Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
File:                     w9bWn9WH0FQXblPRknJoI2GxZzY.mft (raw, json)
Hash identifier:          j2gz7Mu70RzKeLSZya90XfIlFSXNxEljwuLntTHIrgY=
Subject key identifier:   5A:44:CF:09:5E:0B:63:A5:4B:2F:15:76:48:7A:0A:B7:12:9E:8F:B9
Authority key identifier: C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36
Certificate issuer:       /CN=c3d6d69fd587d054176e53d19272682361b16736
Certificate serial:       019752352773B99B98BAC04E4ADCD9755031
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
Manifest number:          157D
Signing time:             Mon 09 Jun 2025 01:01:44 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:44 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:44 +0000
Files and hashes:         1: w9bWn9WH0FQXblPRknJoI2GxZzY.crl (hash: 4L7W+w2axVOaT1VJhd8kxeziiRGFdmljAFgQCnG5OOc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:35:27:73:b9:9b:98:ba:c0:4e:4a:dc:d9:75:50:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3d6d69fd587d054176e53d19272682361b16736
        Validity
            Not Before: Jun  9 01:01:44 2025 GMT
            Not After : Jun 10 01:01:44 2025 GMT
        Subject: CN=5a44cf095e0b63a54b2f1576487a0ab7129e8fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:7f:2a:4d:7a:1f:13:26:60:d6:63:77:c0:3d:
                    3d:ba:4c:a8:91:69:08:d7:b8:30:74:3c:b0:96:5d:
                    48:c6:1a:f0:77:2d:f3:c9:70:b1:bd:dd:d3:1a:f1:
                    09:02:41:78:1d:7a:81:b1:07:cc:7d:15:8d:25:a1:
                    13:e4:cf:81:89:2f:fd:1f:7f:e6:f6:8b:37:4d:e4:
                    21:61:e9:7b:bf:94:91:28:eb:11:04:1b:cb:b2:69:
                    e9:54:3a:be:13:e3:97:be:98:a7:c3:7b:2c:e4:3f:
                    35:a7:e9:2d:9b:b6:44:f4:2f:43:96:71:38:30:18:
                    c3:31:8a:e8:8f:08:0b:d5:96:0c:65:e7:c2:02:7b:
                    f2:39:16:5d:3a:da:95:a1:ca:59:92:a8:4c:c0:60:
                    89:5c:f3:15:0a:95:75:85:f8:ee:fb:80:fc:bc:6e:
                    57:2e:63:97:8e:35:cf:12:ea:da:49:86:1c:4a:c8:
                    6f:e8:67:e2:e4:45:f6:28:df:e7:49:22:48:ba:b6:
                    a0:b3:99:17:46:89:7b:e1:e1:66:7f:be:48:05:19:
                    97:22:e2:5c:1b:fc:09:0a:03:bb:79:29:cd:e5:c3:
                    86:1e:5c:0b:c1:0b:b5:bd:be:98:9b:a8:32:2a:37:
                    c9:a1:87:43:3f:34:fc:ca:84:ce:7d:98:6f:35:53:
                    7f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:44:CF:09:5E:0B:63:A5:4B:2F:15:76:48:7A:0A:B7:12:9E:8F:B9
            X509v3 Authority Key Identifier:
                keyid:C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:78:47:2b:58:3b:75:cd:f4:66:c4:c8:df:8d:6b:03:b2:ae:
         5e:01:dd:d7:17:59:2c:ba:46:e8:29:3e:d2:30:57:e0:92:67:
         f1:21:a2:32:65:77:54:18:ea:a7:2a:96:71:3f:b9:03:6c:ce:
         c6:e1:b2:72:78:5b:81:06:a2:71:c9:59:15:d9:54:47:4a:33:
         75:a0:d3:f3:aa:65:3a:c9:9f:4a:a7:e5:ec:51:a9:a3:13:f6:
         b6:b1:43:f1:3b:eb:36:81:09:02:5b:e0:9a:75:cd:9f:f9:b7:
         ed:e7:97:fc:04:89:de:6f:27:02:80:17:11:86:3a:74:aa:e2:
         97:8f:67:cd:ee:a4:1c:56:94:7f:fa:18:42:93:62:b2:c3:6a:
         7e:84:03:43:d0:0f:ff:b2:eb:bf:21:c0:1c:22:60:e6:88:47:
         b8:e3:d1:5f:de:bd:90:ac:cc:15:6e:40:b5:dc:6a:1e:44:2d:
         8d:6b:16:d9:d4:cb:43:37:45:88:04:d4:17:a8:ae:0c:6a:67:
         50:38:8f:4a:72:a3:5e:61:b4:cf:8d:d5:68:30:75:6b:15:c1:
         cd:2e:8c:83:9e:bc:e9:d4:6a:69:7b:9b:7b:63:54:a9:08:f3:
         67:36:b4:9e:cf:28:9d:95:51:ba:97:6f:32:62:1b:f3:38:d5:
         50:6f:7e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNSdzuZuYusBOStzZdVAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDZkNjlmZDU4N2QwNTQxNzZlNTNkMTkyNzI2ODIzNjFi
MTY3MzYwHhcNMjUwNjA5MDEwMTQ0WhcNMjUwNjEwMDEwMTQ0WjAzMTEwLwYDVQQD
Eyg1YTQ0Y2YwOTVlMGI2M2E1NGIyZjE1NzY0ODdhMGFiNzEyOWU4ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX8qTXofEyZg1mN3wD09ukyokWkI
17gwdDywll1Ixhrwdy3zyXCxvd3TGvEJAkF4HXqBsQfMfRWNJaET5M+BiS/9H3/m
9os3TeQhYel7v5SRKOsRBBvLsmnpVDq+E+OXvpinw3ss5D81p+ktm7ZE9C9DlnE4
MBjDMYrojwgL1ZYMZefCAnvyORZdOtqVocpZkqhMwGCJXPMVCpV1hfju+4D8vG5X
LmOXjjXPEuraSYYcSshv6Gfi5EX2KN/nSSJIurags5kXRol74eFmf75IBRmXIuJc
G/wJCgO7eSnN5cOGHlwLwQu1vb6Ym6gyKjfJoYdDPzT8yoTOfZhvNVN/1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpEzwleC2OlSy8Vdkh6CrcSno+5MB8GA1UdIwQY
MBaAFMPW1p/Vh9BUF25T0ZJyaCNhsWc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQt
Y2EwODM2MzE4OTk1LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQtY2EwODM2MzE4OTk1
LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtnhHK1g7
dc30ZsTI341rA7KuXgHd1xdZLLpG6Ck+0jBX4JJn8SGiMmV3VBjqpyqWcT+5A2zO
xuGycnhbgQaicclZFdlUR0ozdaDT86plOsmfSqfl7FGpoxP2trFD8TvrNoEJAlvg
mnXNn/m37eeX/ASJ3m8nAoAXEYY6dKril49nze6kHFaUf/oYQpNissNqfoQDQ9AP
/7LrvyHAHCJg5ohHuOPRX969kKzMFW5AtdxqHkQtjWsW2dTLQzdFiATUF6iuDGpn
UDiPSnKjXmG0z43VaDB1axXBzS6Mg5686dRqaXube2NUqQjzZza0ns8onZVRupdv
MmIb8zjVUG9+HA==
-----END CERTIFICATE-----