Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          flmwOrb5ukxLXeTSd77g9AK7ipgD05NfB0YBOJ7l+RI=
Subject key identifier:   F2:B5:C3:35:6D:DC:03:6A:05:A3:2B:9C:26:9A:CE:18:C2:7D:45:73
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       01965B7065A25AE56602C94D224A79A35C5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          0831
Signing time:             Tue 22 Apr 2025 03:00:14 +0000
Manifest this update:     Tue 22 Apr 2025 03:00:14 +0000
Manifest next update:     Wed 23 Apr 2025 03:00:14 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: 87qzByxwY8vwHR1eoQ96HGoh9PXgifv+dQzlVlnPExo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 03:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:70:65:a2:5a:e5:66:02:c9:4d:22:4a:79:a3:5c:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Apr 22 03:00:14 2025 GMT
            Not After : Apr 23 03:00:14 2025 GMT
        Subject: CN=f2b5c3356ddc036a05a32b9c269ace18c27d4573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d5:0e:20:7a:23:23:5a:93:19:44:9f:46:58:
                    17:54:0a:73:53:15:72:a3:73:0a:cf:84:69:63:5c:
                    a8:77:6e:13:46:09:28:88:91:15:02:f3:a6:65:33:
                    f1:3c:09:55:85:9f:88:2d:20:e3:f1:95:17:d0:32:
                    d7:49:db:6b:57:91:d1:2c:09:54:c7:3e:ef:0a:f0:
                    0d:dc:03:d9:c7:ff:ff:51:b2:25:a4:46:2e:11:34:
                    6f:af:7f:23:d5:94:22:bc:77:04:2e:2a:39:25:ef:
                    a3:db:60:6d:0b:3f:a0:6c:98:d7:1f:d9:e1:bf:97:
                    0c:5a:84:9e:9d:ee:20:93:fe:20:fd:9e:61:0a:7e:
                    f0:de:2c:02:60:88:63:37:54:0c:68:1c:29:81:bc:
                    ea:5f:f7:0d:96:2e:98:4f:60:ed:f0:a7:3d:28:35:
                    b8:94:65:d8:0d:b8:33:0f:68:38:22:a7:e5:89:02:
                    7f:bf:1a:c8:2e:b7:92:49:f0:75:44:80:b4:8b:ef:
                    e4:56:ec:6b:44:68:1e:b1:f6:aa:75:93:e6:20:b4:
                    31:21:03:7a:79:9b:2c:af:53:d9:40:53:4e:67:44:
                    36:b9:07:61:f9:3c:20:a9:f6:67:35:f7:10:01:9a:
                    50:2b:df:21:1f:0d:68:b6:5c:21:5c:f2:bc:fc:30:
                    ef:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:B5:C3:35:6D:DC:03:6A:05:A3:2B:9C:26:9A:CE:18:C2:7D:45:73
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:3f:df:a8:c2:49:6d:1d:52:df:a6:1a:47:bf:f1:92:81:b9:
         c6:7d:73:f3:35:88:28:66:95:7c:c7:b0:26:d3:fa:b7:c9:35:
         9f:dc:bb:75:d2:6a:85:d7:df:aa:e7:7c:b0:e6:86:c7:8c:23:
         cb:79:6e:1f:31:e8:76:d9:0c:8e:48:ca:a2:26:f5:e8:b0:b2:
         f2:ea:2c:4b:4c:65:fc:4e:1a:bc:56:1f:f4:8a:4a:5a:f0:a3:
         68:3d:67:ca:5c:7a:d7:5a:d6:12:d2:7b:9e:48:92:39:21:ae:
         cb:af:c1:e0:95:a6:5e:80:fd:73:30:1c:6e:05:87:e5:1d:3d:
         b5:c5:74:0b:92:61:dc:30:64:6c:9d:d1:1b:ab:46:59:9b:05:
         18:a9:ac:d4:48:9c:3a:8e:a8:7f:3d:d6:64:c0:d7:bb:c3:cf:
         8f:37:af:90:9e:63:00:8b:44:48:ce:49:a8:2b:41:aa:d7:3f:
         29:65:87:71:c5:81:34:c0:c4:dd:95:33:51:e8:7b:f0:77:19:
         77:0e:99:81:ee:4d:c0:16:7d:e6:1b:d1:65:9f:39:19:5d:3f:
         20:2f:aa:f1:66:a1:6e:14:fa:8a:77:2b:06:5a:1b:0f:0a:65:
         cc:36:e6:11:a8:8d:e5:34:79:45:34:9a:be:aa:56:8b:97:8a:
         4f:f7:45:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbcGWiWuVmAslNIkp5o1xcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjUwNDIyMDMwMDE0WhcNMjUwNDIzMDMwMDE0WjAzMTEwLwYDVQQD
EyhmMmI1YzMzNTZkZGMwMzZhMDVhMzJiOWMyNjlhY2UxOGMyN2Q0NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtUOIHojI1qTGUSfRlgXVApzUxVy
o3MKz4RpY1yod24TRgkoiJEVAvOmZTPxPAlVhZ+ILSDj8ZUX0DLXSdtrV5HRLAlU
xz7vCvAN3APZx///UbIlpEYuETRvr38j1ZQivHcELio5Je+j22BtCz+gbJjXH9nh
v5cMWoSene4gk/4g/Z5hCn7w3iwCYIhjN1QMaBwpgbzqX/cNli6YT2Dt8Kc9KDW4
lGXYDbgzD2g4IqfliQJ/vxrILreSSfB1RIC0i+/kVuxrRGgesfaqdZPmILQxIQN6
eZssr1PZQFNOZ0Q2uQdh+TwgqfZnNfcQAZpQK98hHw1otlwhXPK8/DDvwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPK1wzVt3ANqBaMrnCaazhjCfUVzMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkT/fqMJJ
bR1S36YaR7/xkoG5xn1z8zWIKGaVfMewJtP6t8k1n9y7ddJqhdffqud8sOaGx4wj
y3luHzHodtkMjkjKoib16LCy8uosS0xl/E4avFYf9IpKWvCjaD1nylx611rWEtJ7
nkiSOSGuy6/B4JWmXoD9czAcbgWH5R09tcV0C5Jh3DBkbJ3RG6tGWZsFGKms1Eic
Oo6ofz3WZMDXu8PPjzevkJ5jAItESM5JqCtBqtc/KWWHccWBNMDE3ZUzUeh78HcZ
dw6Zge5NwBZ95hvRZZ85GV0/IC+q8WahbhT6incrBlobDwplzDbmEaiN5TR5RTSa
vqpWi5eKT/dFXA==
-----END CERTIFICATE-----