Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
File:                     St2XYC4ZGOerwfYtz9TaynNJmz4.mft (raw, json)
Hash identifier:          +T3MacVuQhZjvly6RgaDdLhYkCaypi908UdYsAH+IJI=
Subject key identifier:   2A:45:83:5B:05:C0:26:60:2D:6D:3E:88:7C:9D:7A:34:1E:6F:8E:9A
Authority key identifier: 4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E
Certificate issuer:       /CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
Certificate serial:       019653B6D90C779C3FB171A9C4D5102AC7F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
Manifest number:          69
Signing time:             Sun 20 Apr 2025 15:00:14 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:14 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:14 +0000
Files and hashes:         1: St2XYC4ZGOerwfYtz9TaynNJmz4.crl (hash: fs3kzMySQlQ5R0p1+xmo6zdWRxYrLobodI8kXCfwUuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b6:d9:0c:77:9c:3f:b1:71:a9:c4:d5:10:2a:c7:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
        Validity
            Not Before: Apr 20 15:00:14 2025 GMT
            Not After : Apr 21 15:00:14 2025 GMT
        Subject: CN=2a45835b05c026602d6d3e887c9d7a341e6f8e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:34:0c:57:04:bc:bc:60:21:13:f6:1a:3e:1b:
                    3d:1c:a7:77:5f:62:31:96:9b:0c:29:c2:92:cf:27:
                    7b:32:c4:99:8d:4c:58:79:3a:4a:3f:cb:c1:96:ff:
                    c3:3a:5f:ed:f9:83:01:c8:5e:3a:99:f0:02:a2:ba:
                    05:be:14:9f:a3:4d:fc:99:4d:64:19:71:62:e9:02:
                    c6:21:4e:b1:e0:08:7b:57:69:4d:71:91:df:4a:27:
                    5d:c8:2c:97:38:2e:1d:8f:bd:8e:35:56:85:bc:7d:
                    ac:2f:b5:07:2f:fc:7b:ef:26:6f:ae:de:b8:79:26:
                    bb:5f:85:c5:6f:e5:2c:c5:bf:1a:ec:79:46:08:84:
                    eb:28:7e:0a:3c:8c:3f:67:f9:f4:d9:6f:fd:3e:a3:
                    00:b6:58:24:96:99:4d:ab:cc:68:45:62:7c:0d:5b:
                    47:8b:66:ad:ed:07:8f:4d:1d:22:a7:c4:aa:37:c2:
                    a5:ad:08:51:b4:c6:6b:d1:0e:60:57:a5:d1:31:9f:
                    c4:1c:da:e4:b8:b2:65:dc:0e:ce:96:99:4a:78:39:
                    f8:c9:a9:6b:78:6b:19:36:b0:93:7f:8c:32:6e:88:
                    e9:29:62:b7:c2:96:ff:ef:0d:56:36:d0:1e:fe:89:
                    e2:84:fd:f5:dd:27:2e:fa:04:9f:0f:c8:c6:3d:98:
                    9c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:45:83:5B:05:C0:26:60:2D:6D:3E:88:7C:9D:7A:34:1E:6F:8E:9A
            X509v3 Authority Key Identifier:
                keyid:4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:b5:b1:c6:6f:a9:94:60:9c:1d:a0:a5:98:58:65:81:14:d0:
         d1:2e:40:e9:b1:59:ab:3f:87:d7:04:69:bf:8a:0f:23:aa:03:
         11:25:d5:96:e8:00:e5:76:73:70:94:c4:31:61:82:96:db:3b:
         23:30:1e:05:00:f2:45:48:55:dd:b8:c9:29:27:11:5d:83:3a:
         84:e6:74:ac:41:6d:cd:f1:ba:71:d0:ca:26:49:96:44:ff:25:
         f8:63:56:f6:ac:a3:c8:57:d3:ce:cb:2f:8c:81:26:42:6b:83:
         d5:a1:29:8d:50:d3:52:ae:61:8f:e4:49:c7:ca:f5:95:95:40:
         4b:40:26:8b:d5:99:cb:40:16:73:10:64:2c:3f:93:07:0f:0c:
         19:b3:16:39:65:93:17:34:6a:1a:0a:91:1f:c7:21:d9:90:a9:
         87:4f:b2:17:21:c2:0e:0d:52:42:3e:08:f3:73:71:cd:fd:95:
         95:7e:5d:1c:cf:d1:f6:67:67:c2:a8:99:c7:f3:40:54:c4:6e:
         f9:3a:5b:92:ed:1c:f6:ce:3c:6e:f9:0c:18:11:47:31:f5:25:
         3a:5e:58:34:8f:84:cb:b1:6c:9b:a5:bf:1b:14:0e:e1:17:11:
         1c:4b:9a:13:30:88:25:86:f3:21:1d:f8:aa:79:03:d2:36:4b:
         92:27:97:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTttkMd5w/sXGpxNUQKsfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGQ5NzYwMmUxOTE4ZTdhYmMxZjYyZGNmZDRkYWNhNzM0
OTliM2UwHhcNMjUwNDIwMTUwMDE0WhcNMjUwNDIxMTUwMDE0WjAzMTEwLwYDVQQD
EygyYTQ1ODM1YjA1YzAyNjYwMmQ2ZDNlODg3YzlkN2EzNDFlNmY4ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jQMVwS8vGAhE/YaPhs9HKd3X2Ix
lpsMKcKSzyd7MsSZjUxYeTpKP8vBlv/DOl/t+YMByF46mfACoroFvhSfo038mU1k
GXFi6QLGIU6x4Ah7V2lNcZHfSiddyCyXOC4dj72ONVaFvH2sL7UHL/x77yZvrt64
eSa7X4XFb+Usxb8a7HlGCITrKH4KPIw/Z/n02W/9PqMAtlgklplNq8xoRWJ8DVtH
i2at7QePTR0ip8SqN8KlrQhRtMZr0Q5gV6XRMZ/EHNrkuLJl3A7OlplKeDn4yalr
eGsZNrCTf4wybojpKWK3wpb/7w1WNtAe/onihP313Scu+gSfD8jGPZicbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpFg1sFwCZgLW0+iHydejQeb46aMB8GA1UdIwQY
MBaAFErdl2AuGRjnq8H2Lc/U2spzSZs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUt
MTJlNWU4MTczMjAxLzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUtMTJlNWU4MTczMjAx
LzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLWxxm+p
lGCcHaClmFhlgRTQ0S5A6bFZqz+H1wRpv4oPI6oDESXVlugA5XZzcJTEMWGClts7
IzAeBQDyRUhV3bjJKScRXYM6hOZ0rEFtzfG6cdDKJkmWRP8l+GNW9qyjyFfTzssv
jIEmQmuD1aEpjVDTUq5hj+RJx8r1lZVAS0Ami9WZy0AWcxBkLD+TBw8MGbMWOWWT
FzRqGgqRH8ch2ZCph0+yFyHCDg1SQj4I83Nxzf2VlX5dHM/R9mdnwqiZx/NAVMRu
+Tpbku0c9s48bvkMGBFHMfUlOl5YNI+Ey7Fsm6W/GxQO4RcRHEuaEzCIJYbzIR34
qnkD0jZLkieXkA==
-----END CERTIFICATE-----