Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          c7ynrGUwyBjGPg8zQLI2itS7Q0a+CtDmsx/2I1Vaa44=
Subject key identifier:   A4:D4:06:B3:80:5A:A2:05:08:1E:F2:11:60:10:8A:6C:F1:FE:C5:EE
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       0196138F9EA39AECE722527F37682F9CDF21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          14D9
Signing time:             Tue 08 Apr 2025 04:01:41 +0000
Manifest this update:     Tue 08 Apr 2025 04:01:41 +0000
Manifest next update:     Wed 09 Apr 2025 04:01:41 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: c6MEiSsE5eJ59OitTxod5YY013mrCFeBbS/2yZcp95A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Apr 2025 04:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:13:8f:9e:a3:9a:ec:e7:22:52:7f:37:68:2f:9c:df:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Apr  8 04:01:41 2025 GMT
            Not After : Apr  9 04:01:41 2025 GMT
        Subject: CN=a4d406b3805aa205081ef21160108a6cf1fec5ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:03:85:0e:81:e0:0b:b0:1a:5c:98:df:1d:f3:
                    d2:4e:06:9c:a7:44:e1:4f:88:bf:ff:df:8e:88:1b:
                    1e:26:50:42:ed:52:80:ef:68:24:58:4a:1b:37:47:
                    cc:76:42:76:d8:c2:be:a4:28:da:67:69:05:16:77:
                    ed:e8:6a:e8:6c:23:98:79:18:75:6d:1b:89:8a:80:
                    51:a8:4e:ce:66:f5:85:36:7a:34:10:aa:4e:e5:2b:
                    67:84:5a:dc:ce:ec:18:39:9c:b7:54:21:65:bc:6f:
                    e4:fd:e3:be:34:77:69:f6:d3:03:25:a7:7c:29:af:
                    4a:64:79:be:39:74:66:f2:42:6e:37:48:30:16:df:
                    11:e9:0a:0a:03:8a:f1:d7:55:b0:9d:5f:5a:3a:7e:
                    65:74:03:22:e0:ed:3f:24:67:63:db:8b:2a:ee:e2:
                    55:5d:08:58:9e:62:d7:9d:a1:84:8b:13:cb:0c:a4:
                    01:53:fe:5f:b1:c5:93:a8:c9:02:90:26:91:32:b2:
                    b2:62:97:85:b5:5d:61:8c:13:f1:d1:6a:14:ca:f1:
                    a0:9e:6a:cd:dd:58:83:9d:37:61:84:13:5d:98:c6:
                    a9:b0:61:10:28:35:ae:fd:88:a5:f0:d8:ab:02:13:
                    f4:80:54:10:71:58:2b:c4:b8:89:0b:6e:db:f7:9b:
                    b8:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D4:06:B3:80:5A:A2:05:08:1E:F2:11:60:10:8A:6C:F1:FE:C5:EE
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:ad:92:8a:59:1c:3d:8c:50:98:cc:02:fc:78:ed:62:95:ca:
         98:fc:f5:28:d1:46:25:e9:3a:93:28:30:52:7c:2b:23:da:8e:
         02:6f:c9:9f:19:53:b2:2a:33:8a:dc:e5:34:32:da:f4:2b:17:
         d7:ff:fb:0c:47:96:98:91:78:1b:14:bf:f2:a5:ae:6d:e4:ae:
         03:1f:4b:43:f6:a2:cd:7b:92:85:a5:86:19:53:4e:ff:7c:8a:
         cd:5f:d9:60:82:dd:53:80:0a:35:d6:6a:6b:af:75:da:6e:cc:
         96:95:4e:29:7c:8b:48:10:52:cd:29:26:64:06:05:8a:e2:d0:
         5e:d1:98:eb:7c:de:b8:a7:3f:b6:0c:96:01:88:2f:2e:75:6c:
         ab:5a:8a:03:31:9a:3c:03:cf:b3:73:b6:b1:0f:06:bd:92:57:
         81:0d:36:72:74:6b:83:a4:e7:a8:cb:b8:73:12:8c:50:8c:41:
         62:8c:8b:3a:63:b4:9e:b1:91:76:68:3c:19:c1:8b:48:55:6f:
         34:9f:f8:d8:82:c2:e1:14:b6:2b:74:da:16:f8:38:c5:a4:c6:
         ef:7f:fe:64:3a:f0:9f:e8:ad:9e:5e:fd:44:c0:fa:d4:2c:2f:
         a4:ea:cb:47:fb:ab:de:d3:87:5e:ab:0e:c9:52:44:c7:da:fc:
         5c:28:69:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYTj56jmuznIlJ/N2gvnN8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNDA4MDQwMTQxWhcNMjUwNDA5MDQwMTQxWjAzMTEwLwYDVQQD
EyhhNGQ0MDZiMzgwNWFhMjA1MDgxZWYyMTE2MDEwOGE2Y2YxZmVjNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAOFDoHgC7AaXJjfHfPSTgacp0Th
T4i//9+OiBseJlBC7VKA72gkWEobN0fMdkJ22MK+pCjaZ2kFFnft6GrobCOYeRh1
bRuJioBRqE7OZvWFNno0EKpO5StnhFrczuwYOZy3VCFlvG/k/eO+NHdp9tMDJad8
Ka9KZHm+OXRm8kJuN0gwFt8R6QoKA4rx11WwnV9aOn5ldAMi4O0/JGdj24sq7uJV
XQhYnmLXnaGEixPLDKQBU/5fscWTqMkCkCaRMrKyYpeFtV1hjBPx0WoUyvGgnmrN
3ViDnTdhhBNdmMapsGEQKDWu/Yil8NirAhP0gFQQcVgrxLiJC27b95u4BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTUBrOAWqIFCB7yEWAQimzx/sXuMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAba2Silkc
PYxQmMwC/HjtYpXKmPz1KNFGJek6kygwUnwrI9qOAm/JnxlTsiozitzlNDLa9CsX
1//7DEeWmJF4GxS/8qWubeSuAx9LQ/aizXuShaWGGVNO/3yKzV/ZYILdU4AKNdZq
a6912m7MlpVOKXyLSBBSzSkmZAYFiuLQXtGY63zeuKc/tgyWAYgvLnVsq1qKAzGa
PAPPs3O2sQ8GvZJXgQ02cnRrg6TnqMu4cxKMUIxBYoyLOmO0nrGRdmg8GcGLSFVv
NJ/42ILC4RS2K3TaFvg4xaTG73/+ZDrwn+itnl79RMD61CwvpOrLR/ur3tOHXqsO
yVJEx9r8XChpaQ==
-----END CERTIFICATE-----