Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          elBevA1n4TnMQj49K6CxMm9beU9cWlBlLzBmAMDo6Xs=
Subject key identifier:   A4:3C:01:3A:0B:EB:C0:5C:99:A3:FC:65:A8:A1:52:E2:C8:0D:59:12
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       0197469ECECCD320F3789167747CF2D5109A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 19:01:42 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:42 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:42 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: cfs3+IVpJYhjX8hgcW0KZjz8hbFsiONtm8pOWKUslug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:ce:cc:d3:20:f3:78:91:67:74:7c:f2:d5:10:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Jun  6 19:01:42 2025 GMT
            Not After : Jun  7 19:01:42 2025 GMT
        Subject: CN=a43c013a0bebc05c99a3fc65a8a152e2c80d5912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a8:e1:08:aa:53:dc:24:4a:fd:ea:c1:af:c8:
                    3a:2e:b0:34:44:3a:e3:9a:93:90:f7:54:99:4d:77:
                    64:fc:ec:2a:d0:3a:a1:db:37:d6:e5:e4:6c:fb:85:
                    fd:4b:e2:67:ef:07:26:6f:2f:21:0c:ae:4c:dd:d8:
                    ef:72:b2:7c:1e:40:df:08:64:86:37:f0:af:94:31:
                    68:20:9e:fa:0d:6b:5a:ca:3c:97:99:a1:fe:85:46:
                    4b:00:eb:bd:cd:32:a4:fd:ef:d3:60:2b:e1:50:0b:
                    d1:26:05:67:05:a8:4b:02:0e:3a:30:0f:de:1e:94:
                    5d:8a:79:e9:14:49:89:0c:60:50:f4:e1:b3:37:b8:
                    c2:7f:0c:30:f5:d3:10:1d:c5:d4:70:25:74:8b:2b:
                    33:a0:43:be:72:2d:16:c4:8a:b6:63:3c:6f:26:4c:
                    2c:32:73:66:2f:71:1e:1c:74:d0:cf:6d:df:34:4d:
                    fd:ea:dd:8b:f9:84:b6:3e:40:68:48:25:c4:bc:0c:
                    27:ae:52:59:f5:b7:b4:f8:37:f5:9d:0d:5c:86:98:
                    fa:bf:e9:9f:11:a3:1a:84:d3:42:f4:ad:db:16:0f:
                    20:db:ef:f7:41:f9:ce:04:a7:f3:9f:e3:b3:47:51:
                    07:40:4f:10:79:ec:47:8e:eb:b0:a3:b3:c1:cf:5a:
                    c7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:3C:01:3A:0B:EB:C0:5C:99:A3:FC:65:A8:A1:52:E2:C8:0D:59:12
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:f6:44:56:ef:a1:90:06:a3:9f:7e:0e:8e:ba:3e:3d:c8:d5:
         c9:e3:27:51:88:d0:3b:b5:c1:94:b8:9e:aa:90:e2:5c:86:97:
         19:b8:f3:18:10:eb:8e:25:ef:1c:8e:90:24:dc:92:b3:5b:b3:
         7c:d9:36:f2:41:aa:50:12:74:44:e9:a6:ac:74:44:d5:01:64:
         d1:d7:1b:e7:d9:6e:5a:72:45:71:b4:95:d7:60:75:1b:d7:a7:
         e5:29:d4:39:ed:ce:52:85:a9:b6:da:e5:47:b5:8d:9d:76:ce:
         a9:71:1d:ce:c9:1f:5a:7f:be:a1:1b:aa:a8:37:2e:99:ec:c5:
         fb:34:09:e8:09:99:c8:b9:0a:c8:c7:52:26:0f:4d:7e:35:c1:
         9f:20:3b:ec:91:34:25:28:dd:4e:cf:b8:2e:16:74:4f:bf:69:
         15:d8:26:56:73:af:a7:ca:90:25:3a:5c:c1:e6:f8:49:4b:2e:
         b9:c0:5c:fc:7d:7d:73:06:4f:53:cc:b4:c6:ce:0a:b8:1a:6c:
         e4:fe:e8:b2:68:00:a9:b0:2c:f5:1f:3b:99:89:22:f2:bc:8f:
         b1:2d:55:2d:dc:f2:f9:4a:ff:10:30:a9:f1:a4:e9:6c:21:53:
         1e:bf:86:1d:e6:10:a0:e3:f8:bb:04:0e:7a:0a:be:ca:5a:55:
         7a:46:5d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGns7M0yDzeJFndHzy1RCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjUwNjA2MTkwMTQyWhcNMjUwNjA3MTkwMTQyWjAzMTEwLwYDVQQD
EyhhNDNjMDEzYTBiZWJjMDVjOTlhM2ZjNjVhOGExNTJlMmM4MGQ1OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6jhCKpT3CRK/erBr8g6LrA0RDrj
mpOQ91SZTXdk/Owq0Dqh2zfW5eRs+4X9S+Jn7wcmby8hDK5M3djvcrJ8HkDfCGSG
N/CvlDFoIJ76DWtayjyXmaH+hUZLAOu9zTKk/e/TYCvhUAvRJgVnBahLAg46MA/e
HpRdinnpFEmJDGBQ9OGzN7jCfwww9dMQHcXUcCV0iyszoEO+ci0WxIq2YzxvJkws
MnNmL3EeHHTQz23fNE396t2L+YS2PkBoSCXEvAwnrlJZ9be0+Df1nQ1chpj6v+mf
EaMahNNC9K3bFg8g2+/3QfnOBKfzn+OzR1EHQE8QeexHjuuwo7PBz1rHDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQ8AToL68BcmaP8ZaihUuLIDVkSMB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPvZEVu+h
kAajn34Ojro+PcjVyeMnUYjQO7XBlLieqpDiXIaXGbjzGBDrjiXvHI6QJNySs1uz
fNk28kGqUBJ0ROmmrHRE1QFk0dcb59luWnJFcbSV12B1G9en5SnUOe3OUoWpttrl
R7WNnXbOqXEdzskfWn++oRuqqDcumezF+zQJ6AmZyLkKyMdSJg9NfjXBnyA77JE0
JSjdTs+4LhZ0T79pFdgmVnOvp8qQJTpcweb4SUsuucBc/H19cwZPU8y0xs4KuBps
5P7osmgAqbAs9R87mYki8ryPsS1VLdzy+Ur/EDCp8aTpbCFTHr+GHeYQoOP4uwQO
egq+ylpVekZdBg==
-----END CERTIFICATE-----