Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
File:                     bDg245a8UGRDYGuf1zN6kg5x3tE.mft (raw, json)
Hash identifier:          +I79BssGaAJ2DkCowwctEqHQUdkChAvmmWuWfm+GQVE=
Subject key identifier:   95:E9:30:FB:61:A1:89:18:3C:82:09:C3:63:2C:0F:B7:E3:F3:69:00
Authority key identifier: 6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1
Certificate issuer:       /CN=6c3836e396bc506443606b9fd7337a920e71ded1
Certificate serial:       019653EEA752B7413615FBD0570C601149FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
Manifest number:          137F
Signing time:             Sun 20 Apr 2025 16:01:11 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:11 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:11 +0000
Files and hashes:         1: bDg245a8UGRDYGuf1zN6kg5x3tE.crl (hash: 2avUugq3/Nx5N5XaIZnzD7VncUp2JbYNoLjnNydguwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:a7:52:b7:41:36:15:fb:d0:57:0c:60:11:49:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c3836e396bc506443606b9fd7337a920e71ded1
        Validity
            Not Before: Apr 20 16:01:11 2025 GMT
            Not After : Apr 21 16:01:11 2025 GMT
        Subject: CN=95e930fb61a189183c8209c3632c0fb7e3f36900
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:20:b6:3b:93:58:20:19:55:b9:67:84:5e:18:
                    84:a7:a0:89:3b:50:99:b3:70:52:56:36:f2:b7:14:
                    99:8c:29:da:34:0a:67:55:d2:d5:5c:26:34:c3:44:
                    b7:1f:a5:70:b1:9c:44:21:e3:22:0e:a0:3a:e6:22:
                    2b:b9:6e:01:e8:16:5d:e1:f0:c1:0f:06:8b:a3:b8:
                    7b:e6:c4:f7:35:34:93:50:ea:1c:00:9b:4a:79:45:
                    81:c1:d7:91:e3:e0:5c:4d:3b:fc:b1:82:6a:7e:9a:
                    56:50:fb:0e:f2:ef:06:9f:f8:14:65:12:b7:b2:cd:
                    18:a1:86:e8:b2:49:c2:b2:f0:5d:e6:eb:b4:bf:36:
                    b7:64:c3:8f:a6:dc:83:f5:05:2e:29:f4:ee:b3:48:
                    f3:3e:b1:2c:90:14:f4:ea:f1:0f:e9:77:7c:36:80:
                    5d:37:18:8a:35:e3:01:0d:9d:d9:f4:1a:f5:f2:ac:
                    25:05:83:06:62:40:fb:b4:59:06:a7:76:bd:51:93:
                    b6:ad:0a:63:9b:45:7b:4c:88:89:4f:bb:0b:16:38:
                    eb:61:86:de:48:c3:5b:f3:55:da:b7:f1:28:ff:dd:
                    96:7a:0a:a1:f1:49:81:be:ef:67:79:a8:df:aa:c8:
                    d5:4f:ca:33:7a:c5:65:77:00:2b:6e:4c:0b:58:91:
                    7c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:E9:30:FB:61:A1:89:18:3C:82:09:C3:63:2C:0F:B7:E3:F3:69:00
            X509v3 Authority Key Identifier:
                keyid:6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:0e:6e:bf:1b:94:76:97:8d:15:f9:19:38:b8:c3:d2:12:4e:
         c8:dd:47:2c:ed:3a:a3:2d:03:7b:ba:3a:fb:1a:14:dc:5b:d8:
         66:96:19:e4:59:1c:27:fe:68:7e:b7:1e:95:83:ea:03:ab:48:
         19:96:7b:72:81:8d:79:07:5f:55:ee:ed:da:4d:2f:d5:8d:50:
         13:d8:33:8d:97:83:57:5d:8e:2d:ca:4a:19:be:33:f3:54:ad:
         9d:30:85:76:7b:c8:2c:b4:de:88:ff:ed:de:69:b0:1f:81:f0:
         9d:80:78:73:3c:49:0f:f2:3c:3f:6f:eb:a9:e6:0f:d5:3e:37:
         aa:fe:16:77:1c:b5:e8:65:ad:76:54:07:b4:b7:c0:f3:bf:3d:
         aa:e8:f3:13:01:86:c3:d1:00:61:48:84:1d:95:9d:ff:c7:7f:
         f5:8d:93:60:cb:de:e9:49:6f:5e:2f:34:33:79:38:5a:02:08:
         11:5f:d8:91:1b:65:db:a3:2e:bd:8a:e3:43:be:5a:6b:5f:ab:
         de:f2:98:47:b4:12:96:74:85:1b:fa:97:bc:25:cb:6a:1b:0d:
         fe:b0:3c:e3:7c:63:ea:34:03:f9:f1:3d:a3:1b:78:a1:97:e8:
         59:db:32:87:b7:59:16:76:93:e0:84:a7:22:da:a3:17:2b:21:
         ce:93:80:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7qdSt0E2FfvQVwxgEUn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzgzNmUzOTZiYzUwNjQ0MzYwNmI5ZmQ3MzM3YTkyMGU3
MWRlZDEwHhcNMjUwNDIwMTYwMTExWhcNMjUwNDIxMTYwMTExWjAzMTEwLwYDVQQD
Eyg5NWU5MzBmYjYxYTE4OTE4M2M4MjA5YzM2MzJjMGZiN2UzZjM2OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyC2O5NYIBlVuWeEXhiEp6CJO1CZ
s3BSVjbytxSZjCnaNApnVdLVXCY0w0S3H6VwsZxEIeMiDqA65iIruW4B6BZd4fDB
DwaLo7h75sT3NTSTUOocAJtKeUWBwdeR4+BcTTv8sYJqfppWUPsO8u8Gn/gUZRK3
ss0YoYbosknCsvBd5uu0vza3ZMOPptyD9QUuKfTus0jzPrEskBT06vEP6Xd8NoBd
NxiKNeMBDZ3Z9Br18qwlBYMGYkD7tFkGp3a9UZO2rQpjm0V7TIiJT7sLFjjrYYbe
SMNb81Xat/Eo/92Wegqh8UmBvu9neajfqsjVT8ozesVldwArbkwLWJF8LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXpMPthoYkYPIIJw2MsD7fj82kAMB8GA1UdIwQY
MBaAFGw4NuOWvFBkQ2Brn9czepIOcd7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMt
ZWI2YjEzYzVlMjY4LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMtZWI2YjEzYzVlMjY4
LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkw5uvxuU
dpeNFfkZOLjD0hJOyN1HLO06oy0De7o6+xoU3FvYZpYZ5FkcJ/5ofrcelYPqA6tI
GZZ7coGNeQdfVe7t2k0v1Y1QE9gzjZeDV12OLcpKGb4z81StnTCFdnvILLTeiP/t
3mmwH4HwnYB4czxJD/I8P2/rqeYP1T43qv4Wdxy16GWtdlQHtLfA8789qujzEwGG
w9EAYUiEHZWd/8d/9Y2TYMve6UlvXi80M3k4WgIIEV/YkRtl26MuvYrjQ75aa1+r
3vKYR7QSlnSFG/qXvCXLahsN/rA843xj6jQD+fE9oxt4oZfoWdsyh7dZFnaT4ISn
ItqjFyshzpOAew==
-----END CERTIFICATE-----