Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
File:                     TaktycvByBxzpp8xWlMbR_ROPFQ.mft (raw, json)
Hash identifier:          yxv97uIREIIy6UyJsTkmpxD+4Xap3BaSXG7pVxTUFT0=
Subject key identifier:   9C:78:D3:FD:79:28:B0:92:66:94:54:36:BB:94:BA:80:CD:89:07:2C
Authority key identifier: 4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54
Certificate issuer:       /CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
Certificate serial:       01964D7F1681DB8AFF7AC1764545AE950311
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
Manifest number:          0611
Signing time:             Sat 19 Apr 2025 10:01:36 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:36 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:36 +0000
Files and hashes:         1: TaktycvByBxzpp8xWlMbR_ROPFQ.crl (hash: oOe2oFcU85F6HYcLIisumyCLUoQRV705blTlmfb9c6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7f:16:81:db:8a:ff:7a:c1:76:45:45:ae:95:03:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
        Validity
            Not Before: Apr 19 10:01:36 2025 GMT
            Not After : Apr 20 10:01:36 2025 GMT
        Subject: CN=9c78d3fd7928b09266945436bb94ba80cd89072c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a5:a7:22:24:f7:c3:c3:74:22:ae:58:42:f2:
                    19:36:b3:e8:9f:18:59:7d:69:5d:68:39:1c:e6:c6:
                    2d:d3:8f:22:53:3c:37:79:90:96:7c:f8:40:e8:66:
                    73:b0:88:b9:1c:a9:22:7d:95:88:e1:0f:a0:11:9d:
                    a4:a8:11:c5:1f:bf:e4:b9:47:04:b7:dd:9f:d2:69:
                    ee:4f:e5:f5:e8:f4:ce:e8:95:6f:db:89:a2:fe:30:
                    a2:d5:0b:07:4e:dd:a7:5e:9d:ed:ff:3f:45:71:76:
                    27:52:f8:ad:68:d3:3c:ff:35:c4:50:c5:1d:b8:ed:
                    0b:70:24:a8:e9:d5:71:69:f8:f8:7f:db:90:79:47:
                    f9:51:00:0c:88:27:ae:5f:2f:55:f3:70:ce:70:12:
                    15:e9:8a:3d:27:b9:4d:de:75:03:70:36:68:dd:6a:
                    ae:7e:d4:f0:ed:db:66:7d:30:18:90:12:fe:99:7f:
                    cc:9b:3d:f1:ed:a6:db:e2:67:d7:47:da:c1:29:a5:
                    f1:2d:ea:77:42:39:c5:c6:e7:73:bd:c8:d9:42:55:
                    f6:13:35:b7:a8:ea:65:c7:0a:38:70:2d:bf:29:ec:
                    20:e7:a9:3f:6c:03:21:75:72:db:91:e2:34:dc:8a:
                    13:a9:13:41:25:de:05:ec:33:0b:9e:e9:e0:2b:b2:
                    6b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:78:D3:FD:79:28:B0:92:66:94:54:36:BB:94:BA:80:CD:89:07:2C
            X509v3 Authority Key Identifier:
                keyid:4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:a2:50:af:6c:fa:c3:6b:54:0b:41:7b:75:5a:76:72:4d:d0:
         fa:40:b9:8c:c2:52:2b:99:88:b5:a4:5c:d0:6a:2e:e1:77:2f:
         0f:88:cb:8e:73:a0:08:83:17:9d:5a:0a:ad:2f:b5:6b:9e:89:
         ed:f6:85:21:66:c4:be:4f:30:2f:52:b0:40:a0:ca:fc:0a:c7:
         23:71:90:ef:3c:ed:af:78:b9:45:b2:f5:48:ea:0d:30:f9:92:
         34:6e:f8:0e:b7:6d:f9:0c:40:e4:b9:c0:6f:c2:44:e4:ff:fd:
         51:bc:46:18:58:34:8b:8f:a3:37:48:55:b8:2e:01:ae:bd:5e:
         58:e7:8f:96:bc:b3:57:e7:61:06:72:21:a9:73:8b:b8:91:b4:
         aa:a5:22:37:51:f7:03:b3:8d:ba:80:ed:56:7d:33:ed:e7:2f:
         0d:6b:27:2f:fe:ed:fa:e4:12:06:89:9d:bf:ee:7d:3c:79:95:
         81:0c:72:4e:3f:ed:32:f8:a0:4f:3e:28:d5:67:c6:4f:f8:ab:
         a7:a7:8d:99:c2:cc:a3:b2:ae:b9:64:a3:9e:ee:ba:c2:b6:dc:
         b5:57:3a:69:9d:ee:45:ae:13:6c:a3:8e:e6:52:29:63:86:6a:
         f8:e9:74:64:36:bb:fa:6a:6f:c8:0b:f4:48:02:dc:a8:1a:ce:
         d6:09:9a:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfxaB24r/esF2RUWulQMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTkyZGM5Y2JjMWM4MWM3M2E2OWYzMTVhNTMxYjQ3ZjQ0
ZTNjNTQwHhcNMjUwNDE5MTAwMTM2WhcNMjUwNDIwMTAwMTM2WjAzMTEwLwYDVQQD
Eyg5Yzc4ZDNmZDc5MjhiMDkyNjY5NDU0MzZiYjk0YmE4MGNkODkwNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKWnIiT3w8N0Iq5YQvIZNrPonxhZ
fWldaDkc5sYt048iUzw3eZCWfPhA6GZzsIi5HKkifZWI4Q+gEZ2kqBHFH7/kuUcE
t92f0mnuT+X16PTO6JVv24mi/jCi1QsHTt2nXp3t/z9FcXYnUvitaNM8/zXEUMUd
uO0LcCSo6dVxafj4f9uQeUf5UQAMiCeuXy9V83DOcBIV6Yo9J7lN3nUDcDZo3Wqu
ftTw7dtmfTAYkBL+mX/Mmz3x7abb4mfXR9rBKaXxLep3QjnFxudzvcjZQlX2EzW3
qOplxwo4cC2/Kewg56k/bAMhdXLbkeI03IoTqRNBJd4F7DMLnungK7JrvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJx40/15KLCSZpRUNruUuoDNiQcsMB8GA1UdIwQY
MBaAFE2pLcnLwcgcc6afMVpTG0f0TjxUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjIt
NTM1YmUyNzVlNmY1LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjItNTM1YmUyNzVlNmY1
LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKJQr2z6
w2tUC0F7dVp2ck3Q+kC5jMJSK5mItaRc0Gou4XcvD4jLjnOgCIMXnVoKrS+1a56J
7faFIWbEvk8wL1KwQKDK/ArHI3GQ7zztr3i5RbL1SOoNMPmSNG74Drdt+QxA5LnA
b8JE5P/9UbxGGFg0i4+jN0hVuC4Brr1eWOePlryzV+dhBnIhqXOLuJG0qqUiN1H3
A7ONuoDtVn0z7ecvDWsnL/7t+uQSBomdv+59PHmVgQxyTj/tMvigTz4o1WfGT/ir
p6eNmcLMo7KuuWSjnu66wrbctVc6aZ3uRa4TbKOO5lIpY4Zq+Ol0ZDa7+mpvyAv0
SALcqBrO1gmarg==
-----END CERTIFICATE-----