2:f6:c8:f9:2c:c7:62:79:
                    7d:1c:b4:db:10:5d:14:33:94:c2:07:fe:d6:2f:dc:
                    fa:a7:a9:a3:17:49:7f:35:37:15:c8:5f:d3:8f:b7:
                    88:0c:f5:24:43:e6:06:38:8f:d9:8a:9b:75:0a:62:
                    37:9e:86:56:b7:d4:ad:97:97:56:2f:7f:12:93:c7:
                    cc:27:dc:93:d3:9f:c2:c6:07:8e:0b:6e:ce:80:bd:
                    a3:d7:ac:01:5b:75:23:51:92:7d:8c:de:22:fe:3e:
                    6c:59:58:ae:06:0e:93:6f:53:45:4b:cf:03:6d:b9:
                    bc:87:9f:b2:7f:8d:f2:5b:bb:0d:06:00:ab:53:3f:
                    f3:28:47:b2:2b:cb:12:12:4b:28:57:98:41:96:ed:
                    5c:42:07:d1:9a:b4:72:55:ce:9b:53:d9:11:95:46:
                    3b:b4:25:bd:d1:7e:fc:36:e4:e6:bc:0e:55:f2:16:
                    11:e6:97:9e:9c:54:ef:b9:d0:60:d3:85:5f:fb:73:
                    4d:0f:5c:05:7e:b9:b8:df:a8:d9:c1:0a:ff:df:cd:
                    03:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:3E:73:70:7A:E8:0A:AD:CE:9A:B0:F4:BA:BD:36:73:D1:D5:4A:5F
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:02:5d:9a:21:03:2d:b4:27:cb:4f:9b:7d:ff:56:13:84:4a:
         8e:19:4c:f9:d9:56:9d:0a:b1:44:94:8c:72:f3:30:f0:62:8b:
         52:54:20:fe:26:70:d7:7e:b3:8e:04:46:90:fd:da:ec:cb:5b:
         4e:ba:bb:fb:f3:eb:0d:b8:31:b9:f9:9e:3e:ca:ce:f1:04:67:
         60:9a:16:72:2d:9b:e7:3c:ef:8f:ab:4b:8b:18:e5:e1:69:d0:
         26:05:0b:18:11:8c:27:c3:71:9b:23:23:c2:ec:94:9d:b1:96:
         b6:db:63:cf:a2:39:c4:f9:e5:d0:d3:ef:00:44:f4:cd:eb:72:
         ff:97:d8:34:ae:3b:fe:89:78:5d:21:9e:66:1f:ea:6f:2b:be:
         cb:28:9b:03:fd:78:d0:6e:e4:9d:2b:fd:3b:98:a8:57:c3:c1:
         dc:d1:29:21:19:56:f6:e6:d2:5e:7d:ca:5d:9f:e0:49:13:ee:
         ab:0a:a8:d6:7c:ca:08:02:12:7f:55:78:00:94:3b:11:db:79:
         23:7a:dc:4f:81:6c:60:47:fd:c5:0f:ca:50:3d:41:cd:30:8f:
         24:9c:a4:35:38:ba:69:d9:a4:3b:79:5f:37:1f:a9:bb:0c:ef:
         76:1d:91:1c:d3:2c:d6:59:0e:74:35:27:b1:1d:ad:5c:e9:b8:
         55:3c:3c:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMNHh7xzVpV7xk2nsFFFf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUwNDE5MDQwMDI5WhcNMjUwNDIwMDQwMDI5WjAzMTEwLwYDVQQD
Eyg0ODNlNzM3MDdhZTgwYWFkY2U5YWIwZjRiYWJkMzY3M2QxZDU0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5fqHzE6N0nkoEJLLap6bWQeLqH4
ALGNFdzL9NedcvMgT+3MagiydwsbGnaNN94DjH/nsvbI+SzHYnl9HLTbEF0UM5TC
B/7WL9z6p6mjF0l/NTcVyF/Tj7eIDPUkQ+YGOI/Zipt1CmI3noZWt9Stl5dWL38S
k8fMJ9yT05/CxgeOC27OgL2j16wBW3UjUZJ9jN4i/j5sWViuBg6Tb1NFS88Dbbm8
h5+yf43yW7sNBgCrUz/zKEeyK8sSEksoV5hBlu1cQgfRmrRyVc6bU9kRlUY7tCW9
0X78NuTmvA5V8hYR5peenFTvudBg04Vf+3NND1wFfrm436jZwQr/380DeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEg+c3B66Aqtzpqw9Lq9NnPR1UpfMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQJdmiED
LbQny0+bff9WE4RKjhlM+dlWnQqxRJSMcvMw8GKLUlQg/iZw136zjgRGkP3a7Mtb
Trq7+/PrDbgxufmePsrO8QRnYJoWci2b5zzvj6tLixjl4WnQJgULGBGMJ8NxmyMj
wuyUnbGWtttjz6I5xPnl0NPvAET0zety/5fYNK47/ol4XSGeZh/qbyu+yyibA/14
0G7knSv9O5ioV8PB3NEpIRlW9ubSXn3KXZ/gSRPuqwqo1nzKCAISf1V4AJQ7Edt5
I3rcT4FsYEf9xQ/KUD1BzTCPJJykNTi6admkO3lfNx+puwzvdh2RHNMs1lkOdDUn
sR2tXOm4VTw8rg==
-----END CERTIFICATE-----