Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
File:                     Gcxj87NPFwGJ0HPIi31lL3Azofw.mft (raw, json)
Hash identifier:          ZLnmqqTUOMj9+TiRjajczt3Pd1y6qwasB91ErTeS1z8=
Subject key identifier:   86:D2:2B:5D:40:DC:2E:F1:F0:A3:9F:9C:1B:13:A5:00:02:F4:2D:36
Authority key identifier: 19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC
Certificate issuer:       /CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
Certificate serial:       01964E231CC4E7872972CE1E74F171D7BDFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
Manifest number:          027E
Signing time:             Sat 19 Apr 2025 13:00:45 +0000
Manifest this update:     Sat 19 Apr 2025 13:00:45 +0000
Manifest next update:     Sun 20 Apr 2025 13:00:45 +0000
Files and hashes:         1: Gcxj87NPFwGJ0HPIi31lL3Azofw.crl (hash: Gi+azp/6CRpLqLXQMOGkSGxVoCCtMi/xsPSTIvzzpNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:1c:c4:e7:87:29:72:ce:1e:74:f1:71:d7:bd:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
        Validity
            Not Before: Apr 19 13:00:45 2025 GMT
            Not After : Apr 20 13:00:45 2025 GMT
        Subject: CN=86d22b5d40dc2ef1f0a39f9c1b13a50002f42d36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a6:9c:9d:de:ba:4c:3c:60:17:83:4f:1a:ce:
                    c1:5a:c1:86:a2:08:79:d8:0d:ed:ff:0c:e9:c3:be:
                    a1:7a:8e:f3:68:b6:65:78:b5:12:b0:dc:4b:0e:32:
                    61:59:40:6e:db:d1:c6:0e:ef:4b:52:78:8c:40:2e:
                    95:a2:d7:ea:1f:f8:db:2e:dc:40:18:6c:1d:85:aa:
                    ca:5d:05:d2:bf:28:ce:0e:68:d7:18:f1:92:e8:f5:
                    22:69:2f:3f:a8:ab:89:8b:92:79:4e:cb:c2:81:4b:
                    a1:78:52:35:9e:52:2d:09:05:bf:f1:35:70:da:cc:
                    c6:62:3c:a3:79:45:2f:7f:f3:60:1e:68:35:6b:de:
                    31:4b:be:0d:d2:86:13:80:ba:af:56:ca:de:15:b2:
                    ca:ba:56:16:9d:31:14:42:eb:ef:fb:a9:e0:22:26:
                    b4:d2:bb:e5:38:35:62:af:4a:3c:e5:75:31:a7:3f:
                    3f:72:4b:c1:e7:65:ed:2e:e4:03:b2:76:db:f5:6b:
                    a7:8d:1b:64:48:3c:f4:0b:f5:db:7b:00:a9:2c:de:
                    65:84:0b:07:c2:18:65:b2:af:dc:f3:c5:80:33:84:
                    56:b8:f9:cd:2a:e4:10:95:02:7c:e6:ae:8b:19:33:
                    10:9d:48:ab:25:79:d1:03:b0:c1:87:65:fb:01:5a:
                    1e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:D2:2B:5D:40:DC:2E:F1:F0:A3:9F:9C:1B:13:A5:00:02:F4:2D:36
            X509v3 Authority Key Identifier:
                keyid:19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:37:a1:63:5a:a5:6c:0e:cc:84:61:48:5f:d7:ba:9c:6c:45:
         14:d4:f9:51:95:60:81:9a:ab:94:f9:94:5c:2e:19:39:7b:6f:
         e0:2b:c4:cc:5c:b3:56:04:fb:8b:38:a0:24:db:cd:ed:34:48:
         9c:22:f6:c0:23:0f:00:6f:1a:e1:f4:b8:69:da:95:d0:60:49:
         6d:a8:6e:1c:27:95:92:d1:49:ef:52:3b:f9:df:ee:75:05:aa:
         fe:a6:21:e3:9f:1d:34:38:e6:c3:93:b3:eb:df:82:b8:4e:99:
         e6:cd:32:37:3e:50:03:8a:7e:c7:cb:91:32:52:c9:6c:d0:38:
         39:6e:74:b8:ca:f1:7a:3b:07:39:40:73:52:bf:75:8e:c1:b3:
         4e:b5:72:92:e2:3f:84:2f:4e:3e:7f:e5:3f:fa:3b:c9:5d:31:
         f6:17:42:56:e7:44:6e:39:e0:6a:63:9b:ba:5f:95:78:2a:5e:
         d7:e7:87:12:d6:da:1a:8c:0a:65:98:ce:6a:06:74:6d:42:61:
         97:9c:4f:d3:20:01:93:8f:de:a6:b8:81:a6:fd:d0:f3:aa:53:
         2c:48:fe:2c:3c:f2:da:02:fe:c7:f3:a3:7f:a9:53:bb:8c:ff:
         15:ff:76:f2:92:6b:c1:65:7d:63:95:a0:cc:26:43:db:a7:78:
         36:20:26:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOIxzE54cpcs4edPFx1736MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2M2M2YzYjM0ZjE3MDE4OWQwNzNjODhiN2Q2NTJmNzAz
M2ExZmMwHhcNMjUwNDE5MTMwMDQ1WhcNMjUwNDIwMTMwMDQ1WjAzMTEwLwYDVQQD
Eyg4NmQyMmI1ZDQwZGMyZWYxZjBhMzlmOWMxYjEzYTUwMDAyZjQyZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaacnd66TDxgF4NPGs7BWsGGogh5
2A3t/wzpw76heo7zaLZleLUSsNxLDjJhWUBu29HGDu9LUniMQC6VotfqH/jbLtxA
GGwdharKXQXSvyjODmjXGPGS6PUiaS8/qKuJi5J5TsvCgUuheFI1nlItCQW/8TVw
2szGYjyjeUUvf/NgHmg1a94xS74N0oYTgLqvVsreFbLKulYWnTEUQuvv+6ngIia0
0rvlODVir0o85XUxpz8/ckvB52XtLuQDsnbb9WunjRtkSDz0C/XbewCpLN5lhAsH
whhlsq/c88WAM4RWuPnNKuQQlQJ85q6LGTMQnUirJXnRA7DBh2X7AVoe1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbSK11A3C7x8KOfnBsTpQAC9C02MB8GA1UdIwQY
MBaAFBnMY/OzTxcBidBzyIt9ZS9wM6H8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMt
NTRkNzg0ZWZiYjdhLzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMtNTRkNzg0ZWZiYjdh
LzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejehY1ql
bA7MhGFIX9e6nGxFFNT5UZVggZqrlPmUXC4ZOXtv4CvEzFyzVgT7izigJNvN7TRI
nCL2wCMPAG8a4fS4adqV0GBJbahuHCeVktFJ71I7+d/udQWq/qYh458dNDjmw5Oz
69+CuE6Z5s0yNz5QA4p+x8uRMlLJbNA4OW50uMrxejsHOUBzUr91jsGzTrVykuI/
hC9OPn/lP/o7yV0x9hdCVudEbjngamObul+VeCpe1+eHEtbaGowKZZjOagZ0bUJh
l5xP0yABk4/epriBpv3Q86pTLEj+LDzy2gL+x/Ojf6lTu4z/Ff928pJrwWV9Y5Wg
zCZD26d4NiAmHg==
-----END CERTIFICATE-----