Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
File:                     jPJ69YYwRc-otYseJ3aSueHTje0.mft (raw, json)
Hash identifier:          XtiTls4pCtx4R2+ANnPBYDFzmXemfnWgIB5W7GHS1AE=
Subject key identifier:   A9:1F:45:FF:97:21:70:38:4B:6E:A1:2F:EB:EF:1A:7D:8C:B3:0C:48
Authority key identifier: 8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED
Certificate issuer:       /CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
Certificate serial:       01964F6D7022638275DE0E829899DF41F7D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
Manifest number:          14FA
Signing time:             Sat 19 Apr 2025 19:01:34 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:34 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:34 +0000
Files and hashes:         1: jPJ69YYwRc-otYseJ3aSueHTje0.crl (hash: KZvfhvw+pPgAdCw1iXJ/KlJInHprwzIWHASgkDxBiBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:70:22:63:82:75:de:0e:82:98:99:df:41:f7:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
        Validity
            Not Before: Apr 19 19:01:34 2025 GMT
            Not After : Apr 20 19:01:34 2025 GMT
        Subject: CN=a91f45ff972170384b6ea12febef1a7d8cb30c48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6e:68:e7:29:34:e6:ff:38:56:b1:21:b9:27:
                    33:62:6a:3d:eb:25:69:5e:bb:0b:4c:b3:e2:6b:de:
                    e8:71:64:04:10:f4:4c:17:08:5a:9b:98:33:22:8a:
                    79:6a:30:d8:cd:46:dc:ec:6e:0a:f6:b6:e9:6d:82:
                    44:af:0b:5a:f3:46:0b:ff:61:74:d7:98:04:c6:12:
                    67:63:cc:62:03:40:a8:f1:78:db:b4:5c:5b:2f:d7:
                    17:7a:7e:aa:c1:47:5d:a2:3c:be:fd:62:03:00:7d:
                    2f:64:e9:be:9f:8a:7d:e4:7b:d8:2a:ac:cf:c0:18:
                    ea:41:10:8b:99:42:32:07:50:c7:d4:d1:2d:68:4f:
                    1b:c1:15:52:a5:6d:1d:69:b7:3a:ca:6f:7f:73:c4:
                    1f:d3:3c:0f:a6:ca:95:a9:58:7e:04:97:f2:18:59:
                    ca:6d:93:2e:3d:fb:57:ce:a5:1d:57:0e:6b:0e:c3:
                    6f:f3:e8:51:6f:94:af:8c:94:a6:ca:fc:fb:05:ff:
                    91:bc:8c:ac:cc:55:07:91:f2:91:3e:f8:8b:ac:9d:
                    9d:db:cb:7a:b7:43:1d:2a:59:c5:75:d0:af:d8:96:
                    d2:9c:5d:a9:6d:d0:15:b7:36:25:03:0a:da:90:bc:
                    63:23:5d:3a:ca:79:90:fa:ac:a9:fa:2e:24:7b:be:
                    94:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:1F:45:FF:97:21:70:38:4B:6E:A1:2F:EB:EF:1A:7D:8C:B3:0C:48
            X509v3 Authority Key Identifier:
                keyid:8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:26:12:95:0d:76:94:30:a1:a1:61:22:5d:b1:14:72:e5:c5:
         9a:69:6f:b6:44:28:04:21:04:1f:39:4a:4c:17:92:d0:81:56:
         53:8b:98:c3:f1:6a:cd:b7:d9:87:e9:b6:5f:2e:0a:b5:be:1f:
         65:07:8c:c8:02:93:3b:7c:95:66:73:48:bf:33:c4:e6:03:57:
         60:2d:cd:af:ac:63:90:f3:02:bb:33:58:90:ba:08:9b:5a:86:
         39:05:59:d6:2f:69:bb:ba:c3:cc:08:14:0b:af:ff:61:65:8d:
         9e:5c:60:57:86:cf:37:8f:a2:54:7e:b3:6d:d2:d4:01:02:19:
         21:78:f4:60:57:ca:38:7e:ed:6c:76:ac:ab:4e:31:5c:ec:5c:
         9b:ff:1c:a4:8e:65:b6:60:64:03:d9:ed:20:b3:84:29:66:b2:
         63:05:67:18:4c:ae:fb:58:98:a3:00:13:cd:69:91:6d:00:76:
         6b:3c:e1:74:79:e7:58:d7:fb:03:00:79:d0:7d:ef:f9:17:42:
         58:ee:b3:74:ad:a0:ae:01:16:ea:26:f6:34:6e:46:b0:f2:69:
         65:b5:a9:58:d0:e9:88:fc:86:e0:a2:4b:e1:10:8e:31:ff:7c:
         ee:a3:ea:35:e8:17:73:03:51:37:f3:b5:d2:51:0b:f3:41:f1:
         43:b2:f6:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbXAiY4J13g6CmJnfQffUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjI3YWY1ODYzMDQ1Y2ZhOGI1OGIxZTI3NzY5MmI5ZTFk
MzhkZWQwHhcNMjUwNDE5MTkwMTM0WhcNMjUwNDIwMTkwMTM0WjAzMTEwLwYDVQQD
EyhhOTFmNDVmZjk3MjE3MDM4NGI2ZWExMmZlYmVmMWE3ZDhjYjMwYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG5o5yk05v84VrEhuSczYmo96yVp
XrsLTLPia97ocWQEEPRMFwham5gzIop5ajDYzUbc7G4K9rbpbYJErwta80YL/2F0
15gExhJnY8xiA0Co8XjbtFxbL9cXen6qwUddojy+/WIDAH0vZOm+n4p95HvYKqzP
wBjqQRCLmUIyB1DH1NEtaE8bwRVSpW0dabc6ym9/c8Qf0zwPpsqVqVh+BJfyGFnK
bZMuPftXzqUdVw5rDsNv8+hRb5SvjJSmyvz7Bf+RvIyszFUHkfKRPviLrJ2d28t6
t0MdKlnFddCv2JbSnF2pbdAVtzYlAwrakLxjI106ynmQ+qyp+i4ke76UwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkfRf+XIXA4S26hL+vvGn2MswxIMB8GA1UdIwQY
MBaAFIzyevWGMEXPqLWLHid2krnh043tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYt
MDFjOTk2ZTBiN2U3LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYtMDFjOTk2ZTBiN2U3
LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJCYSlQ12
lDChoWEiXbEUcuXFmmlvtkQoBCEEHzlKTBeS0IFWU4uYw/FqzbfZh+m2Xy4Ktb4f
ZQeMyAKTO3yVZnNIvzPE5gNXYC3Nr6xjkPMCuzNYkLoIm1qGOQVZ1i9pu7rDzAgU
C6//YWWNnlxgV4bPN4+iVH6zbdLUAQIZIXj0YFfKOH7tbHasq04xXOxcm/8cpI5l
tmBkA9ntILOEKWayYwVnGEyu+1iYowATzWmRbQB2azzhdHnnWNf7AwB50H3v+RdC
WO6zdK2grgEW6ib2NG5GsPJpZbWpWNDpiPyG4KJL4RCOMf987qPqNegXcwNRN/O1
0lEL80HxQ7L24w==
-----END CERTIFICATE-----