Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          h2/V1z5fVNR3U6GjRL5+XYGCirMHQgO8nJ06jBx0ZBY=
Subject key identifier:   7D:48:6D:8D:74:CA:05:64:0C:8E:9A:E4:EC:D5:C6:7C:DF:63:57:7C
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       01976E505AE725439CD4F3D4F8CDF64A4B34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          1E
Signing time:             Sat 14 Jun 2025 12:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 12:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 12:00:49 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: PENkCemvX0/kVWwdy3JMSrVWVys96VgtWGLNXR9o1mQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:5a:e7:25:43:9c:d4:f3:d4:f8:cd:f6:4a:4b:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Jun 14 12:00:49 2025 GMT
            Not After : Jun 15 12:00:49 2025 GMT
        Subject: CN=7d486d8d74ca05640c8e9ae4ecd5c67cdf63577c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:77:e7:d7:1d:bc:7b:58:2b:33:25:f4:cc:b2:
                    f5:2a:31:15:1f:55:71:02:09:8f:72:3c:ad:0d:35:
                    e7:e3:29:1e:d2:d3:b6:7d:f9:46:78:a8:09:56:06:
                    9d:54:31:22:ab:f7:7e:d9:fa:96:9a:f2:37:5c:4e:
                    ce:9b:2b:cd:8e:0c:55:7e:97:e4:65:5b:23:c0:25:
                    c2:38:1f:f3:36:fa:80:d0:28:db:73:80:db:51:b1:
                    ae:52:13:9d:a0:ef:5c:e1:1c:79:22:c1:f7:5d:c0:
                    ee:7e:55:b5:96:a3:bf:66:ef:34:dd:0b:69:fb:04:
                    15:85:64:46:f5:b2:64:5f:8b:80:9c:ab:e9:e8:2c:
                    aa:af:ee:4f:ac:e2:af:a7:19:20:0f:38:91:b1:13:
                    14:af:66:64:d2:a2:f5:08:ab:15:84:f9:d1:ef:d7:
                    d3:41:5c:64:2e:20:9d:39:a9:c8:38:8d:0e:30:37:
                    21:68:98:38:d2:ad:71:56:3e:f4:ae:10:cd:8b:68:
                    ef:99:69:34:eb:9d:89:a1:99:71:b4:9e:56:ea:c9:
                    d1:4d:de:17:44:41:90:1e:4d:b7:12:71:23:7b:56:
                    3d:23:7e:1a:3b:69:3f:c4:02:5a:1a:79:b5:ba:76:
                    a2:f7:32:6e:a8:d8:1f:14:53:1f:fd:1b:05:de:10:
                    9a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:48:6D:8D:74:CA:05:64:0C:8E:9A:E4:EC:D5:C6:7C:DF:63:57:7C
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:a5:ef:7f:7f:67:89:95:33:47:5c:2e:3a:e5:6f:a9:5f:f8:
         43:c8:9f:3b:c9:ec:e6:1f:a4:60:21:3d:fa:b7:39:0c:9b:1d:
         bb:21:55:31:e1:0f:de:19:b1:9a:46:d4:a0:2c:0c:87:13:d0:
         36:82:13:b0:6f:38:d0:59:31:80:c9:2e:14:41:5b:01:ba:76:
         2a:71:4d:cd:1f:a4:98:ad:98:f7:81:f2:19:c9:0a:5b:4c:d5:
         a1:95:a5:94:ea:9e:13:af:5c:13:3a:47:59:20:bc:19:ed:70:
         0e:f1:6a:c6:4a:16:70:91:a8:c2:2b:78:63:eb:dc:03:d8:44:
         a3:51:bb:bc:c9:dc:1a:78:c2:df:51:64:77:98:10:86:f1:30:
         14:38:25:04:0b:5f:0b:65:fe:52:82:86:73:a8:0a:0b:0b:c3:
         9e:db:c3:d0:ae:2d:95:83:6c:8b:51:53:d8:29:37:1b:1d:e1:
         d0:80:2a:c0:4b:fb:d8:50:1a:23:34:c0:34:60:eb:09:2c:9e:
         87:34:06:ab:d1:78:ff:27:db:ea:27:43:5f:46:ec:00:cb:9d:
         cf:71:29:88:05:0f:fc:f3:9a:b5:b1:0f:91:84:52:ec:83:b6:
         60:f2:97:be:8b:13:ee:73:bb:dd:10:9e:93:86:45:a4:df:3a:
         6f:d7:0a:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUFrnJUOc1PPU+M32Sks0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwNjE0MTIwMDQ5WhcNMjUwNjE1MTIwMDQ5WjAzMTEwLwYDVQQD
Eyg3ZDQ4NmQ4ZDc0Y2EwNTY0MGM4ZTlhZTRlY2Q1YzY3Y2RmNjM1NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nfn1x28e1grMyX0zLL1KjEVH1Vx
AgmPcjytDTXn4yke0tO2fflGeKgJVgadVDEiq/d+2fqWmvI3XE7OmyvNjgxVfpfk
ZVsjwCXCOB/zNvqA0Cjbc4DbUbGuUhOdoO9c4Rx5IsH3XcDuflW1lqO/Zu803Qtp
+wQVhWRG9bJkX4uAnKvp6Cyqr+5PrOKvpxkgDziRsRMUr2Zk0qL1CKsVhPnR79fT
QVxkLiCdOanIOI0OMDchaJg40q1xVj70rhDNi2jvmWk0652JoZlxtJ5W6snRTd4X
REGQHk23EnEje1Y9I34aO2k/xAJaGnm1unai9zJuqNgfFFMf/RsF3hCaTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1IbY10ygVkDI6a5OzVxnzfY1d8MB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk6Xvf39n
iZUzR1wuOuVvqV/4Q8ifO8ns5h+kYCE9+rc5DJsduyFVMeEP3hmxmkbUoCwMhxPQ
NoITsG840FkxgMkuFEFbAbp2KnFNzR+kmK2Y94HyGckKW0zVoZWllOqeE69cEzpH
WSC8Ge1wDvFqxkoWcJGowit4Y+vcA9hEo1G7vMncGnjC31Fkd5gQhvEwFDglBAtf
C2X+UoKGc6gKCwvDntvD0K4tlYNsi1FT2Ck3Gx3h0IAqwEv72FAaIzTANGDrCSye
hzQGq9F4/yfb6idDX0bsAMudz3EpiAUP/POatbEPkYRS7IO2YPKXvosT7nO73RCe
k4ZFpN86b9cKJg==
-----END CERTIFICATE-----