Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
File:                     NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft (raw, json)
Hash identifier:          Lsod1ciVQMMejYdDUwdyAvkUJLrK7S7Lcuydxl2JbcQ=
Subject key identifier:   36:89:0D:01:06:90:22:13:01:06:D4:5B:4F:86:4D:5B:1E:A8:53:AE
Authority key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
Certificate issuer:       /CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
Certificate serial:       01958C61251B03C68C5E2A18265840C2E512
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
Manifest number:          0744
Signing time:             Wed 12 Mar 2025 22:02:11 +0000
Manifest this update:     Wed 12 Mar 2025 22:02:11 +0000
Manifest next update:     Thu 13 Mar 2025 22:02:11 +0000
Files and hashes:         1: NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl (hash: CAvFmWksZaPoUyo5MJZNoZ5oRlaUeEbJvX/eZ3CEtB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:61:25:1b:03:c6:8c:5e:2a:18:26:58:40:c2:e5:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
        Validity
            Not Before: Mar 12 22:02:11 2025 GMT
            Not After : Mar 13 22:02:11 2025 GMT
        Subject: CN=36890d01069022130106d45b4f864d5b1ea853ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:20:3d:70:72:ec:87:1e:26:32:56:ab:6d:3a:
                    35:44:b0:a5:17:33:ab:b1:ea:23:86:86:89:e1:42:
                    ed:ae:00:05:6d:ef:ea:18:15:5a:62:26:75:79:87:
                    b5:d6:e7:1d:99:d9:12:f6:96:03:7f:b3:2d:63:2c:
                    01:80:e4:dd:e9:65:72:79:cf:de:73:b8:34:ca:7f:
                    ab:89:5b:e1:65:b1:d2:de:0c:e2:86:9f:53:8a:a1:
                    40:09:d2:45:15:d8:41:e6:4a:06:e0:61:d1:5d:d0:
                    2e:69:28:8d:01:6f:ed:c8:12:f5:c1:cc:9c:65:d8:
                    1a:94:34:cf:3e:3b:99:45:0d:56:8f:f0:7b:f5:1b:
                    82:6b:67:06:7b:59:fe:0f:62:14:58:1f:0b:21:12:
                    50:53:8a:9d:50:dc:ae:a9:fc:90:eb:e7:fc:5e:57:
                    c7:9e:ad:4d:ff:c5:e8:8f:b5:b7:37:64:bb:ce:76:
                    5a:db:5c:0a:e5:56:ea:7a:9d:bb:18:57:f1:f9:bf:
                    48:76:fe:22:ff:00:69:8f:c9:14:9b:e0:9b:3c:a4:
                    2f:d4:36:ab:63:b8:34:5f:df:ee:35:3a:38:af:ae:
                    43:0d:46:6f:62:e7:35:81:1e:cc:b5:0c:a0:f1:87:
                    27:e9:d1:9c:e4:b4:82:bc:d4:59:ae:38:39:c7:f5:
                    c1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:89:0D:01:06:90:22:13:01:06:D4:5B:4F:86:4D:5B:1E:A8:53:AE
            X509v3 Authority Key Identifier:
                keyid:35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:cb:4b:52:aa:d7:7b:2b:14:a1:b1:04:2b:64:32:65:15:ae:
         f6:5b:aa:87:30:dc:94:88:fb:4f:5c:d6:b0:c3:24:fc:22:a9:
         06:95:6e:89:57:5c:22:f8:39:ec:81:28:e5:c3:12:5d:82:5e:
         a6:4c:03:e9:a8:fb:96:69:6a:2e:fa:ca:30:8e:e7:df:e5:b6:
         e3:69:10:42:71:22:9b:da:e4:ca:bb:5a:9d:5d:c0:85:10:6d:
         09:21:cb:de:81:81:99:60:6a:9c:7a:0a:2d:a5:cd:85:c4:3c:
         79:5b:c4:73:2a:e8:0a:e4:3c:45:f2:8b:14:7a:08:57:06:0a:
         95:40:76:fa:41:3e:02:7b:c1:73:ad:e7:4d:52:cb:17:20:73:
         f3:3e:69:12:7e:5c:aa:4b:da:03:b6:ee:b0:ff:1e:73:25:4a:
         25:b8:a6:82:68:71:83:79:40:2b:bb:dc:28:3d:4d:1f:f2:d5:
         cb:13:a2:ae:68:43:4f:fe:d7:b0:d9:31:aa:ce:c1:87:0b:32:
         ec:3e:4b:95:cd:c8:b9:06:ce:f2:a9:b6:8a:cc:15:f3:e9:7a:
         b9:57:51:41:1e:45:2d:87:c8:a3:73:c5:7c:3c:91:67:b9:0e:
         21:ee:15:8c:75:92:75:a4:f6:e4:45:99:e8:89:af:9b:ba:bf:
         04:a3:ac:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYSUbA8aMXioYJlhAwuUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDZiYjdlYzA2NjYwMjJmMDNjMGJkOWY1NWY3OGMwYTdl
YWRhOWYwHhcNMjUwMzEyMjIwMjExWhcNMjUwMzEzMjIwMjExWjAzMTEwLwYDVQQD
EygzNjg5MGQwMTA2OTAyMjEzMDEwNmQ0NWI0Zjg2NGQ1YjFlYTg1M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCA9cHLshx4mMlarbTo1RLClFzOr
seojhoaJ4ULtrgAFbe/qGBVaYiZ1eYe11ucdmdkS9pYDf7MtYywBgOTd6WVyec/e
c7g0yn+riVvhZbHS3gzihp9TiqFACdJFFdhB5koG4GHRXdAuaSiNAW/tyBL1wcyc
ZdgalDTPPjuZRQ1Wj/B79RuCa2cGe1n+D2IUWB8LIRJQU4qdUNyuqfyQ6+f8XlfH
nq1N/8Xoj7W3N2S7znZa21wK5Vbqep27GFfx+b9Idv4i/wBpj8kUm+CbPKQv1Dar
Y7g0X9/uNTo4r65DDUZvYuc1gR7MtQyg8Ycn6dGc5LSCvNRZrjg5x/XB9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDaJDQEGkCITAQbUW0+GTVseqFOuMB8GA1UdIwQY
MBaAFDUGu37AZmAi8DwL2fVfeMCn6tqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYt
NDEzYTU5NThhN2YzLzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYtNDEzYTU5NThhN2Yz
LzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAMtLUqrX
eysUobEEK2QyZRWu9luqhzDclIj7T1zWsMMk/CKpBpVuiVdcIvg57IEo5cMSXYJe
pkwD6aj7lmlqLvrKMI7n3+W242kQQnEim9rkyrtanV3AhRBtCSHL3oGBmWBqnHoK
LaXNhcQ8eVvEcyroCuQ8RfKLFHoIVwYKlUB2+kE+AnvBc63nTVLLFyBz8z5pEn5c
qkvaA7busP8ecyVKJbimgmhxg3lAK7vcKD1NH/LVyxOirmhDT/7XsNkxqs7Bhwsy
7D5Llc3IuQbO8qm2iswV8+l6uVdRQR5FLYfIo3PFfDyRZ7kOIe4VjHWSdaT25EWZ
6Imvm7q/BKOs9A==
-----END CERTIFICATE-----