Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
File:                     wA7St1AmRN0DbiOS-wMyz7FNuNI.mft (raw, json)
Hash identifier:          26K9V5yvthPsHpKMcBE/BrMyUaYyJiuMpV7FpjQPVX4=
Subject key identifier:   A0:9C:10:CF:AE:05:FB:9F:AE:8F:D7:C3:B6:46:7D:14:32:FC:D3:5F
Authority key identifier: C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2
Certificate issuer:       /CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
Certificate serial:       019651FFCCCF46A924BC3F519327D5883E0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 07:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:40 +0000
Files and hashes:         1: wA7St1AmRN0DbiOS-wMyz7FNuNI.crl (hash: hy3IIv/0vHV9jFjsNY0umx3Suqb+CoeR98Phm74EO9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:cc:cf:46:a9:24:bc:3f:51:93:27:d5:88:3e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
        Validity
            Not Before: Apr 20 07:00:40 2025 GMT
            Not After : Apr 21 07:00:40 2025 GMT
        Subject: CN=a09c10cfae05fb9fae8fd7c3b6467d1432fcd35f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:35:93:d0:c1:81:0c:cb:33:6b:77:f6:93:a4:
                    14:64:7a:46:a9:b1:bc:7b:c9:55:96:1f:d7:00:0a:
                    dc:81:f2:11:0f:72:ac:87:7b:af:e9:10:b2:da:b0:
                    23:8b:a6:90:66:06:46:0b:74:e4:b2:ef:a3:b8:e2:
                    74:60:5c:c2:38:b5:cb:52:9a:4c:0b:b4:0d:cd:7d:
                    8f:ac:2d:73:b0:22:33:88:24:cb:cf:fa:a7:6b:7f:
                    4b:79:bd:fe:df:dd:a5:ac:d7:b3:77:51:61:ed:1b:
                    17:09:bc:b3:6f:79:85:e1:00:c4:77:33:4b:12:20:
                    30:37:52:e7:3a:e4:3e:17:e0:13:11:b4:d2:dd:10:
                    63:b8:00:1d:ab:c6:93:c8:95:12:33:18:84:99:76:
                    78:39:83:2c:d9:2b:28:33:65:5a:2d:b9:43:e3:ba:
                    b8:93:db:26:33:f1:de:f8:41:84:1b:83:d9:ca:38:
                    e6:16:7f:70:ae:c8:1e:e1:42:77:f6:c8:7d:ac:20:
                    55:01:75:e4:01:e2:78:5f:63:b5:62:35:05:95:7f:
                    4e:bc:2d:f8:68:3c:d9:57:b2:62:fd:13:6e:07:4a:
                    da:43:1a:ac:ce:b6:37:39:60:f5:db:73:89:b9:f1:
                    7a:f2:c3:f1:30:60:e3:f8:31:e9:18:2a:19:79:c4:
                    e3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:9C:10:CF:AE:05:FB:9F:AE:8F:D7:C3:B6:46:7D:14:32:FC:D3:5F
            X509v3 Authority Key Identifier:
                keyid:C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:31:56:0b:11:9b:fe:7d:ba:4b:ce:1e:76:79:72:d6:10:d0:
         57:5e:4e:1c:b2:41:61:0d:7e:69:71:8e:0b:8f:83:c9:e3:c7:
         8d:8b:e7:a4:45:f9:83:df:3e:6e:fb:a8:ed:d4:3a:1b:4b:5d:
         d0:7e:9d:c8:6d:55:5b:04:ac:4d:cc:75:41:51:f5:7d:00:0b:
         35:75:e7:d4:f1:4c:f0:05:b1:47:2d:00:92:ad:b1:ed:f7:7a:
         46:7f:1c:3b:ea:aa:e7:1a:66:e9:43:c3:52:05:70:0f:19:b6:
         71:e1:c2:6d:bf:32:11:12:38:ba:75:6c:69:6d:45:9c:82:ab:
         84:da:00:ce:fa:98:41:c8:3d:a9:b8:68:73:75:8c:21:66:fc:
         3a:2a:b3:0c:10:66:07:cc:d6:15:7d:0b:5e:b4:6c:55:1b:f1:
         cf:a2:03:ac:e4:4a:d3:1a:00:88:92:e9:b4:a6:04:9c:17:51:
         28:b6:4e:0d:52:4c:59:4d:76:ee:13:74:c6:10:f0:b1:01:38:
         74:40:6b:50:bc:83:a6:e3:b1:6f:53:be:df:c4:31:2d:a9:8c:
         3d:91:09:de:4a:26:19:b5:c4:bc:19:39:3a:6a:fe:47:95:f3:
         31:a7:89:a6:8a:ed:2f:85:db:31:88:73:ce:59:cd:84:21:29:
         f5:63:b5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/8zPRqkkvD9RkyfViD4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGVkMmI3NTAyNjQ0ZGQwMzZlMjM5MmZiMDMzMmNmYjE0
ZGI4ZDIwHhcNMjUwNDIwMDcwMDQwWhcNMjUwNDIxMDcwMDQwWjAzMTEwLwYDVQQD
EyhhMDljMTBjZmFlMDVmYjlmYWU4ZmQ3YzNiNjQ2N2QxNDMyZmNkMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjWT0MGBDMsza3f2k6QUZHpGqbG8
e8lVlh/XAArcgfIRD3Ksh3uv6RCy2rAji6aQZgZGC3Tksu+juOJ0YFzCOLXLUppM
C7QNzX2PrC1zsCIziCTLz/qna39Leb3+392lrNezd1Fh7RsXCbyzb3mF4QDEdzNL
EiAwN1LnOuQ+F+ATEbTS3RBjuAAdq8aTyJUSMxiEmXZ4OYMs2SsoM2VaLblD47q4
k9smM/He+EGEG4PZyjjmFn9wrsge4UJ39sh9rCBVAXXkAeJ4X2O1YjUFlX9OvC34
aDzZV7Ji/RNuB0raQxqszrY3OWD123OJufF68sPxMGDj+DHpGCoZecTjEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCcEM+uBfufro/Xw7ZGfRQy/NNfMB8GA1UdIwQY
MBaAFMAO0rdQJkTdA24jkvsDMs+xTbjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAt
MDllOGZhZmFmMGNjLzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAtMDllOGZhZmFmMGNj
LzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASTFWCxGb
/n26S84ednly1hDQV15OHLJBYQ1+aXGOC4+DyePHjYvnpEX5g98+bvuo7dQ6G0td
0H6dyG1VWwSsTcx1QVH1fQALNXXn1PFM8AWxRy0Akq2x7fd6Rn8cO+qq5xpm6UPD
UgVwDxm2ceHCbb8yERI4unVsaW1FnIKrhNoAzvqYQcg9qbhoc3WMIWb8OiqzDBBm
B8zWFX0LXrRsVRvxz6IDrORK0xoAiJLptKYEnBdRKLZODVJMWU127hN0xhDwsQE4
dEBrULyDpuOxb1O+38QxLamMPZEJ3komGbXEvBk5Omr+R5XzMaeJportL4XbMYhz
zlnNhCEp9WO1Lw==
-----END CERTIFICATE-----