Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
File:                     Gcxj87NPFwGJ0HPIi31lL3Azofw.mft (raw, json)
Hash identifier:          dACSotXLG1DvAjGvJyWuoh8CIAaDBA6m4A02qVFCz7U=
Subject key identifier:   95:CE:2B:F8:6D:9B:84:1E:A7:A7:31:43:AD:74:BD:7C:4F:91:64:64
Authority key identifier: 19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC
Certificate issuer:       /CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
Certificate serial:       01958B16C74E4AB68B6F87E13D16B680C780
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
Manifest number:          0219
Signing time:             Wed 12 Mar 2025 16:01:20 +0000
Manifest this update:     Wed 12 Mar 2025 16:01:20 +0000
Manifest next update:     Thu 13 Mar 2025 16:01:20 +0000
Files and hashes:         1: Gcxj87NPFwGJ0HPIi31lL3Azofw.crl (hash: FiBSNjp3caJZOMTjb9k8mge3VINucesPVYj53z5XIr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:c7:4e:4a:b6:8b:6f:87:e1:3d:16:b6:80:c7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
        Validity
            Not Before: Mar 12 16:01:20 2025 GMT
            Not After : Mar 13 16:01:20 2025 GMT
        Subject: CN=95ce2bf86d9b841ea7a73143ad74bd7c4f916464
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:18:76:3f:71:28:09:08:7b:0e:9e:5a:fe:27:
                    44:f3:e1:57:de:99:eb:80:4a:ff:31:2e:00:fb:d0:
                    96:a4:d8:c4:85:7f:10:a6:aa:81:e7:ee:fb:ce:86:
                    7a:a9:82:07:31:c9:d4:eb:33:05:cf:80:5f:46:ba:
                    5a:31:17:e6:d0:17:6d:f9:67:77:55:9d:e8:6e:b0:
                    02:8a:4f:5d:27:23:d7:32:c4:e1:c6:8c:6f:c3:28:
                    bd:dd:fb:cf:c1:60:14:73:dd:ed:e4:99:e8:6a:7a:
                    bf:da:03:2d:96:5f:d1:14:c3:68:12:04:9f:de:47:
                    24:3d:c7:52:e3:cc:09:78:c4:31:37:d5:57:35:11:
                    fe:df:60:7d:17:7e:f9:c0:96:a9:c9:b5:4f:36:2f:
                    e8:70:76:0d:c0:09:91:1b:a3:59:82:08:29:ce:4c:
                    3a:ca:80:2a:20:93:c6:0f:97:84:13:c5:80:4a:3d:
                    2c:f4:90:34:8f:9d:ed:a2:98:1b:f0:3e:1b:42:09:
                    ed:7c:cd:84:e8:90:c7:58:a9:6e:67:e2:29:bf:8b:
                    d6:20:f0:b9:40:7c:ad:6f:2a:96:2f:eb:4c:de:02:
                    33:09:4f:d4:bc:e6:8a:aa:e5:ee:4c:d3:53:bd:c5:
                    8f:95:82:5d:f3:38:84:ed:8d:28:da:cc:20:b6:0a:
                    81:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CE:2B:F8:6D:9B:84:1E:A7:A7:31:43:AD:74:BD:7C:4F:91:64:64
            X509v3 Authority Key Identifier:
                keyid:19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:18:09:c8:03:6e:06:f0:c2:af:fb:78:4a:f4:d0:d1:11:c8:
         9c:ac:91:df:16:1b:5c:70:fb:ba:2c:1a:ac:a7:0a:0d:c4:f3:
         89:74:04:f8:97:83:f9:d9:59:eb:59:0e:b0:24:30:82:a7:27:
         af:7e:54:55:9c:64:8b:75:82:53:ae:35:a1:82:70:c6:57:d0:
         66:78:16:9b:01:87:7b:54:c2:70:6a:47:ef:e9:f6:22:2c:b3:
         8c:3e:0a:b9:20:6e:58:62:ed:42:66:b2:98:bd:12:cb:8a:5a:
         ca:94:f6:36:fd:eb:c1:e9:be:76:13:75:9f:f1:95:03:6e:c6:
         cf:db:b4:58:19:a0:22:a0:24:6e:00:c6:d5:d5:68:9b:06:e3:
         eb:d2:c9:2d:b8:eb:2b:ad:2b:0e:a0:73:39:49:04:79:22:bb:
         b2:62:e8:09:4e:23:a4:a2:fb:0e:84:ea:3a:8f:ef:28:32:3e:
         79:bc:11:5c:09:e7:eb:46:81:37:55:03:21:da:9d:1f:b3:c5:
         2d:08:35:1a:f2:9d:17:fa:01:89:2c:bd:e0:55:fa:06:96:66:
         d7:0a:4d:18:6f:a4:6d:fc:ac:d9:77:1a:d2:0d:2f:03:ae:9d:
         af:36:83:0a:1c:fe:c3:7d:19:a7:9a:2e:a1:bd:4c:cb:df:36:
         3f:de:71:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFsdOSraLb4fhPRa2gMeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2M2M2YzYjM0ZjE3MDE4OWQwNzNjODhiN2Q2NTJmNzAz
M2ExZmMwHhcNMjUwMzEyMTYwMTIwWhcNMjUwMzEzMTYwMTIwWjAzMTEwLwYDVQQD
Eyg5NWNlMmJmODZkOWI4NDFlYTdhNzMxNDNhZDc0YmQ3YzRmOTE2NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Bh2P3EoCQh7Dp5a/idE8+FX3pnr
gEr/MS4A+9CWpNjEhX8QpqqB5+77zoZ6qYIHMcnU6zMFz4BfRrpaMRfm0Bdt+Wd3
VZ3obrACik9dJyPXMsThxoxvwyi93fvPwWAUc93t5Jnoanq/2gMtll/RFMNoEgSf
3kckPcdS48wJeMQxN9VXNRH+32B9F375wJapybVPNi/ocHYNwAmRG6NZgggpzkw6
yoAqIJPGD5eEE8WASj0s9JA0j53topgb8D4bQgntfM2E6JDHWKluZ+Ipv4vWIPC5
QHytbyqWL+tM3gIzCU/UvOaKquXuTNNTvcWPlYJd8ziE7Y0o2swgtgqBRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXOK/htm4Qep6cxQ610vXxPkWRkMB8GA1UdIwQY
MBaAFBnMY/OzTxcBidBzyIt9ZS9wM6H8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMt
NTRkNzg0ZWZiYjdhLzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMtNTRkNzg0ZWZiYjdh
LzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORgJyANu
BvDCr/t4SvTQ0RHInKyR3xYbXHD7uiwarKcKDcTziXQE+JeD+dlZ61kOsCQwgqcn
r35UVZxki3WCU641oYJwxlfQZngWmwGHe1TCcGpH7+n2IiyzjD4KuSBuWGLtQmay
mL0Sy4paypT2Nv3rwem+dhN1n/GVA27Gz9u0WBmgIqAkbgDG1dVomwbj69LJLbjr
K60rDqBzOUkEeSK7smLoCU4jpKL7DoTqOo/vKDI+ebwRXAnn60aBN1UDIdqdH7PF
LQg1GvKdF/oBiSy94FX6BpZm1wpNGG+kbfys2Xca0g0vA66drzaDChz+w30Zp5ou
ob1My982P95xmQ==
-----END CERTIFICATE-----