Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
File:                     vVhFViKSj0TenBVdcGjh0RtEVPE.mft (raw, json)
Hash identifier:          8Aulf0J0biGUSZAXnGvTiwbjPkuf0GKX79LeVFJ7jQ4=
Subject key identifier:   BD:87:56:75:79:40:42:A2:5D:75:43:63:CD:B7:14:07:86:A4:A0:09
Authority key identifier: BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1
Certificate issuer:       /CN=bd58455622928f44de9c155d7068e1d11b4454f1
Certificate serial:       0196439F397C81308FE41488CB71CF0C386F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
Manifest number:          14F1
Signing time:             Thu 17 Apr 2025 12:00:30 +0000
Manifest this update:     Thu 17 Apr 2025 12:00:30 +0000
Manifest next update:     Fri 18 Apr 2025 12:00:30 +0000
Files and hashes:         1: vVhFViKSj0TenBVdcGjh0RtEVPE.crl (hash: nhuGfRWdv2Ms7Oj4CB3ht0MMyuB5VLgEoOvypRTkBXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 12:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:9f:39:7c:81:30:8f:e4:14:88:cb:71:cf:0c:38:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd58455622928f44de9c155d7068e1d11b4454f1
        Validity
            Not Before: Apr 17 12:00:30 2025 GMT
            Not After : Apr 18 12:00:30 2025 GMT
        Subject: CN=bd875675794042a25d754363cdb7140786a4a009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:3a:75:82:ab:34:f5:19:cc:b3:59:88:fd:82:
                    48:47:b5:02:dc:a6:df:41:5e:d9:28:b3:33:1d:1b:
                    f2:a9:48:63:2f:75:e7:bb:80:a2:4d:ef:7d:f1:15:
                    47:3f:d8:3b:d3:d1:85:1f:0a:49:52:49:98:ce:77:
                    6c:8c:e7:7b:02:55:3c:5f:14:e6:be:2a:65:7c:a6:
                    d2:cc:e9:a3:15:27:7d:fb:7c:12:c7:cf:f5:ed:94:
                    8e:58:86:77:56:66:a9:7b:bc:7e:8c:61:f6:ee:09:
                    d1:e8:a1:ca:f8:6e:b4:45:ee:73:cc:66:8f:0d:88:
                    f7:b6:c5:41:ec:39:af:30:40:6f:dd:da:e2:78:c3:
                    0b:4e:4b:ed:18:82:d8:ab:af:fa:b2:5c:d2:1d:39:
                    e2:ce:db:a8:c1:05:59:11:61:5b:57:f7:ac:8b:36:
                    7c:17:ed:42:9c:2f:22:8c:56:f6:20:8b:5b:6b:74:
                    46:79:6c:c0:24:35:28:fe:fd:d6:cb:a6:6b:95:57:
                    f0:16:df:a4:08:49:cb:61:86:d8:8e:9f:a6:14:e1:
                    a7:f0:23:b3:b8:5f:ee:2e:53:54:10:88:55:b6:5a:
                    4f:ba:47:de:e9:da:1a:ec:98:c1:f0:62:ec:62:0f:
                    2a:28:b1:21:be:f8:db:d0:8e:98:f0:df:7f:98:70:
                    fa:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:87:56:75:79:40:42:A2:5D:75:43:63:CD:B7:14:07:86:A4:A0:09
            X509v3 Authority Key Identifier:
                keyid:BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:9a:4c:d7:09:29:3a:f1:a0:26:06:01:11:0a:a7:03:c7:57:
         18:1b:31:3b:d4:37:45:d8:34:70:c8:84:d9:67:c2:cd:c4:8b:
         f0:6a:9d:51:0d:d2:9d:3d:85:9a:43:75:fd:d5:78:56:10:23:
         69:f7:e3:60:79:14:ea:d4:41:64:bb:c3:8d:7f:dd:3a:8e:ca:
         29:f3:b3:bc:da:6c:fc:11:f3:c9:13:59:21:a0:51:f6:23:1e:
         b1:1b:16:4a:6b:df:8b:94:4d:8f:99:6b:6a:25:20:06:57:58:
         81:84:79:95:b9:da:3f:c9:47:8d:c1:00:e9:ce:36:cc:5c:e8:
         83:9e:46:0a:77:b8:a8:5f:04:5f:82:69:b4:f4:e0:79:c0:2c:
         2a:05:87:54:68:a0:ab:e1:9c:19:04:9a:84:e1:13:11:e6:d2:
         d7:9a:1a:57:9d:00:4e:d5:38:3d:66:42:b6:be:9a:0b:ad:bb:
         94:22:83:c6:50:43:5e:af:d9:df:4c:ea:d6:80:35:54:a4:e5:
         f1:fe:37:20:37:b1:33:1d:8d:e3:f2:02:b0:16:88:5a:fb:de:
         36:d4:5c:21:d5:f7:91:36:7d:9f:66:f0:df:19:db:3b:56:2c:
         ce:5f:76:71:2f:2d:04:f2:66:a2:98:25:e1:14:7f:34:31:69:
         2c:ef:45:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDnzl8gTCP5BSIy3HPDDhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNTg0NTU2MjI5MjhmNDRkZTljMTU1ZDcwNjhlMWQxMWI0
NDU0ZjEwHhcNMjUwNDE3MTIwMDMwWhcNMjUwNDE4MTIwMDMwWjAzMTEwLwYDVQQD
EyhiZDg3NTY3NTc5NDA0MmEyNWQ3NTQzNjNjZGI3MTQwNzg2YTRhMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jp1gqs09RnMs1mI/YJIR7UC3Kbf
QV7ZKLMzHRvyqUhjL3Xnu4CiTe998RVHP9g709GFHwpJUkmYzndsjOd7AlU8XxTm
viplfKbSzOmjFSd9+3wSx8/17ZSOWIZ3Vmape7x+jGH27gnR6KHK+G60Re5zzGaP
DYj3tsVB7DmvMEBv3drieMMLTkvtGILYq6/6slzSHTniztuowQVZEWFbV/esizZ8
F+1CnC8ijFb2IItba3RGeWzAJDUo/v3Wy6ZrlVfwFt+kCEnLYYbYjp+mFOGn8COz
uF/uLlNUEIhVtlpPukfe6doa7JjB8GLsYg8qKLEhvvjb0I6Y8N9/mHD6wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2HVnV5QEKiXXVDY823FAeGpKAJMB8GA1UdIwQY
MBaAFL1YRVYiko9E3pwVXXBo4dEbRFTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEt
MjkwODlkYTQwYzk5LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEtMjkwODlkYTQwYzk5
LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJpM1wkp
OvGgJgYBEQqnA8dXGBsxO9Q3Rdg0cMiE2WfCzcSL8GqdUQ3SnT2FmkN1/dV4VhAj
affjYHkU6tRBZLvDjX/dOo7KKfOzvNps/BHzyRNZIaBR9iMesRsWSmvfi5RNj5lr
aiUgBldYgYR5lbnaP8lHjcEA6c42zFzog55GCne4qF8EX4JptPTgecAsKgWHVGig
q+GcGQSahOETEebS15oaV50ATtU4PWZCtr6aC627lCKDxlBDXq/Z30zq1oA1VKTl
8f43IDexMx2N4/ICsBaIWvveNtRcIdX3kTZ9n2bw3xnbO1Yszl92cS8tBPJmopgl
4RR/NDFpLO9FxQ==
-----END CERTIFICATE-----