Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
File:                     i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft (raw, json)
Hash identifier:          aAQHF4jiwUTNhkkolDKQ+2KOI6MGUsOCql27jsO7bDM=
Subject key identifier:   D3:94:55:0A:C2:1A:2B:5D:5B:30:D1:F2:08:03:6B:58:17:A1:D2:7F
Authority key identifier: 8B:7B:E7:A4:76:06:AB:38:39:1F:B2:15:42:B5:F4:06:1F:02:A8:52
Certificate issuer:       /CN=8b7be7a47606ab38391fb21542b5f4061f02a852
Certificate serial:       0196515AD025B2CDA0ABC5713BDF4B8FB84A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
Manifest number:          0B75
Signing time:             Sun 20 Apr 2025 04:00:28 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:28 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:28 +0000
Files and hashes:         1: i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl (hash: D1lVSN06W2mCjiiItDyStUp1LvYvDbRiFUaulUGHkrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5a:d0:25:b2:cd:a0:ab:c5:71:3b:df:4b:8f:b8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b7be7a47606ab38391fb21542b5f4061f02a852
        Validity
            Not Before: Apr 20 04:00:28 2025 GMT
            Not After : Apr 21 04:00:28 2025 GMT
        Subject: CN=d394550ac21a2b5d5b30d1f208036b5817a1d27f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:54:a5:38:a6:c4:39:5b:43:95:21:3e:1c:cb:
                    2a:20:db:3a:08:ad:3c:16:f7:2f:83:e2:5d:0c:7a:
                    98:16:73:72:a3:4e:03:ac:1c:6a:af:f0:f7:42:91:
                    be:9e:37:83:4c:66:23:05:85:d5:71:36:e9:e3:2b:
                    08:01:8a:d6:7c:70:0f:15:97:a3:37:d8:95:4c:4b:
                    22:fe:95:8a:e2:03:07:50:21:bd:63:19:8f:dc:ed:
                    30:48:49:3e:d6:b2:8c:7a:a3:5c:f6:1c:d9:f0:81:
                    81:2a:e3:be:2f:ae:85:e9:b2:eb:43:81:35:4a:5b:
                    d1:a0:fd:58:3f:49:ea:df:ee:50:4a:3e:da:66:db:
                    2b:98:47:59:84:4b:42:03:d5:bd:73:b6:8d:32:3c:
                    ac:c2:e4:f1:d7:33:4e:67:d4:fb:c0:4c:07:d9:ee:
                    ed:90:a7:bf:09:c8:62:d8:08:2f:8c:f5:2b:73:4f:
                    43:07:1c:42:16:45:cb:d1:91:b9:2f:7c:a0:15:2e:
                    90:9b:8d:de:27:9d:08:b0:24:9b:ec:a9:94:52:6c:
                    d3:b7:b2:a7:95:28:4e:a5:86:61:ee:5e:46:96:7a:
                    f5:c7:c5:b0:47:6a:51:a7:27:41:7d:f3:12:01:fa:
                    53:0b:92:b9:5f:e0:b9:43:11:cd:38:9f:63:16:3f:
                    43:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:94:55:0A:C2:1A:2B:5D:5B:30:D1:F2:08:03:6B:58:17:A1:D2:7F
