Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          hA4Gk+rDQjqJVViMGdcZvE/cNDa3BSx1gcvB2Eo+uJw=
Subject key identifier:   DF:7F:A7:6B:92:D2:A8:B1:07:44:56:2A:27:D7:DE:88:6A:F1:80:3A
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       01964BFE07A36038D3BEE31B0F3D18CE698B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          017F
Signing time:             Sat 19 Apr 2025 03:01:01 +0000
Manifest this update:     Sat 19 Apr 2025 03:01:01 +0000
Manifest next update:     Sun 20 Apr 2025 03:01:01 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: 7iEbgGi1kWB5RsigVwJ/xjxgdbRNy7/TgSb4+Iyf18o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 03:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:fe:07:a3:60:38:d3:be:e3:1b:0f:3d:18:ce:69:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Apr 19 03:01:01 2025 GMT
            Not After : Apr 20 03:01:01 2025 GMT
        Subject: CN=df7fa76b92d2a8b10744562a27d7de886af1803a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:19:42:1d:67:7e:26:82:a1:44:55:ad:48:3a:
                    b1:4c:99:43:98:1e:62:2d:7b:c6:3c:ab:27:66:c6:
                    d4:94:0e:fb:e3:e5:a7:52:b4:67:8d:aa:30:5b:56:
                    d2:44:e8:b5:6d:ae:e6:7b:4a:ba:90:ae:7e:b2:bd:
                    63:08:0f:e8:a9:9b:3f:9a:a2:2d:90:c6:62:d7:cb:
                    a2:ed:65:8e:b3:9d:5b:d1:dd:aa:36:16:92:b9:aa:
                    db:b4:06:c9:58:4f:4f:2d:ce:da:0c:da:3c:ea:b2:
                    45:17:82:91:15:37:b5:1a:fb:71:b6:20:a4:ce:79:
                    40:b1:1d:b2:45:50:9e:56:c9:12:f7:bb:4b:a5:0d:
                    c4:82:2b:e4:57:71:fc:0d:cd:de:b5:e5:bb:a1:b0:
                    21:cd:0b:41:4b:88:86:2a:76:ef:f1:8c:bb:1d:e2:
                    44:fb:eb:bf:06:a0:d3:5a:6e:ff:f6:b5:4f:19:a2:
                    bd:9f:70:d3:c0:fb:fe:fe:f8:64:92:e7:c7:e8:ff:
                    ba:96:1c:f7:e6:35:97:0c:19:11:fa:5f:d8:70:68:
                    7e:a8:02:98:10:17:c1:54:91:1f:f0:16:bd:c2:87:
                    b3:76:0a:0f:8b:6b:ce:07:0a:0b:ca:b7:2b:68:cb:
                    95:b8:0d:91:53:50:5d:e7:40:2a:71:19:98:a3:d5:
                    84:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:7F:A7:6B:92:D2:A8:B1:07:44:56:2A:27:D7:DE:88:6A:F1:80:3A
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:28:ed:65:29:42:a9:7e:ec:c5:76:79:cc:b4:b1:c2:82:2d:
         b2:d2:48:81:86:69:55:a9:0f:dd:c1:d9:11:58:05:24:63:f1:
         46:d6:98:92:cf:8e:b9:49:7e:41:c6:58:88:19:10:74:73:76:
         13:5f:e3:78:2c:9d:91:78:c5:57:eb:c1:60:5b:28:0b:50:8c:
         54:57:a7:ee:10:07:b7:a1:08:a2:d7:35:3f:f7:3f:27:da:ea:
         eb:b4:7a:12:1d:5e:9a:2f:f1:51:2a:68:1c:67:ab:61:61:a0:
         17:ca:12:01:0f:0c:84:23:ff:f9:99:0e:82:3a:bd:03:ea:71:
         0f:70:23:b1:2c:08:3d:ef:cd:40:26:ec:ba:d2:73:7c:ca:16:
         6a:70:e4:05:1d:0c:ca:f4:bd:f7:00:2c:1d:b6:25:01:cc:a3:
         65:41:38:84:08:86:9e:9a:19:b5:34:b7:ca:99:df:7c:ce:49:
         f7:8f:62:c4:ad:cb:52:3a:e8:fe:25:d5:bf:77:da:9c:e4:f4:
         e4:89:da:41:20:22:ea:ee:fe:ed:9c:da:01:70:4a:f8:91:fd:
         6b:e8:1a:31:26:b0:6e:cb:c0:a0:49:c2:e4:9d:64:63:85:2a:
         24:08:f9:34:04:98:9e:b3:85:71:fb:45:b4:b2:d7:cf:63:57:
         b7:24:91:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/gejYDjTvuMbDz0YzmmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUwNDE5MDMwMTAxWhcNMjUwNDIwMDMwMTAxWjAzMTEwLwYDVQQD
EyhkZjdmYTc2YjkyZDJhOGIxMDc0NDU2MmEyN2Q3ZGU4ODZhZjE4MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRlCHWd+JoKhRFWtSDqxTJlDmB5i
LXvGPKsnZsbUlA774+WnUrRnjaowW1bSROi1ba7me0q6kK5+sr1jCA/oqZs/mqIt
kMZi18ui7WWOs51b0d2qNhaSuarbtAbJWE9PLc7aDNo86rJFF4KRFTe1GvtxtiCk
znlAsR2yRVCeVskS97tLpQ3EgivkV3H8Dc3eteW7obAhzQtBS4iGKnbv8Yy7HeJE
++u/BqDTWm7/9rVPGaK9n3DTwPv+/vhkkufH6P+6lhz35jWXDBkR+l/YcGh+qAKY
EBfBVJEf8Ba9woezdgoPi2vOBwoLyrcraMuVuA2RU1Bd50AqcRmYo9WEAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9/p2uS0qixB0RWKifX3ohq8YA6MB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAACjtZSlC
qX7sxXZ5zLSxwoItstJIgYZpVakP3cHZEVgFJGPxRtaYks+OuUl+QcZYiBkQdHN2
E1/jeCydkXjFV+vBYFsoC1CMVFen7hAHt6EIotc1P/c/J9rq67R6Eh1emi/xUSpo
HGerYWGgF8oSAQ8MhCP/+ZkOgjq9A+pxD3AjsSwIPe/NQCbsutJzfMoWanDkBR0M
yvS99wAsHbYlAcyjZUE4hAiGnpoZtTS3ypnffM5J949ixK3LUjro/iXVv3fanOT0
5InaQSAi6u7+7ZzaAXBK+JH9a+gaMSawbsvAoEnC5J1kY4UqJAj5NASYnrOFcftF
tLLXz2NXtySRMg==
-----END CERTIFICATE-----