Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
File:                     i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json)
Hash identifier:          ZQ2c7Ubct2Y72JZ33nY8xJElqxoUHHgq/47yrxCZKqw=
Subject key identifier:   CB:7C:7C:47:87:2A:5C:E5:E7:47:B1:38:70:19:D1:E0:95:F3:DA:6D
Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24
Certificate issuer:       /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
Certificate serial:       01965492BA2A8D910B791F091726BEB90F1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
Manifest number:          09D5
Signing time:             Sun 20 Apr 2025 19:00:24 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:24 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:24 +0000
Files and hashes:         1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: L/8fYl0wWkEOQtZdesE20tEAAGNKgQh7KESCOT37m1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:ba:2a:8d:91:0b:79:1f:09:17:26:be:b9:0f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
        Validity
            Not Before: Apr 20 19:00:24 2025 GMT
            Not After : Apr 21 19:00:24 2025 GMT
        Subject: CN=cb7c7c47872a5ce5e747b1387019d1e095f3da6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:08:ca:74:ca:26:db:e0:a8:4b:57:9e:a7:2b:
                    6f:3f:80:2d:01:53:21:27:6b:b3:b5:91:c6:59:26:
                    94:c6:32:39:e7:b5:2d:fa:8b:33:39:40:55:74:fb:
                    91:e6:f1:4a:f5:16:9e:d3:ba:03:38:23:0e:71:9c:
                    16:8d:ce:f7:7b:85:36:ba:32:61:54:9c:4d:be:d8:
                    f0:e6:23:ca:93:f9:a2:74:00:47:26:d4:3e:5f:f1:
                    5d:ae:78:2e:e1:6a:52:6c:69:19:12:0e:74:d2:82:
                    0b:e1:cc:dc:9a:3b:63:0c:39:2e:a7:7d:3e:87:50:
                    10:7f:03:78:90:30:7c:d4:01:5c:5a:9c:e9:b3:69:
                    cd:d9:d7:5d:5c:a0:8d:11:81:ea:34:05:7b:39:76:
                    2b:ac:58:8f:bc:0c:d1:b6:26:c2:95:9e:f2:f2:d6:
                    a2:49:b8:27:8b:60:69:ca:3d:62:99:48:cc:8a:01:
                    ed:9e:23:12:d2:8e:52:8c:30:6a:6c:e3:26:95:6c:
                    6c:a1:38:ec:4e:9e:4b:92:8b:1d:73:1e:98:d5:3f:
                    b6:cb:c5:b0:e6:d4:61:7c:a4:69:f2:f3:14:d0:83:
                    17:2d:d4:65:eb:04:f7:e8:db:a3:f7:4e:e2:d3:ed:
                    cd:c8:92:c4:89:2f:12:dd:a9:ef:a1:fb:b1:e5:17:
                    33:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:7C:7C:47:87:2A:5C:E5:E7:47:B1:38:70:19:D1:E0:95:F3:DA:6D
            X509v3 Authority Key Identifier:
                keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:03:18:1e:02:55:7d:34:67:ce:8b:a6:eb:6f:be:cb:ac:93:
         63:10:f8:6b:61:e8:f3:a8:12:0b:30:d4:6c:12:0f:4f:d1:cc:
         37:7a:f5:ac:79:19:05:8c:2f:35:9f:33:b9:a9:5d:cc:6f:c2:
         57:d1:3c:97:db:05:5b:28:43:c1:72:ec:79:7a:86:7f:ee:f0:
         ad:92:c4:25:25:66:1d:bd:7c:a8:74:9a:e2:d4:a6:9f:2a:a8:
         5f:ef:b9:cf:ee:ba:b8:89:15:f7:e1:d3:bb:93:a8:1d:d3:bc:
         79:38:8c:17:d7:5d:7a:6f:c6:5b:61:a6:48:3c:b4:be:11:8d:
         fd:8f:56:55:bd:b3:f6:e0:b1:7e:b9:25:0e:4a:02:05:9d:0f:
         50:96:26:17:5f:0c:db:5b:2d:eb:18:9b:fe:cf:c3:8b:b1:ab:
         24:ca:78:45:8b:69:4f:9e:fd:bf:51:8a:1c:94:bb:19:14:bb:
         28:47:45:61:76:c8:dc:39:e4:94:3b:79:86:d2:80:c1:0b:65:
         f2:bd:ec:20:d7:cd:05:ec:fd:ce:76:be:89:87:23:7d:fc:69:
         30:31:3c:04:f7:f5:7a:c3:05:66:6f:fa:10:e9:39:9d:24:4e:
         b5:d3:85:09:e2:85:08:8c:d2:b7:fe:41:a3:89:6a:9c:59:c8:
         dc:3b:72:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkroqjZELeR8JFya+uQ8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh
NmI4MjQwHhcNMjUwNDIwMTkwMDI0WhcNMjUwNDIxMTkwMDI0WjAzMTEwLwYDVQQD
EyhjYjdjN2M0Nzg3MmE1Y2U1ZTc0N2IxMzg3MDE5ZDFlMDk1ZjNkYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wjKdMom2+CoS1eepytvP4AtAVMh
J2uztZHGWSaUxjI557Ut+oszOUBVdPuR5vFK9Rae07oDOCMOcZwWjc73e4U2ujJh
VJxNvtjw5iPKk/midABHJtQ+X/Fdrngu4WpSbGkZEg500oIL4czcmjtjDDkup30+
h1AQfwN4kDB81AFcWpzps2nN2dddXKCNEYHqNAV7OXYrrFiPvAzRtibClZ7y8tai
Sbgni2Bpyj1imUjMigHtniMS0o5SjDBqbOMmlWxsoTjsTp5Lkosdcx6Y1T+2y8Ww
5tRhfKRp8vMU0IMXLdRl6wT36Nuj907i0+3NyJLEiS8S3anvofux5RczxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt8fEeHKlzl50exOHAZ0eCV89ptMB8GA1UdIwQY
MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt
NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2
LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQMYHgJV
fTRnzoum62++y6yTYxD4a2Ho86gSCzDUbBIPT9HMN3r1rHkZBYwvNZ8zualdzG/C
V9E8l9sFWyhDwXLseXqGf+7wrZLEJSVmHb18qHSa4tSmnyqoX++5z+66uIkV9+HT
u5OoHdO8eTiMF9ddem/GW2GmSDy0vhGN/Y9WVb2z9uCxfrklDkoCBZ0PUJYmF18M
21st6xib/s/Di7GrJMp4RYtpT579v1GKHJS7GRS7KEdFYXbI3DnklDt5htKAwQtl
8r3sINfNBez9zna+iYcjffxpMDE8BPf1esMFZm/6EOk5nSROtdOFCeKFCIzSt/5B
o4lqnFnI3DtyKw==
-----END CERTIFICATE-----