Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
File:                     3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft (raw, json)
Hash identifier:          3wbeXsUic17TfyvmrmPMc27vPWET/CdEK3WNoMHBfnc=
Subject key identifier:   7E:8C:A1:18:AF:7D:AE:7F:64:0D:29:78:F2:47:15:D2:B7:B3:B1:02
Authority key identifier: DF:18:0E:05:43:D4:71:DC:F0:D8:38:60:D6:BE:63:95:C2:B8:88:88
Certificate issuer:       /CN=df180e0543d471dcf0d83860d6be6395c2b88888
Certificate serial:       0196515BD3AB3E23D8C09FE9A90079C3555E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
Manifest number:          0858
Signing time:             Sun 20 Apr 2025 04:01:34 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:34 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:34 +0000
Files and hashes:         1: 3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl (hash: TmXVzX/lN11X+ZCW4STIySuWkkFjwnocIWLjqPHDrHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:d3:ab:3e:23:d8:c0:9f:e9:a9:00:79:c3:55:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df180e0543d471dcf0d83860d6be6395c2b88888
        Validity
            Not Before: Apr 20 04:01:34 2025 GMT
            Not After : Apr 21 04:01:34 2025 GMT
        Subject: CN=7e8ca118af7dae7f640d2978f24715d2b7b3b102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e4:5d:55:52:31:d7:d2:17:40:a2:0d:27:f8:
                    a7:7f:84:19:99:2f:a9:cf:ca:a3:f6:b2:51:ea:e5:
                    07:ce:56:a2:94:ea:73:01:04:58:a1:38:76:ef:2a:
                    2b:a7:29:ae:4b:33:25:06:ca:d4:8d:a1:74:1a:bf:
                    4b:cf:5c:01:6e:6d:ab:85:21:58:4e:2c:ec:3a:fd:
                    8d:42:83:bf:6a:46:68:63:cf:4c:c7:51:84:d6:b7:
                    c3:82:a0:01:b8:37:05:6d:65:4e:a3:13:48:24:c0:
                    90:c6:63:c9:1d:b9:de:2a:ed:12:a9:28:4c:95:a8:
                    85:94:c4:82:bf:48:fa:1c:1f:7a:8f:fe:ee:d3:39:
                    2f:92:21:b6:46:24:b2:73:1b:59:86:25:01:05:cb:
                    b9:01:d7:e8:d4:c7:b0:60:37:f3:0c:4d:a5:19:77:
                    75:5e:be:4e:5e:ab:08:1a:75:ef:0e:73:c8:2d:9c:
                    28:ef:d6:8c:d0:1e:21:0e:58:b6:be:b6:05:ec:f1:
                    37:e8:bb:eb:ed:72:4d:c0:8e:11:02:01:d6:8a:1b:
                    2b:7c:56:aa:32:21:b3:f3:c6:1a:48:7d:fc:98:8d:
                    e4:cf:ba:d8:a2:3c:18:64:d1:b0:e6:ae:86:40:98:
                    2d:d5:c6:3c:33:f6:cf:ee:37:33:fa:8e:4f:16:44:
                    a7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:8C:A1:18:AF:7D:AE:7F:64:0D:29:78:F2:47:15:D2:B7:B3:B1:02
