Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          oqBTEbAJ1PnoYDgebyarRGoQv6RhAFtX0P3VjxGjUX4=
Subject key identifier:   4A:81:8F:56:C4:4E:FE:F8:56:5F:9D:E3:C8:BA:C5:56:2D:6C:33:79
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       01964F6D548243E3134FE82D1C5DD684CCA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          14F9
Signing time:             Sat 19 Apr 2025 19:01:27 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:27 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:27 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: XVrQQ/j4A41wLATlYu3g+IRrOZIXJvOEbpAV1S4BQ/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:54:82:43:e3:13:4f:e8:2d:1c:5d:d6:84:cc:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Apr 19 19:01:27 2025 GMT
            Not After : Apr 20 19:01:27 2025 GMT
        Subject: CN=4a818f56c44efef8565f9de3c8bac5562d6c3379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:81:aa:09:4f:47:5b:8d:2f:07:e7:ea:4b:e4:
                    a4:cc:30:35:5d:74:72:6c:66:1a:e9:ad:3c:70:f9:
                    ba:26:69:10:64:aa:13:51:71:14:71:12:69:21:0d:
                    30:86:5e:b2:81:4a:ec:b5:07:84:b3:5b:a3:66:23:
                    66:6b:e5:c7:4d:46:28:64:73:8f:ab:88:4e:7c:89:
                    1c:df:66:22:df:09:e4:67:5a:30:37:7a:99:f4:f9:
                    7d:d2:e6:7c:a0:72:e2:e3:8c:e2:a6:76:45:fc:a5:
                    f3:60:13:fc:ab:e6:0c:e9:8f:46:21:25:5f:8c:ec:
                    cf:2e:ad:76:a1:ac:98:f3:3f:8d:ef:92:4f:9d:22:
                    1b:bf:58:4e:ed:a3:8d:fc:d6:0c:67:0f:d0:e3:c3:
                    03:2f:f6:94:5b:7f:da:4a:69:02:eb:85:df:50:2c:
                    c5:0c:0b:23:41:6b:86:66:a2:ad:80:ce:9e:33:1e:
                    db:df:d5:fd:91:2c:a2:6b:c0:85:22:0a:b0:d9:b2:
                    57:c5:f6:c7:38:8f:3c:a9:22:e3:74:4d:2a:b9:95:
                    4b:86:7f:26:ed:a3:f8:60:47:f3:04:50:03:7f:ea:
                    19:16:83:e4:e6:0a:1c:4e:cc:e9:8f:cd:f9:d0:ef:
                    66:f7:f8:94:0d:f1:ea:2f:98:dc:20:3f:07:60:ed:
                    15:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:81:8F:56:C4:4E:FE:F8:56:5F:9D:E3:C8:BA:C5:56:2D:6C:33:79
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:a0:38:18:13:da:ae:43:8f:0b:ed:02:f2:a2:f9:9d:34:4f:
         a2:4c:9d:09:04:09:48:75:9f:08:24:3c:04:0b:e2:11:b6:bd:
         3a:7c:52:12:b5:6b:fd:ea:0f:7c:de:ba:33:37:43:5b:6c:53:
         86:37:98:72:ac:01:66:08:05:6f:01:90:2d:73:54:40:ba:ff:
         0a:50:95:03:10:05:a4:27:bd:75:2b:7a:bc:54:de:6a:26:21:
         d5:0f:4d:91:67:3c:58:fe:2f:88:5d:b9:61:fc:c5:83:bd:f0:
         54:98:55:90:2a:ad:3e:c3:c3:fe:73:e7:4d:f2:d8:c4:dd:7e:
         b6:27:76:d2:75:0f:18:a1:93:72:4b:60:7e:58:b4:5c:3c:ea:
         92:30:55:a8:67:77:06:b8:67:de:05:7f:4a:fa:73:89:9a:80:
         70:cf:d5:2c:61:27:13:33:99:c1:79:4a:0f:42:55:12:cd:dd:
         ce:8b:bc:bc:ec:90:9f:06:ac:5c:3c:ae:33:7d:7c:3a:77:fb:
         87:39:79:e4:ec:6f:2e:e0:5e:66:55:84:28:63:0d:0d:aa:e1:
         7d:e7:f5:6e:06:78:5a:f1:f0:17:41:c6:ad:90:11:cc:da:0a:
         dd:61:c1:26:ef:49:5c:fa:d1:3c:49:77:8c:0a:a8:7d:90:63:
         10:48:12:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbVSCQ+MTT+gtHF3WhMylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUwNDE5MTkwMTI3WhcNMjUwNDIwMTkwMTI3WjAzMTEwLwYDVQQD
Eyg0YTgxOGY1NmM0NGVmZWY4NTY1ZjlkZTNjOGJhYzU1NjJkNmMzMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooGqCU9HW40vB+fqS+SkzDA1XXRy
bGYa6a08cPm6JmkQZKoTUXEUcRJpIQ0whl6ygUrstQeEs1ujZiNma+XHTUYoZHOP
q4hOfIkc32Yi3wnkZ1owN3qZ9Pl90uZ8oHLi44zipnZF/KXzYBP8q+YM6Y9GISVf
jOzPLq12oayY8z+N75JPnSIbv1hO7aON/NYMZw/Q48MDL/aUW3/aSmkC64XfUCzF
DAsjQWuGZqKtgM6eMx7b39X9kSyia8CFIgqw2bJXxfbHOI88qSLjdE0quZVLhn8m
7aP4YEfzBFADf+oZFoPk5gocTszpj8350O9m9/iUDfHqL5jcID8HYO0V2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqBj1bETv74Vl+d48i6xVYtbDN5MB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6A4GBPa
rkOPC+0C8qL5nTRPokydCQQJSHWfCCQ8BAviEba9OnxSErVr/eoPfN66MzdDW2xT
hjeYcqwBZggFbwGQLXNUQLr/ClCVAxAFpCe9dSt6vFTeaiYh1Q9NkWc8WP4viF25
YfzFg73wVJhVkCqtPsPD/nPnTfLYxN1+tid20nUPGKGTcktgfli0XDzqkjBVqGd3
Brhn3gV/SvpziZqAcM/VLGEnEzOZwXlKD0JVEs3dzou8vOyQnwasXDyuM318Onf7
hzl55OxvLuBeZlWEKGMNDarhfef1bgZ4WvHwF0HGrZARzNoK3WHBJu9JXPrRPEl3
jAqofZBjEEgScw==
-----END CERTIFICATE-----