            X509v3 Authority Key Identifier:
                keyid:8B:7B:E7:A4:76:06:AB:38:39:1F:B2:15:42:B5:F4:06:1F:02:A8:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:e8:b5:40:4e:ac:f3:dd:55:68:4a:d3:81:cb:62:3e:b3:c7:
         9a:13:32:31:ab:c7:66:39:f0:62:06:39:3d:d9:30:dd:5a:72:
         de:7b:35:d0:1f:ba:f1:38:3b:c8:8e:8f:f0:f3:2d:e9:59:5f:
         b5:30:04:d0:0a:d8:d3:93:e8:a4:9d:7b:54:91:ff:c9:b0:c3:
         93:69:7d:af:f2:cf:19:74:87:7b:57:c5:0f:34:25:76:d8:52:
         2c:7a:50:ac:ee:87:8b:d5:33:39:26:e3:59:c6:5e:3a:7a:84:
         1b:a7:1a:db:0c:0b:d8:48:7f:1a:4d:89:d0:25:09:ed:0b:34:
         3f:34:b4:42:23:43:ea:90:a3:7c:cc:4c:d2:ad:4d:b1:b2:e9:
         8f:12:c4:bd:92:32:82:d9:bb:68:72:20:28:47:97:62:f5:ec:
         c3:51:04:77:28:a3:f0:7e:10:03:33:49:ba:30:3f:76:00:b4:
         93:fa:bf:f2:af:31:1c:d6:7e:e4:c1:61:b8:27:71:18:81:29:
         f5:68:a8:aa:d2:6e:09:d1:d4:70:31:0f:47:a8:24:5c:aa:a6:
         d2:af:63:7f:d2:b4:f5:ab:85:d2:b7:ba:4d:4a:08:e2:24:5a:
         b1:43:3a:25:14:53:17:c0:b7:2a:9d:67:59:cb:20:8f:a1:49:
         de:21:fd:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWtAlss2gq8VxO99Lj7hKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2JlN2E0NzYwNmFiMzgzOTFmYjIxNTQyYjVmNDA2MWYw
MmE4NTIwHhcNMjUwNDIwMDQwMDI4WhcNMjUwNDIxMDQwMDI4WjAzMTEwLwYDVQQD
EyhkMzk0NTUwYWMyMWEyYjVkNWIzMGQxZjIwODAzNmI1ODE3YTFkMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlSlOKbEOVtDlSE+HMsqINs6CK08
Fvcvg+JdDHqYFnNyo04DrBxqr/D3QpG+njeDTGYjBYXVcTbp4ysIAYrWfHAPFZej
N9iVTEsi/pWK4gMHUCG9YxmP3O0wSEk+1rKMeqNc9hzZ8IGBKuO+L66F6bLrQ4E1
SlvRoP1YP0nq3+5QSj7aZtsrmEdZhEtCA9W9c7aNMjyswuTx1zNOZ9T7wEwH2e7t
kKe/Cchi2AgvjPUrc09DBxxCFkXL0ZG5L3ygFS6Qm43eJ50IsCSb7KmUUmzTt7Kn
lShOpYZh7l5Glnr1x8WwR2pRpydBffMSAfpTC5K5X+C5QxHNOJ9jFj9DpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOUVQrCGitdWzDR8ggDa1gXodJ/MB8GA1UdIwQY
MBaAFIt756R2Bqs4OR+yFUK19AYfAqhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yNDdjNWQtYTI3Mi00ODJiLTljOGUt
MzdmZTM5NWQ0MmYwLzEvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yNDdjNWQtYTI3Mi00ODJiLTljOGUtMzdmZTM5NWQ0MmYw
LzEvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWei1QE6s
891VaErTgctiPrPHmhMyMavHZjnwYgY5Pdkw3Vpy3ns10B+68Tg7yI6P8PMt6Vlf
tTAE0ArY05PopJ17VJH/ybDDk2l9r/LPGXSHe1fFDzQldthSLHpQrO6Hi9UzOSbj
WcZeOnqEG6ca2wwL2Eh/Gk2J0CUJ7Qs0PzS0QiND6pCjfMxM0q1NsbLpjxLEvZIy
gtm7aHIgKEeXYvXsw1EEdyij8H4QAzNJujA/dgC0k/q/8q8xHNZ+5MFhuCdxGIEp
9WioqtJuCdHUcDEPR6gkXKqm0q9jf9K09auF0re6TUoI4iRasUM6JRRTF8C3Kp1n
Wcsgj6FJ3iH92A==
-----END CERTIFICATE-----