Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          ilDm9515Zg7CEdQ2SMmdw/bzaWWvryNvA4Z/KoLFgT0=
Subject key identifier:   9B:75:87:77:28:99:91:66:CB:74:6C:50:67:9E:CE:27:7B:92:A4:63
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       019652A4F9ABEB3908FBDDC0F91F2CB14B89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0A87
Signing time:             Sun 20 Apr 2025 10:01:05 +0000
Manifest this update:     Sun 20 Apr 2025 10:01:05 +0000
Manifest next update:     Mon 21 Apr 2025 10:01:05 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: D3O5PgU671b9mhrUBcwqC6lQyoopPxwa+ybkL++iwxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 10:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:f9:ab:eb:39:08:fb:dd:c0:f9:1f:2c:b1:4b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Apr 20 10:01:05 2025 GMT
            Not After : Apr 21 10:01:05 2025 GMT
        Subject: CN=9b75877728999166cb746c50679ece277b92a463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4c:6b:62:97:9a:91:16:f2:61:b8:1d:87:08:
                    1f:47:f7:e2:e4:03:75:b7:11:4e:ba:db:80:ed:f3:
                    9d:ca:32:a5:2a:4c:01:ad:a7:d6:26:ba:8c:60:ed:
                    6c:b7:bb:77:ce:56:64:89:a8:2b:8c:f4:94:af:c4:
                    d5:89:42:40:e7:bd:6d:55:97:b8:40:14:4a:68:1f:
                    f0:ee:38:8c:a0:82:43:da:12:01:46:81:bb:55:6c:
                    5b:89:4e:f9:2e:0a:dd:4c:5c:e6:2f:66:81:98:ee:
                    db:08:73:42:e0:d8:bf:a2:01:f3:6c:73:53:a9:2e:
                    e5:d4:85:fc:68:2a:6a:31:7b:0e:bd:7d:a6:bd:59:
                    e5:c9:bf:24:83:7b:50:98:1b:82:3d:12:af:3b:18:
                    e5:e5:36:ba:fd:ab:9c:d1:36:d3:43:1d:71:23:eb:
                    24:4f:c3:79:6f:07:af:60:39:d7:bd:91:67:99:3d:
                    91:e0:83:83:0a:57:a6:14:07:3c:f8:29:8b:e8:9f:
                    14:87:06:d1:22:cd:f4:73:45:4d:60:2b:06:c9:1c:
                    58:51:d2:e4:6d:15:dc:30:43:a7:a3:b2:96:a3:56:
                    77:56:98:cb:f5:fd:46:b5:14:91:30:4f:5a:f1:46:
                    d0:33:51:01:3b:79:5b:06:99:4c:26:33:28:05:a8:
                    ab:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:75:87:77:28:99:91:66:CB:74:6C:50:67:9E:CE:27:7B:92:A4:63
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:99:f0:2d:96:25:14:ae:76:e4:5d:42:0c:42:5d:f5:40:fa:
         08:5c:b4:38:8f:64:a1:06:40:9e:c2:a8:06:cd:a2:e1:f7:6d:
         ca:2f:fe:37:3c:bb:67:1d:9c:a1:a3:e8:54:63:ff:f7:84:df:
         d9:cd:15:eb:2e:6b:42:59:e5:59:46:86:f8:bd:b5:21:01:9d:
         02:f0:30:ee:5a:31:f2:fd:0d:0a:08:ac:14:d0:f6:f4:b8:8f:
         a9:4a:45:54:b5:31:6a:7d:db:c8:9a:63:ba:69:6d:00:84:3c:
         6b:15:a4:5f:5a:13:5b:ce:ac:3f:a8:2f:5b:62:5b:60:5f:2a:
         93:d4:4e:4e:98:48:55:d5:5f:36:16:98:bc:23:5d:25:03:78:
         37:5a:cb:30:af:4d:fc:dc:88:fc:c3:99:7b:06:17:38:32:e2:
         3b:34:63:a0:43:2f:39:61:f1:04:27:e4:3b:5a:67:46:18:a0:
         3a:e0:d7:21:38:d0:dd:f4:60:f7:02:31:68:83:b2:3a:6f:98:
         08:af:31:2f:99:3d:79:c1:91:2f:e0:cf:cd:9d:d3:4e:83:31:
         be:40:4a:04:3e:68:a9:dd:ba:21:86:e4:b7:1f:de:75:f0:b2:
         83:fe:02:82:63:25:b7:4c:42:ba:8a:e0:07:1e:bb:cd:34:54:
         bd:50:79:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpPmr6zkI+93A+R8ssUuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwNDIwMTAwMTA1WhcNMjUwNDIxMTAwMTA1WjAzMTEwLwYDVQQD
Eyg5Yjc1ODc3NzI4OTk5MTY2Y2I3NDZjNTA2NzllY2UyNzdiOTJhNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskxrYpeakRbyYbgdhwgfR/fi5AN1
txFOutuA7fOdyjKlKkwBrafWJrqMYO1st7t3zlZkiagrjPSUr8TViUJA571tVZe4
QBRKaB/w7jiMoIJD2hIBRoG7VWxbiU75LgrdTFzmL2aBmO7bCHNC4Ni/ogHzbHNT
qS7l1IX8aCpqMXsOvX2mvVnlyb8kg3tQmBuCPRKvOxjl5Ta6/auc0TbTQx1xI+sk
T8N5bwevYDnXvZFnmT2R4IODClemFAc8+CmL6J8UhwbRIs30c0VNYCsGyRxYUdLk
bRXcMEOno7KWo1Z3VpjL9f1GtRSRME9a8UbQM1EBO3lbBplMJjMoBair4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt1h3comZFmy3RsUGeezid7kqRjMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXZnwLZYl
FK525F1CDEJd9UD6CFy0OI9koQZAnsKoBs2i4fdtyi/+Nzy7Zx2coaPoVGP/94Tf
2c0V6y5rQlnlWUaG+L21IQGdAvAw7lox8v0NCgisFND29LiPqUpFVLUxan3byJpj
umltAIQ8axWkX1oTW86sP6gvW2JbYF8qk9ROTphIVdVfNhaYvCNdJQN4N1rLMK9N
/NyI/MOZewYXODLiOzRjoEMvOWHxBCfkO1pnRhigOuDXITjQ3fRg9wIxaIOyOm+Y
CK8xL5k9ecGRL+DPzZ3TToMxvkBKBD5oqd26IYbktx/edfCyg/4CgmMlt0xCuorg
Bx67zTRUvVB5bQ==
-----END CERTIFICATE-----