Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          VCM7jKNVncQIbE+SYvxMOq2VC7b6kLsiccxYp6MeS3M=
Subject key identifier:   5D:2E:49:C3:BC:CF:85:C0:38:20:68:61:13:A5:27:DA:E9:95:57:F2
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       01958B165F4D5DFB8FCFCE6823FE98A20000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          0F18
Signing time:             Wed 12 Mar 2025 16:00:53 +0000
Manifest this update:     Wed 12 Mar 2025 16:00:53 +0000
Manifest next update:     Thu 13 Mar 2025 16:00:53 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: CA6BNp9JSgCAJQT5B+PVuSt8168d64tbmTUTdU45oEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:5f:4d:5d:fb:8f:cf:ce:68:23:fe:98:a2:00:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Mar 12 16:00:53 2025 GMT
            Not After : Mar 13 16:00:53 2025 GMT
        Subject: CN=5d2e49c3bccf85c03820686113a527dae99557f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:cd:19:20:61:ec:6c:d2:af:85:de:ed:f1:d8:
                    95:fd:6e:a6:ca:45:d2:fb:2b:c6:c2:5b:14:e8:31:
                    64:c2:aa:31:83:0b:44:1a:74:f9:06:1d:68:45:28:
                    8c:31:22:15:4b:e5:75:e0:17:1e:9f:cb:47:85:09:
                    f1:af:c5:78:6e:59:38:b2:2e:93:1b:ec:26:13:26:
                    52:f4:54:54:a6:f8:5f:08:b5:1d:a7:3e:3c:cb:bb:
                    d3:05:35:3c:02:e3:ef:bb:40:32:7a:86:26:4b:c9:
                    73:1e:a5:ff:e6:e7:b1:d2:78:9c:08:67:cd:45:e8:
                    00:e6:c6:ad:65:35:ff:55:dc:d2:4f:52:2d:13:54:
                    fb:58:1a:3d:5b:cf:e2:b1:ae:f4:c8:15:e9:7e:47:
                    cd:9f:d9:c1:2f:16:7c:3f:69:50:a8:cc:80:28:24:
                    6e:31:15:a4:20:a0:90:e9:e4:4a:f5:b8:cf:ba:8f:
                    e0:42:aa:a7:06:8a:f0:a2:4b:f4:5f:f3:46:9f:a2:
                    ef:60:c8:f2:35:97:50:57:4b:47:02:32:b1:c0:85:
                    59:17:b0:14:1f:e4:cc:6a:c8:b9:8e:5a:23:32:85:
                    af:1d:c2:84:4d:42:20:1c:8a:31:78:17:97:95:a8:
                    8c:8e:81:19:13:09:18:ca:54:63:59:38:27:a3:9e:
                    bb:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:2E:49:C3:BC:CF:85:C0:38:20:68:61:13:A5:27:DA:E9:95:57:F2
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:73:16:98:86:e9:a5:9f:6d:1d:aa:9f:2e:7c:6b:4f:af:37:
         be:26:35:e8:70:e8:83:d9:30:84:de:ab:74:2d:f3:8e:cd:78:
         82:48:e7:4b:93:61:28:39:af:a5:59:4f:9a:dd:79:3f:76:cb:
         a9:c6:e4:9f:ce:c2:94:5b:2c:45:9a:54:ab:41:e8:87:a7:32:
         cf:2f:7a:09:3d:40:83:d2:3f:e6:d4:9d:4f:2e:8f:fb:29:dd:
         06:b1:b5:69:e6:ef:6a:10:3a:b6:e1:5d:b5:5f:a8:65:ef:60:
         0b:0b:1f:42:dd:bf:2d:d1:34:e7:5f:1d:14:c0:70:84:b6:5a:
         7d:84:0e:79:05:89:55:b6:ed:b9:e6:15:e7:3a:5d:fe:6f:06:
         ed:e2:8b:67:7c:91:e6:39:09:4f:80:7b:83:f0:38:64:85:38:
         63:fa:a5:9d:04:70:98:70:26:cb:78:e0:fa:62:38:cb:5e:40:
         dc:8f:f6:2a:56:9c:76:26:71:12:54:3e:54:b9:b4:65:20:4f:
         35:cb:ba:f0:1a:a0:6f:b2:6a:65:f4:85:fe:91:c4:2e:51:c9:
         19:b0:3d:a1:32:98:cb:f7:a2:1f:c5:02:c6:9a:0a:cf:59:25:
         42:24:93:e1:69:35:84:a2:f6:39:dc:f8:20:b8:84:a2:75:99:
         1c:9d:c9:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFl9NXfuPz85oI/6YogAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwMzEyMTYwMDUzWhcNMjUwMzEzMTYwMDUzWjAzMTEwLwYDVQQD
Eyg1ZDJlNDljM2JjY2Y4NWMwMzgyMDY4NjExM2E1MjdkYWU5OTU1N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2c0ZIGHsbNKvhd7t8diV/W6mykXS
+yvGwlsU6DFkwqoxgwtEGnT5Bh1oRSiMMSIVS+V14Bcen8tHhQnxr8V4blk4si6T
G+wmEyZS9FRUpvhfCLUdpz48y7vTBTU8AuPvu0AyeoYmS8lzHqX/5uex0nicCGfN
RegA5satZTX/VdzST1ItE1T7WBo9W8/isa70yBXpfkfNn9nBLxZ8P2lQqMyAKCRu
MRWkIKCQ6eRK9bjPuo/gQqqnBorwokv0X/NGn6LvYMjyNZdQV0tHAjKxwIVZF7AU
H+TMasi5jlojMoWvHcKETUIgHIoxeBeXlaiMjoEZEwkYylRjWTgno567fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0uScO8z4XAOCBoYROlJ9rplVfyMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAunMWmIbp
pZ9tHaqfLnxrT683viY16HDog9kwhN6rdC3zjs14gkjnS5NhKDmvpVlPmt15P3bL
qcbkn87ClFssRZpUq0Hoh6cyzy96CT1Ag9I/5tSdTy6P+yndBrG1aebvahA6tuFd
tV+oZe9gCwsfQt2/LdE0518dFMBwhLZafYQOeQWJVbbtueYV5zpd/m8G7eKLZ3yR
5jkJT4B7g/A4ZIU4Y/qlnQRwmHAmy3jg+mI4y15A3I/2KlacdiZxElQ+VLm0ZSBP
Ncu68Bqgb7JqZfSF/pHELlHJGbA9oTKYy/eiH8UCxpoKz1klQiST4Wk1hKL2Odz4
ILiEonWZHJ3J/Q==
-----END CERTIFICATE-----