            X509v3 Authority Key Identifier:
                keyid:DF:18:0E:05:43:D4:71:DC:F0:D8:38:60:D6:BE:63:95:C2:B8:88:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:d5:c7:d6:66:55:c6:02:be:6d:36:f7:f1:79:3f:35:8d:d5:
         5c:02:0e:c9:4c:65:68:a3:ef:d2:58:10:a4:91:6d:42:a0:2e:
         00:5f:cc:a7:3c:f3:f6:5b:b4:5a:53:2a:0d:cb:e3:ed:5f:b9:
         90:56:fe:ab:d9:36:d8:d3:0d:2d:4f:34:d7:53:e7:b8:8b:36:
         5d:89:b7:76:b7:72:00:64:e8:ea:b7:fe:23:bf:11:17:36:3c:
         67:34:1e:81:a6:15:6e:d9:7d:f4:8d:57:e6:8b:64:ce:f9:20:
         65:15:dd:55:88:cd:8d:83:c7:ff:74:b7:e4:9b:af:e3:3f:4a:
         61:63:06:6a:e0:c6:7f:ee:56:d2:52:1a:3b:f5:19:e2:d7:2f:
         76:f4:e6:55:36:a0:8f:e5:7a:3a:04:13:8f:46:e0:c8:c9:06:
         fc:06:5f:b1:dd:dc:8c:4f:19:5e:e9:f5:87:0a:92:90:d4:8c:
         f8:21:3b:b8:7c:ea:68:6f:a6:26:14:01:90:1b:e6:50:f3:50:
         36:df:86:f3:f8:55:9e:e9:85:0f:74:11:43:20:ae:0d:9d:be:
         5d:60:e4:5a:26:92:49:78:68:9d:eb:f5:69:5d:45:42:cf:c6:
         fd:ce:67:52:d0:87:f4:33:1f:98:6f:72:8e:f2:ee:7d:2b:44:
         2a:b2:8d:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW9OrPiPYwJ/pqQB5w1VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTgwZTA1NDNkNDcxZGNmMGQ4Mzg2MGQ2YmU2Mzk1YzJi
ODg4ODgwHhcNMjUwNDIwMDQwMTM0WhcNMjUwNDIxMDQwMTM0WjAzMTEwLwYDVQQD
Eyg3ZThjYTExOGFmN2RhZTdmNjQwZDI5NzhmMjQ3MTVkMmI3YjNiMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+RdVVIx19IXQKINJ/inf4QZmS+p
z8qj9rJR6uUHzlailOpzAQRYoTh27yorpymuSzMlBsrUjaF0Gr9Lz1wBbm2rhSFY
TizsOv2NQoO/akZoY89Mx1GE1rfDgqABuDcFbWVOoxNIJMCQxmPJHbneKu0SqShM
laiFlMSCv0j6HB96j/7u0zkvkiG2RiSycxtZhiUBBcu5Adfo1MewYDfzDE2lGXd1
Xr5OXqsIGnXvDnPILZwo79aM0B4hDli2vrYF7PE36Lvr7XJNwI4RAgHWihsrfFaq
MiGz88YaSH38mI3kz7rYojwYZNGw5q6GQJgt1cY8M/bP7jcz+o5PFkSn6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6MoRivfa5/ZA0pePJHFdK3s7ECMB8GA1UdIwQY
MBaAFN8YDgVD1HHc8Ng4YNa+Y5XCuIiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zMGY0MTAtODJiYi00MTFhLWIyYmMt
YzRiMTQ0NmMwZDhiLzEvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zMGY0MTAtODJiYi00MTFhLWIyYmMtYzRiMTQ0NmMwZDhi
LzEvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGdXH1mZV
xgK+bTb38Xk/NY3VXAIOyUxlaKPv0lgQpJFtQqAuAF/Mpzzz9lu0WlMqDcvj7V+5
kFb+q9k22NMNLU8011PnuIs2XYm3drdyAGTo6rf+I78RFzY8ZzQegaYVbtl99I1X
5otkzvkgZRXdVYjNjYPH/3S35Juv4z9KYWMGauDGf+5W0lIaO/UZ4tcvdvTmVTag
j+V6OgQTj0bgyMkG/AZfsd3cjE8ZXun1hwqSkNSM+CE7uHzqaG+mJhQBkBvmUPNQ
Nt+G8/hVnumFD3QRQyCuDZ2+XWDkWiaSSXhonev1aV1FQs/G/c5nUtCH9DMfmG9y
jvLufStEKrKNxw==
-----END CERTIFICATE-----