Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
File:                     MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json)
Hash identifier:          mR7aJnzRLbL1Z3MJ1u19OdBItZE7FRUlY4yYg6fB3Qg=
Subject key identifier:   72:EC:BE:2E:EA:BE:64:F7:62:B3:29:D1:6D:5A:AB:02:9F:28:70:C3
Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9
Certificate issuer:       /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
Certificate serial:       019653EE4DC3C4E661CCA4F67C95DF9F7F0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
Manifest number:          CB
Signing time:             Sun 20 Apr 2025 16:00:48 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:48 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:48 +0000
Files and hashes:         1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: v8ApLqHdLPdnuyRZ379ChuYMXvC0yWjow3Y69an5fXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:4d:c3:c4:e6:61:cc:a4:f6:7c:95:df:9f:7f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9
        Validity
            Not Before: Apr 20 16:00:48 2025 GMT
            Not After : Apr 21 16:00:48 2025 GMT
        Subject: CN=72ecbe2eeabe64f762b329d16d5aab029f2870c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:56:ef:53:2f:8d:9f:fa:08:31:54:04:08:69:
                    9e:c2:b8:2d:76:d3:7b:a9:e7:77:79:2d:ea:66:89:
                    29:27:96:6e:42:c2:f0:66:ae:b6:35:cc:17:51:da:
                    7c:8c:74:66:ad:84:b0:9a:4f:b5:e5:4f:b9:27:95:
                    dd:fd:9c:fd:21:77:99:04:84:18:9f:62:fa:c3:c7:
                    8b:e9:22:e1:53:39:19:9a:cc:09:31:b9:45:a4:d1:
                    24:c9:99:ba:f1:21:41:f3:fe:ac:02:39:8e:3d:c5:
                    09:c6:fe:76:50:54:41:5d:f4:6d:af:4a:d1:39:59:
                    b5:d4:56:69:03:42:5c:f6:26:48:25:3f:cf:4d:7f:
                    35:da:5a:67:68:34:0b:08:52:c2:b6:df:90:35:e9:
                    15:be:26:f0:a9:67:8e:c5:60:fb:78:9e:f2:3f:ae:
                    9b:fd:c9:cd:28:4f:5a:b0:aa:f1:92:54:58:f7:03:
                    a4:8e:88:47:52:67:75:83:f0:a8:22:df:38:c7:19:
                    c0:80:51:95:c0:1f:3d:9d:e4:cd:1c:a9:a1:11:d5:
                    5a:e4:f2:ef:20:7d:bc:71:e4:56:a1:e6:ed:b4:5a:
                    8e:0f:59:2e:6b:57:4d:b2:aa:9b:c5:11:f8:b2:8a:
                    6c:a2:42:e6:fd:38:be:8c:50:3c:33:5f:50:f2:3e:
                    8e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EC:BE:2E:EA:BE:64:F7:62:B3:29:D1:6D:5A:AB:02:9F:28:70:C3
            X509v3 Authority Key Identifier:
                keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:6b:77:6a:fe:bc:5f:a8:a5:13:87:f5:11:25:41:b7:6c:cc:
         69:03:c2:45:7b:6f:07:e9:d9:43:13:f4:1c:7b:15:ae:4d:93:
         b7:07:ae:72:b2:5f:8c:3c:60:74:04:84:22:dc:89:7d:16:93:
         35:fe:6b:4c:83:42:52:5f:12:4c:9d:99:59:04:e5:d6:cd:af:
         f2:00:50:a1:69:66:78:f2:a9:1b:67:50:b4:c0:88:d3:e0:62:
         12:e7:d3:5a:d3:07:07:4a:1a:bd:19:52:2c:bb:80:9d:b1:4c:
         72:39:27:46:cc:5b:e6:ff:dd:6a:19:88:41:5a:c1:8f:e9:47:
         13:12:51:01:1e:c8:da:61:74:b5:fe:5c:59:7e:aa:25:63:24:
         c9:de:5b:a1:6b:af:01:56:0b:85:1e:55:77:c8:53:69:cc:4b:
         5b:00:41:b1:80:04:19:3c:00:08:82:c5:ec:77:ef:f6:52:36:
         30:f1:91:b6:c4:c8:b1:d3:ae:7d:1b:03:ba:6e:c6:b3:fc:28:
         19:9b:1d:01:15:6a:bf:1f:a3:dc:65:b3:ba:0c:75:e4:54:cd:
         eb:8c:90:8a:5c:94:1e:fe:f2:48:b4:83:d3:0e:fb:69:fe:0a:
         51:6d:22:2d:77:35:d6:9a:63:ad:be:42:45:04:3a:0d:fa:b7:
         32:30:e2:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7k3DxOZhzKT2fJXfn38KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh
YmJmZTkwHhcNMjUwNDIwMTYwMDQ4WhcNMjUwNDIxMTYwMDQ4WjAzMTEwLwYDVQQD
Eyg3MmVjYmUyZWVhYmU2NGY3NjJiMzI5ZDE2ZDVhYWIwMjlmMjg3MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslbvUy+Nn/oIMVQECGmewrgtdtN7
qed3eS3qZokpJ5ZuQsLwZq62NcwXUdp8jHRmrYSwmk+15U+5J5Xd/Zz9IXeZBIQY
n2L6w8eL6SLhUzkZmswJMblFpNEkyZm68SFB8/6sAjmOPcUJxv52UFRBXfRtr0rR
OVm11FZpA0Jc9iZIJT/PTX812lpnaDQLCFLCtt+QNekVvibwqWeOxWD7eJ7yP66b
/cnNKE9asKrxklRY9wOkjohHUmd1g/CoIt84xxnAgFGVwB89neTNHKmhEdVa5PLv
IH28ceRWoebttFqOD1kua1dNsqqbxRH4sopsokLm/Ti+jFA8M19Q8j6OcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLsvi7qvmT3YrMp0W1aqwKfKHDDMB8GA1UdIwQY
MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt
MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi
LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL2t3av68
X6ilE4f1ESVBt2zMaQPCRXtvB+nZQxP0HHsVrk2TtweucrJfjDxgdASEItyJfRaT
Nf5rTINCUl8STJ2ZWQTl1s2v8gBQoWlmePKpG2dQtMCI0+BiEufTWtMHB0oavRlS
LLuAnbFMcjknRsxb5v/dahmIQVrBj+lHExJRAR7I2mF0tf5cWX6qJWMkyd5boWuv
AVYLhR5Vd8hTacxLWwBBsYAEGTwACILF7Hfv9lI2MPGRtsTIsdOufRsDum7Gs/wo
GZsdARVqvx+j3GWzugx15FTN64yQilyUHv7ySLSD0w77af4KUW0iLXc11ppjrb5C
RQQ6Dfq3MjDisg==
-----END CERTIFICATE-----