Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          5xuuVRJoiCM3hVsgvgvXfkA/WQrjtB/spGOsC1MaxYk=
Subject key identifier:   95:A9:57:EA:53:2B:7F:5E:C2:0A:FA:01:8E:35:E7:73:C1:E0:EE:23
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       01964E2311343B1DE3B918A6C99628FD5BC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 13:00:42 +0000
Manifest this update:     Sat 19 Apr 2025 13:00:42 +0000
Manifest next update:     Sun 20 Apr 2025 13:00:42 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: cGvViZou7hZbgjirgs6wjMYZZQnkAxiyQ9ogvX2saco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:11:34:3b:1d:e3:b9:18:a6:c9:96:28:fd:5b:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Apr 19 13:00:42 2025 GMT
            Not After : Apr 20 13:00:42 2025 GMT
        Subject: CN=95a957ea532b7f5ec20afa018e35e773c1e0ee23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d7:c6:02:01:a9:14:82:24:2c:ef:f8:dd:8f:
                    94:b8:81:a3:ba:1b:c8:2b:1d:f2:6e:b9:77:23:68:
                    59:f0:98:2c:5d:cb:d2:48:c6:83:76:8d:48:44:0d:
                    6f:11:a5:38:4e:36:c3:84:60:26:af:8b:e9:9f:50:
                    ab:23:d6:84:ce:b0:ed:e1:4c:15:c2:e6:11:6f:e8:
                    d0:7a:8a:37:13:d7:5f:ea:49:f4:c9:bb:d4:ba:30:
                    43:97:19:46:82:39:b1:01:25:71:91:5f:9a:09:50:
                    21:7e:b5:58:90:23:6d:64:c4:96:02:bd:d9:9f:8b:
                    a6:02:64:c9:90:d3:5b:6d:39:cf:91:fb:b0:28:7a:
                    b4:8a:27:d0:4e:c7:19:5f:46:39:f7:69:e4:ce:b4:
                    e5:30:63:c0:e2:da:d8:66:ad:c0:37:24:d5:8e:4e:
                    1f:23:db:95:11:2e:95:da:62:05:99:b6:95:d8:2e:
                    19:e0:c2:f9:a4:cf:2a:7e:9b:0c:f3:fa:d4:b7:7c:
                    b2:0a:57:ea:6e:49:81:80:16:f5:6a:c7:89:64:82:
                    ae:56:c7:0f:20:24:b1:26:0f:79:8d:bf:a8:b9:57:
                    01:35:1b:3e:13:51:a9:5f:1d:0f:ac:b7:16:68:fa:
                    cc:d4:e1:8d:92:48:33:f7:32:b1:c4:b6:3d:1c:06:
                    f0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A9:57:EA:53:2B:7F:5E:C2:0A:FA:01:8E:35:E7:73:C1:E0:EE:23
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:91:d2:c0:61:e7:f6:4d:02:47:66:95:c6:87:8e:63:b3:51:
         f3:35:91:49:9f:4e:4e:ae:97:70:34:6f:7e:71:5d:1c:06:f8:
         67:e7:46:ac:6d:2d:69:08:65:45:c8:27:1f:59:46:30:ec:09:
         b0:e9:2a:92:bf:62:ca:31:ee:c0:08:53:1b:e3:c2:4b:07:96:
         ec:b6:37:34:d6:8a:c8:de:08:7c:9f:59:f5:95:74:41:55:c4:
         2d:84:e6:e9:e7:b9:b4:b1:bb:db:ab:96:4b:2e:ea:a6:a4:d8:
         3e:21:bd:d9:6a:3f:c7:85:94:04:77:d1:e7:2a:e2:12:96:0f:
         ce:fe:47:93:a7:63:93:e0:3f:99:df:9d:a7:11:01:cf:55:af:
         97:52:66:4d:6b:9d:cc:94:a7:93:90:79:e9:5d:eb:56:28:ab:
         a7:90:3e:1e:d9:d6:60:ae:eb:9d:de:26:2d:c4:61:03:6b:cf:
         9a:d5:18:c5:be:df:11:c4:ce:8e:88:c6:30:68:64:23:8c:dc:
         6c:35:58:27:0b:65:5b:af:f3:9c:6a:7d:d8:17:3e:93:23:a6:
         ad:a7:a1:c6:f6:fc:60:b9:20:0a:9b:28:46:a2:1c:6c:6f:16:
         64:a5:21:9a:37:77:3e:67:91:87:97:0c:7a:61:f8:63:28:10:
         83:b0:d1:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOIxE0Ox3juRimyZYo/VvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjUwNDE5MTMwMDQyWhcNMjUwNDIwMTMwMDQyWjAzMTEwLwYDVQQD
Eyg5NWE5NTdlYTUzMmI3ZjVlYzIwYWZhMDE4ZTM1ZTc3M2MxZTBlZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9fGAgGpFIIkLO/43Y+UuIGjuhvI
Kx3ybrl3I2hZ8JgsXcvSSMaDdo1IRA1vEaU4TjbDhGAmr4vpn1CrI9aEzrDt4UwV
wuYRb+jQeoo3E9df6kn0ybvUujBDlxlGgjmxASVxkV+aCVAhfrVYkCNtZMSWAr3Z
n4umAmTJkNNbbTnPkfuwKHq0iifQTscZX0Y592nkzrTlMGPA4trYZq3ANyTVjk4f
I9uVES6V2mIFmbaV2C4Z4ML5pM8qfpsM8/rUt3yyClfqbkmBgBb1aseJZIKuVscP
ICSxJg95jb+ouVcBNRs+E1GpXx0PrLcWaPrM1OGNkkgz9zKxxLY9HAbwUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWpV+pTK39ewgr6AY4153PB4O4jMB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkZHSwGHn
9k0CR2aVxoeOY7NR8zWRSZ9OTq6XcDRvfnFdHAb4Z+dGrG0taQhlRcgnH1lGMOwJ
sOkqkr9iyjHuwAhTG+PCSweW7LY3NNaKyN4IfJ9Z9ZV0QVXELYTm6ee5tLG726uW
Sy7qpqTYPiG92Wo/x4WUBHfR5yriEpYPzv5Hk6djk+A/md+dpxEBz1Wvl1JmTWud
zJSnk5B56V3rViirp5A+HtnWYK7rnd4mLcRhA2vPmtUYxb7fEcTOjojGMGhkI4zc
bDVYJwtlW6/znGp92Bc+kyOmraehxvb8YLkgCpsoRqIcbG8WZKUhmjd3PmeRh5cM
emH4YygQg7DRzw==
-----END CERTIFICATE-----