Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          vy3g0xynXiuX0N+Ly0nranG7g5p2iCrkKiYDrbViuUU=
Subject key identifier:   88:B7:C4:B7:E7:18:E2:13:57:02:36:B3:5C:88:97:63:F8:E3:58:51
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       019655DCE46041F5CB0BF8874C08EC141D80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          0F81
Signing time:             Mon 21 Apr 2025 01:01:01 +0000
Manifest this update:     Mon 21 Apr 2025 01:01:01 +0000
Manifest next update:     Tue 22 Apr 2025 01:01:01 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: uhTPCCGSy+9Q17mAndseLC8peoWAS3UP/l6Tnsi2yCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:e4:60:41:f5:cb:0b:f8:87:4c:08:ec:14:1d:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Apr 21 01:01:01 2025 GMT
            Not After : Apr 22 01:01:01 2025 GMT
        Subject: CN=88b7c4b7e718e213570236b35c889763f8e35851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:71:e1:23:fc:a1:17:47:69:e5:f6:96:f4:e7:
                    c6:3a:cc:8d:b4:bd:0c:79:88:83:41:28:5e:a8:91:
                    37:a9:f3:cd:ff:ae:ca:05:34:19:eb:c5:44:9a:fc:
                    71:1a:d1:0b:48:3e:dd:82:0d:3b:f1:d4:1f:34:84:
                    48:91:3d:23:40:26:67:28:71:4f:9f:93:37:34:88:
                    07:11:7d:ca:5a:50:bc:6f:e9:39:27:b1:ed:fc:30:
                    94:26:f8:ab:6c:e5:10:ff:07:2f:4d:bf:5c:48:a8:
                    a2:b0:c1:4e:9b:21:56:31:e2:79:ed:bf:2d:68:fb:
                    46:9a:73:40:97:8f:49:cb:83:46:ed:ee:77:97:34:
                    84:dd:81:6b:7e:d0:a8:8c:71:48:2c:45:58:87:5a:
                    3b:f6:68:fa:27:7c:3f:50:fb:50:8e:d9:1b:ba:44:
                    0f:cd:21:49:af:da:3d:21:61:45:37:48:17:61:9a:
                    12:7e:15:a0:1e:f6:11:8b:d6:bd:09:49:b9:79:da:
                    71:bc:5a:11:d4:e0:bc:af:e5:2c:92:f2:13:92:a6:
                    3b:85:55:42:54:ad:b5:77:25:44:03:24:59:de:bf:
                    e9:4b:12:d3:da:5f:9b:3c:7b:01:7a:ce:e7:58:f6:
                    3d:75:4f:7b:c0:f1:08:d5:6f:d4:4b:69:a5:b9:ce:
                    97:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:B7:C4:B7:E7:18:E2:13:57:02:36:B3:5C:88:97:63:F8:E3:58:51
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:ac:da:e0:50:61:90:39:b7:6d:33:0d:5d:65:88:ef:54:2d:
         96:ee:05:18:d2:4f:4b:09:06:a4:89:e2:dd:23:7e:14:9e:6d:
         20:da:8a:fb:3b:32:2f:b8:fd:16:18:3b:c9:04:43:3b:1d:53:
         8f:61:72:9d:4e:16:fc:9f:d9:02:a9:df:5c:b9:25:ae:06:42:
         76:13:28:13:01:a3:73:50:26:de:53:e9:d6:7d:6a:fc:ee:9e:
         e6:fa:d2:34:64:a1:e8:51:e2:63:0f:7b:d1:b4:43:d5:46:4d:
         c6:d1:67:f3:03:1e:89:26:62:6e:f5:27:6e:9d:b2:16:31:df:
         fb:fe:17:85:46:f5:4b:0b:e5:95:dc:e1:ba:42:37:ea:4b:a9:
         77:ec:1c:ba:cd:20:4a:73:30:57:aa:98:37:bd:5f:44:27:68:
         3e:32:09:78:0d:d1:30:34:ac:7e:04:9c:6f:7e:7e:57:19:90:
         bc:3e:5f:a3:6b:f3:63:20:92:06:e0:5d:e6:c0:d1:39:bb:7c:
         c2:c1:d1:ff:86:62:bf:3f:83:34:ac:ac:f8:93:7d:64:c8:97:
         5e:8f:c2:d7:7e:7f:68:d1:f5:3c:c1:53:38:05:4d:4c:41:81:
         86:c1:b0:5f:a5:12:1c:bc:14:8b:8c:95:bd:25:ab:71:3a:8c:
         5f:5e:8e:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3ORgQfXLC/iHTAjsFB2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwNDIxMDEwMTAxWhcNMjUwNDIyMDEwMTAxWjAzMTEwLwYDVQQD
Eyg4OGI3YzRiN2U3MThlMjEzNTcwMjM2YjM1Yzg4OTc2M2Y4ZTM1ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nHhI/yhF0dp5faW9OfGOsyNtL0M
eYiDQSheqJE3qfPN/67KBTQZ68VEmvxxGtELSD7dgg078dQfNIRIkT0jQCZnKHFP
n5M3NIgHEX3KWlC8b+k5J7Ht/DCUJvirbOUQ/wcvTb9cSKiisMFOmyFWMeJ57b8t
aPtGmnNAl49Jy4NG7e53lzSE3YFrftCojHFILEVYh1o79mj6J3w/UPtQjtkbukQP
zSFJr9o9IWFFN0gXYZoSfhWgHvYRi9a9CUm5edpxvFoR1OC8r+UskvITkqY7hVVC
VK21dyVEAyRZ3r/pSxLT2l+bPHsBes7nWPY9dU97wPEI1W/US2mluc6XcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIi3xLfnGOITVwI2s1yIl2P441hRMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo6za4FBh
kDm3bTMNXWWI71Qtlu4FGNJPSwkGpIni3SN+FJ5tINqK+zsyL7j9Fhg7yQRDOx1T
j2FynU4W/J/ZAqnfXLklrgZCdhMoEwGjc1Am3lPp1n1q/O6e5vrSNGSh6FHiYw97
0bRD1UZNxtFn8wMeiSZibvUnbp2yFjHf+/4XhUb1SwvlldzhukI36kupd+wcus0g
SnMwV6qYN71fRCdoPjIJeA3RMDSsfgScb35+VxmQvD5fo2vzYyCSBuBd5sDRObt8
wsHR/4Zivz+DNKys+JN9ZMiXXo/C135/aNH1PMFTOAVNTEGBhsGwX6USHLwUi4yV
vSWrcTqMX16OzQ==
-----END CERTIFICATE-----