Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          5kUWRT9119FTJuVjdVIcz0D51dR+8wjznJ5xRsFc/VQ=
Subject key identifier:   DB:00:22:BF:82:53:44:6A:E5:9A:63:79:7E:4A:A9:E1:91:37:A5:98
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       0196545C120C2AA0CB4EA932E3CB6E76F05E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          1239
Signing time:             Sun 20 Apr 2025 18:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:42 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: Qgz3vvgqe0W1gxvbBEydi0zhRPceYpPaNFuQS8K0zao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 18:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:12:0c:2a:a0:cb:4e:a9:32:e3:cb:6e:76:f0:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Apr 20 18:00:42 2025 GMT
            Not After : Apr 21 18:00:42 2025 GMT
        Subject: CN=db0022bf8253446ae59a63797e4aa9e19137a598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:6b:23:11:ff:c7:a3:6d:d7:9a:75:cc:f5:51:
                    2e:65:ac:ea:a6:55:0a:76:a9:fd:05:2c:8e:d0:ad:
                    7c:08:bd:69:9f:35:cd:87:4e:8d:dd:f6:a5:dc:d6:
                    cf:f7:c0:2c:50:8f:08:10:7c:cc:46:a5:14:68:7f:
                    51:d6:3a:c8:ee:f5:a1:61:42:16:56:f5:1c:04:a6:
                    a0:6a:7e:33:be:64:ba:66:c2:80:36:5c:76:b7:cb:
                    36:9c:5a:91:b1:d8:78:28:8e:08:59:b6:2a:a8:70:
                    fe:68:b9:17:19:97:b1:da:0c:c5:61:3f:52:7a:db:
                    13:7b:cf:10:34:86:76:a8:d8:d6:ce:bd:6a:3e:8a:
                    38:ea:f7:02:99:f6:a1:53:dd:76:59:18:c3:05:72:
                    9a:68:fe:79:5c:65:5c:09:f4:08:21:b8:e3:4a:5c:
                    c4:6b:25:65:ce:1f:c0:a1:83:52:6d:e6:ab:60:2f:
                    2d:72:57:9e:fa:64:50:39:7a:09:5b:2d:92:f8:21:
                    2f:e9:0c:36:27:38:57:bf:44:3c:fa:27:57:62:6b:
                    8f:99:75:f4:e1:df:12:d6:bc:25:b4:4f:7b:c4:f7:
                    dd:50:73:a6:68:24:57:c2:35:6a:07:3c:e1:75:20:
                    7b:78:1f:27:34:d8:16:02:24:b9:86:0f:08:fc:91:
                    65:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:00:22:BF:82:53:44:6A:E5:9A:63:79:7E:4A:A9:E1:91:37:A5:98
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:29:94:5d:d5:c8:c1:63:1b:1f:6f:c2:df:3d:06:8b:e0:ba:
         51:e9:15:a5:47:e4:c2:a8:c1:15:33:41:86:b0:69:13:de:76:
         d6:79:78:58:2e:ad:0a:d1:61:d3:68:a4:09:03:11:89:f5:0a:
         87:b1:8f:b1:8c:a8:12:5f:a3:94:55:48:40:06:86:8b:09:fd:
         fb:2d:31:fa:12:db:5b:86:e2:74:95:85:c2:49:bb:0b:cd:73:
         da:58:c6:f0:24:85:59:6e:a2:ec:75:2f:f9:ac:47:61:14:cb:
         db:a9:b8:10:d9:fd:d2:66:dd:66:b0:c8:3f:f3:75:6d:91:61:
         ab:3c:9a:45:90:b0:12:93:d5:2d:1f:3c:e7:04:e5:96:c1:d2:
         2f:86:37:45:5c:e2:16:85:3e:1d:90:0a:45:20:55:82:8a:c5:
         01:b6:02:ab:e3:ee:a1:9a:52:6b:e9:53:f7:b0:f4:06:42:17:
         64:66:61:5c:f1:c1:6f:58:50:ec:19:eb:3e:9a:fc:b3:52:97:
         ea:65:f1:04:ef:50:d4:04:40:f7:36:e6:2c:78:0b:ab:1d:df:
         a3:5c:ff:14:28:a0:9d:a0:a2:6b:c9:7b:55:e6:b5:fb:0b:fc:
         11:79:92:94:6f:17:e1:20:88:0b:20:e0:38:68:1d:a1:80:7f:
         16:14:8e:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXBIMKqDLTqky48tudvBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUwNDIwMTgwMDQyWhcNMjUwNDIxMTgwMDQyWjAzMTEwLwYDVQQD
EyhkYjAwMjJiZjgyNTM0NDZhZTU5YTYzNzk3ZTRhYTllMTkxMzdhNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62sjEf/Ho23XmnXM9VEuZazqplUK
dqn9BSyO0K18CL1pnzXNh06N3fal3NbP98AsUI8IEHzMRqUUaH9R1jrI7vWhYUIW
VvUcBKagan4zvmS6ZsKANlx2t8s2nFqRsdh4KI4IWbYqqHD+aLkXGZex2gzFYT9S
etsTe88QNIZ2qNjWzr1qPoo46vcCmfahU912WRjDBXKaaP55XGVcCfQIIbjjSlzE
ayVlzh/AoYNSbearYC8tclee+mRQOXoJWy2S+CEv6Qw2JzhXv0Q8+idXYmuPmXX0
4d8S1rwltE97xPfdUHOmaCRXwjVqBzzhdSB7eB8nNNgWAiS5hg8I/JFlXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsAIr+CU0Rq5ZpjeX5KqeGRN6WYMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICmUXdXI
wWMbH2/C3z0Gi+C6UekVpUfkwqjBFTNBhrBpE9521nl4WC6tCtFh02ikCQMRifUK
h7GPsYyoEl+jlFVIQAaGiwn9+y0x+hLbW4bidJWFwkm7C81z2ljG8CSFWW6i7HUv
+axHYRTL26m4ENn90mbdZrDIP/N1bZFhqzyaRZCwEpPVLR885wTllsHSL4Y3RVzi
FoU+HZAKRSBVgorFAbYCq+PuoZpSa+lT97D0BkIXZGZhXPHBb1hQ7BnrPpr8s1KX
6mXxBO9Q1ARA9zbmLHgLqx3fo1z/FCignaCia8l7Vea1+wv8EXmSlG8X4SCICyDg
OGgdoYB/FhSOwQ==
-----END CERTIFICATE-----