Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          xpvZQF0odoYxdOU3do/YnJfZv0qQQzCfPNYD4UeDMzU=
Subject key identifier:   38:76:7A:DB:F5:A2:CB:11:FD:47:18:63:98:7E:18:59:29:DE:1A:45
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       01962CAA55341E25D028C8A32B4FBF869531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          10CB
Signing time:             Sun 13 Apr 2025 01:01:22 +0000
Manifest this update:     Sun 13 Apr 2025 01:01:22 +0000
Manifest next update:     Mon 14 Apr 2025 01:01:22 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: Czy6JmLBNM3QsRGt3mydJoaBXwMsAyKXYac/OvoHu7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 18:34:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2c:aa:55:34:1e:25:d0:28:c8:a3:2b:4f:bf:86:95:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Apr 13 01:01:22 2025 GMT
            Not After : Apr 14 01:01:22 2025 GMT
        Subject: CN=38767adbf5a2cb11fd471863987e185929de1a45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5f:24:64:ad:3e:44:24:ed:67:17:5a:bd:80:
                    9f:fb:4a:f1:30:75:c6:fa:46:03:51:94:b4:59:59:
                    cc:4a:e3:0b:91:51:c2:2d:aa:56:b0:b6:f2:5c:90:
                    f3:94:13:f4:cb:25:e5:59:ad:6a:d0:9c:3f:1a:cb:
                    f1:aa:31:1a:f4:cb:73:58:7d:02:38:43:9e:27:b4:
                    58:9a:01:7b:88:91:47:18:fb:27:d1:10:93:06:a7:
                    c5:bc:48:c3:89:eb:1e:d2:cd:1a:92:18:89:c1:4a:
                    73:84:85:69:0f:dd:9d:50:a5:e4:4c:92:46:a7:d4:
                    fd:50:6c:cc:10:a6:28:26:55:28:75:7d:24:5b:74:
                    7d:fa:56:06:b9:c2:e5:c7:22:e9:c3:31:2f:8e:e7:
                    5e:b8:b9:c5:d7:cc:97:1e:fc:b6:f8:0d:6a:27:7a:
                    2a:74:65:48:61:fa:2a:7f:44:2d:a7:27:97:86:8e:
                    bf:28:2d:b6:6f:d2:b8:56:d5:77:47:ea:60:f5:e1:
                    1b:94:51:2c:80:60:a3:2c:85:93:73:ce:a8:c8:3c:
                    77:98:bf:5f:40:b9:bf:b6:1f:02:4d:b8:85:65:b4:
                    67:63:73:71:65:04:16:85:f9:ea:b3:4b:2e:9a:cd:
                    d8:e8:d2:b7:f1:ca:d5:c3:cf:f7:91:9e:49:c0:bf:
                    86:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:76:7A:DB:F5:A2:CB:11:FD:47:18:63:98:7E:18:59:29:DE:1A:45
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:07:e1:96:3d:e6:1a:c0:09:5f:9b:36:fd:de:68:3e:ea:7e:
         43:0d:bb:ff:fe:f9:d6:8e:4b:f7:08:8b:02:38:5c:78:0c:8d:
         ec:7a:fe:aa:55:bc:12:2b:c3:02:7f:f8:11:cf:21:33:e8:8e:
         22:a4:a1:d9:7d:06:af:a4:d8:ec:59:1c:10:4d:bf:b9:90:df:
         be:6d:c1:ba:86:ac:a1:68:77:84:21:37:db:98:df:31:2b:51:
         c6:71:a1:e7:60:8a:7f:6b:b9:cc:6a:42:ea:3c:fc:b9:38:73:
         f0:b6:c7:9b:46:79:b4:be:8b:9b:ac:ce:41:29:a2:52:c4:54:
         6a:23:db:50:c8:c3:87:82:25:7a:79:99:62:cb:ce:60:08:b4:
         b3:60:22:9a:fa:ad:87:ec:84:bd:f3:19:67:67:77:ce:29:d9:
         3e:6a:cf:b1:32:93:f8:10:c9:81:df:20:75:e0:8a:76:d4:73:
         7d:59:4a:0d:a9:d6:83:8f:ca:ac:0b:02:c4:38:0f:7a:e1:42:
         77:cc:82:85:eb:5b:79:4b:94:77:81:b8:3a:34:81:56:ba:b6:
         65:02:5b:66:6a:4e:c2:f6:94:66:9e:8d:86:33:48:c1:a6:7a:
         55:04:37:1f:d6:c3:fb:ab:ad:4a:a2:c2:53:63:79:04:0e:21:
         f7:9c:45:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYsqlU0HiXQKMijK0+/hpUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjUwNDEzMDEwMTIyWhcNMjUwNDE0MDEwMTIyWjAzMTEwLwYDVQQD
EygzODc2N2FkYmY1YTJjYjExZmQ0NzE4NjM5ODdlMTg1OTI5ZGUxYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2F8kZK0+RCTtZxdavYCf+0rxMHXG
+kYDUZS0WVnMSuMLkVHCLapWsLbyXJDzlBP0yyXlWa1q0Jw/GsvxqjEa9MtzWH0C
OEOeJ7RYmgF7iJFHGPsn0RCTBqfFvEjDiese0s0akhiJwUpzhIVpD92dUKXkTJJG
p9T9UGzMEKYoJlUodX0kW3R9+lYGucLlxyLpwzEvjudeuLnF18yXHvy2+A1qJ3oq
dGVIYfoqf0QtpyeXho6/KC22b9K4VtV3R+pg9eEblFEsgGCjLIWTc86oyDx3mL9f
QLm/th8CTbiFZbRnY3NxZQQWhfnqs0sums3Y6NK38crVw8/3kZ5JwL+GiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDh2etv1ossR/UcYY5h+GFkp3hpFMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAfhlj3m
GsAJX5s2/d5oPup+Qw27//751o5L9wiLAjhceAyN7Hr+qlW8EivDAn/4Ec8hM+iO
IqSh2X0Gr6TY7FkcEE2/uZDfvm3BuoasoWh3hCE325jfMStRxnGh52CKf2u5zGpC
6jz8uThz8LbHm0Z5tL6Lm6zOQSmiUsRUaiPbUMjDh4IlenmZYsvOYAi0s2Aimvqt
h+yEvfMZZ2d3zinZPmrPsTKT+BDJgd8gdeCKdtRzfVlKDanWg4/KrAsCxDgPeuFC
d8yChetbeUuUd4G4OjSBVrq2ZQJbZmpOwvaUZp6NhjNIwaZ6VQQ3H9bD+6utSqLC
U2N5BA4h95xF5w==
-----END CERTIFICATE-----