Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File:                     1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier:          NjH62E3Hh6CNyYFu1/yGiXUN2luWQgi7Eq0ep9jSIV0=
Subject key identifier:   45:DC:1B:E0:7E:2B:C9:43:54:A8:4E:B3:21:A4:37:5E:22:69:7B:AC
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer:       /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial:       0196553768C01764BE7FC5B263B74E658D91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number:          0B74
Signing time:             Sun 20 Apr 2025 22:00:16 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:16 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:16 +0000
Files and hashes:         1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: T7hg0HIUJAVrpLDlFccyybU9m/HAJrnFQumphysSghU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:68:c0:17:64:be:7f:c5:b2:63:b7:4e:65:8d:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
        Validity
            Not Before: Apr 20 22:00:16 2025 GMT
            Not After : Apr 21 22:00:16 2025 GMT
        Subject: CN=45dc1be07e2bc94354a84eb321a4375e22697bac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:21:62:ac:0e:5e:74:dc:f8:83:ed:be:57:fb:
                    5a:9b:04:44:7e:0d:a6:af:64:19:5d:51:46:4e:06:
                    9a:e9:45:1e:07:ef:7c:80:1b:b8:c8:9a:eb:8f:66:
                    e1:7c:1e:c5:ad:60:b4:b8:af:2d:62:68:32:56:66:
                    9f:98:31:68:76:e4:a5:30:6a:2f:e7:5c:ee:f3:c1:
                    73:f5:da:c4:1d:84:7b:77:5e:df:40:a6:85:6f:82:
                    bc:02:67:a4:9c:fb:4f:ae:62:5a:21:ef:b9:d1:23:
                    e9:ed:7c:93:7b:71:80:f0:11:14:ab:96:ac:b9:03:
                    a0:db:ff:ff:b0:12:33:2e:d9:05:35:4d:01:cd:9b:
                    58:35:bb:cd:9b:74:d3:87:1e:ad:d3:19:86:eb:9e:
                    f2:0a:06:a1:03:69:62:82:e7:41:8b:3c:31:78:2b:
                    a3:c9:96:c0:c7:2b:46:c3:08:8a:2e:af:cf:53:3c:
                    98:f9:3d:15:44:88:6a:4e:44:8e:d6:0d:c1:a5:f2:
                    bd:8f:10:96:2c:c8:c6:4b:d7:f9:95:3d:51:94:90:
                    cf:5d:6a:d0:1b:d0:9f:a7:d9:ee:d6:64:31:42:ac:
                    88:b7:9b:91:0a:dd:25:fe:3d:1b:71:f6:1f:dc:68:
                    43:5c:35:0c:fa:cb:bb:fb:07:ff:7d:da:c0:4a:08:
                    3a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DC:1B:E0:7E:2B:C9:43:54:A8:4E:B3:21:A4:37:5E:22:69:7B:AC
            X509v3 Authority Key Identifier:
                keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:03:4e:0e:57:b8:22:2d:68:9b:c4:2e:61:bd:76:6f:51:97:
         e8:1b:e2:9b:85:13:12:cf:93:ea:bb:b2:5c:93:59:08:d8:c5:
         1f:ad:f5:67:ee:47:5b:cc:06:23:bb:51:66:09:f6:8a:7d:72:
         82:c6:35:12:8b:e8:17:38:a2:55:1f:1e:19:32:b2:51:bb:a7:
         f4:16:1c:ed:66:c9:2a:07:bf:cf:72:a0:29:1a:cc:2e:b0:61:
         b4:6e:62:0a:62:30:89:8a:66:ff:0d:73:2e:c6:84:1a:44:5a:
         fc:4d:fe:0b:57:af:e1:39:f2:40:b9:70:9b:5e:d4:3e:c3:a9:
         98:e5:f2:ba:15:b2:3a:3f:4f:c1:2f:d6:9c:9a:87:3c:19:b4:
         99:4a:a9:1c:7b:75:37:ed:65:39:3f:8e:a1:d8:27:bb:e5:1d:
         63:dc:7c:70:35:fb:b6:eb:52:6b:ad:20:19:fc:75:c6:9b:14:
         a0:7b:0f:aa:03:3b:07:76:c4:0f:17:fe:fe:2d:af:30:0b:70:
         29:63:5d:86:9b:d5:6e:4b:f6:1c:6e:42:84:88:07:7f:2e:fa:
         34:b4:36:97:a7:3c:f7:fe:36:91:eb:04:e5:a4:9f:01:c1:e2:
         91:a5:c0:c4:c1:84:13:b2:1c:88:79:f4:9c:87:6d:c4:18:ba:
         54:05:64:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN2jAF2S+f8WyY7dOZY2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjUwNDIwMjIwMDE2WhcNMjUwNDIxMjIwMDE2WjAzMTEwLwYDVQQD
Eyg0NWRjMWJlMDdlMmJjOTQzNTRhODRlYjMyMWE0Mzc1ZTIyNjk3YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyFirA5edNz4g+2+V/tamwREfg2m
r2QZXVFGTgaa6UUeB+98gBu4yJrrj2bhfB7FrWC0uK8tYmgyVmafmDFoduSlMGov
51zu88Fz9drEHYR7d17fQKaFb4K8AmeknPtPrmJaIe+50SPp7XyTe3GA8BEUq5as
uQOg2///sBIzLtkFNU0BzZtYNbvNm3TThx6t0xmG657yCgahA2ligudBizwxeCuj
yZbAxytGwwiKLq/PUzyY+T0VRIhqTkSO1g3BpfK9jxCWLMjGS9f5lT1RlJDPXWrQ
G9Cfp9nu1mQxQqyIt5uRCt0l/j0bcfYf3GhDXDUM+su7+wf/fdrASgg6YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXcG+B+K8lDVKhOsyGkN14iaXusMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtQNODle4
Ii1om8QuYb12b1GX6Bvim4UTEs+T6ruyXJNZCNjFH631Z+5HW8wGI7tRZgn2in1y
gsY1EovoFziiVR8eGTKyUbun9BYc7WbJKge/z3KgKRrMLrBhtG5iCmIwiYpm/w1z
LsaEGkRa/E3+C1ev4TnyQLlwm17UPsOpmOXyuhWyOj9PwS/WnJqHPBm0mUqpHHt1
N+1lOT+Oodgnu+UdY9x8cDX7tutSa60gGfx1xpsUoHsPqgM7B3bEDxf+/i2vMAtw
KWNdhpvVbkv2HG5ChIgHfy76NLQ2l6c89/42kesE5aSfAcHikaXAxMGEE7IciHn0
nIdtxBi6VAVkqg==
-----END CERTIFICATE-----