Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          CZ9APVi4cpNh1Q5NLHn4hAyXjRKc3q1AgHzLIVG24wk=
Subject key identifier:   C9:65:30:38:ED:6F:97:9A:55:C0:9F:E9:E5:39:9E:4B:82:2D:EE:3B
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       01963F549C3EEF43456DBAE1775DF94EC693
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          034A
Signing time:             Wed 16 Apr 2025 16:00:31 +0000
Manifest this update:     Wed 16 Apr 2025 16:00:31 +0000
Manifest next update:     Thu 17 Apr 2025 16:00:31 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: HV55OuP5uGSO3omi/PkZlwJheHh/Yh95o5VYMaRXQhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 16:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:54:9c:3e:ef:43:45:6d:ba:e1:77:5d:f9:4e:c6:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Apr 16 16:00:31 2025 GMT
            Not After : Apr 17 16:00:31 2025 GMT
        Subject: CN=c9653038ed6f979a55c09fe9e5399e4b822dee3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:b6:43:30:d7:e6:49:28:5e:15:00:73:bf:1f:
                    e6:33:b6:6d:6b:52:c3:b8:34:06:6f:9c:fe:77:c8:
                    5a:e9:1b:9b:a6:44:23:ad:cb:26:17:6d:3c:d7:1c:
                    ac:ce:9a:e6:a7:36:75:fe:47:4c:d4:72:7b:a6:90:
                    64:8e:f1:aa:70:1e:95:f8:f8:19:44:73:d7:f6:9d:
                    51:bf:c0:33:e3:d8:1f:5b:ff:31:f7:46:a5:5d:71:
                    1e:11:40:c5:5b:93:ae:d7:ff:d5:ef:90:ec:0e:14:
                    54:4f:be:71:a0:9a:61:a1:01:2a:eb:0e:56:07:8b:
                    cb:cd:17:13:20:90:6c:7d:0a:37:cf:21:40:0b:fc:
                    18:cb:58:e9:7c:a3:d5:fd:b1:08:4f:81:f3:aa:8c:
                    bf:ee:c7:7b:da:ae:04:4e:86:1d:4a:94:52:b8:07:
                    16:fa:53:bf:5b:7f:89:aa:fe:d6:e7:12:ef:69:bf:
                    25:e3:58:59:f6:c9:98:46:a7:ff:c1:12:0d:56:e9:
                    7d:74:65:88:aa:79:55:dd:a0:7d:0e:db:83:4b:48:
                    e1:d4:c5:2c:dc:a0:7c:1d:52:5f:5c:93:81:66:2c:
                    14:8b:3b:f3:45:87:70:52:03:cc:13:74:67:4d:95:
                    d6:38:c8:a9:58:c7:ce:19:6b:ce:f8:d5:3b:f8:3d:
                    e7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:65:30:38:ED:6F:97:9A:55:C0:9F:E9:E5:39:9E:4B:82:2D:EE:3B
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:4b:0f:0f:e1:58:f5:16:b3:50:53:e2:f7:af:4d:dd:de:de:
         c4:95:26:4e:a6:6e:4d:07:a5:00:df:0e:f1:c8:8c:a9:8b:a0:
         93:4a:9c:76:58:67:dc:78:6f:fd:4f:29:20:49:95:c6:e3:d8:
         83:1a:b3:46:35:93:37:35:7d:ba:28:86:8c:39:51:1d:46:86:
         5f:cf:f7:72:7a:50:f3:c2:80:f1:4e:21:d5:c8:0b:50:bf:39:
         b7:50:db:b7:ce:a2:e2:35:a8:e3:9b:21:5b:ab:2f:83:58:d4:
         37:8f:5e:5d:2a:6a:6f:bf:96:c6:c4:ed:cd:d5:7e:b6:cd:95:
         34:32:25:ba:27:30:cf:fe:d3:19:4f:0b:30:40:09:54:a3:c7:
         1d:d0:99:03:db:6e:da:c9:bb:66:56:85:ba:7d:67:c7:da:d5:
         05:84:78:5f:75:56:86:88:03:e2:7d:f3:22:75:29:68:83:b4:
         c5:37:54:92:87:4a:3f:b1:fc:62:fc:74:84:15:ed:cd:86:30:
         ee:fd:8f:b3:5d:dc:5e:db:b0:97:e6:94:60:8f:98:4d:e0:58:
         80:60:61:36:c4:de:44:3d:a2:49:18:7a:a7:d4:05:4a:19:41:
         90:23:4b:85:d5:b5:4e:7a:57:68:9a:bd:9c:5b:75:d1:1a:6e:
         a7:56:ec:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/VJw+70NFbbrhd135TsaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwNDE2MTYwMDMxWhcNMjUwNDE3MTYwMDMxWjAzMTEwLwYDVQQD
EyhjOTY1MzAzOGVkNmY5NzlhNTVjMDlmZTllNTM5OWU0YjgyMmRlZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47ZDMNfmSSheFQBzvx/mM7Zta1LD
uDQGb5z+d8ha6RubpkQjrcsmF2081xyszprmpzZ1/kdM1HJ7ppBkjvGqcB6V+PgZ
RHPX9p1Rv8Az49gfW/8x90alXXEeEUDFW5Ou1//V75DsDhRUT75xoJphoQEq6w5W
B4vLzRcTIJBsfQo3zyFAC/wYy1jpfKPV/bEIT4Hzqoy/7sd72q4EToYdSpRSuAcW
+lO/W3+Jqv7W5xLvab8l41hZ9smYRqf/wRINVul9dGWIqnlV3aB9DtuDS0jh1MUs
3KB8HVJfXJOBZiwUizvzRYdwUgPME3RnTZXWOMipWMfOGWvO+NU7+D3nwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMllMDjtb5eaVcCf6eU5nkuCLe47MB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0sPD+FY
9RazUFPi969N3d7exJUmTqZuTQelAN8O8ciMqYugk0qcdlhn3Hhv/U8pIEmVxuPY
gxqzRjWTNzV9uiiGjDlRHUaGX8/3cnpQ88KA8U4h1cgLUL85t1Dbt86i4jWo45sh
W6svg1jUN49eXSpqb7+WxsTtzdV+ts2VNDIluicwz/7TGU8LMEAJVKPHHdCZA9tu
2sm7ZlaFun1nx9rVBYR4X3VWhogD4n3zInUpaIO0xTdUkodKP7H8Yvx0hBXtzYYw
7v2Ps13cXtuwl+aUYI+YTeBYgGBhNsTeRD2iSRh6p9QFShlBkCNLhdW1TnpXaJq9
nFt10Rpup1bsTg==
-----END CERTIFICATE-----