Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
File:                     6MSDt1wtsc-f9OlMeg_fDbAADwA.mft (raw, json)
Hash identifier:          PEFiHmFUWXUMhrGDgVX5k9Z7ZJJTW8umgrk6DHnTVXU=
Subject key identifier:   C3:22:95:EA:29:DD:FD:08:E9:BE:1D:0D:26:CA:D4:9D:D4:7E:A3:55
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Certificate issuer:       /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial:       019651FFBA2FF80E998D317A59FC6BE3494A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
Manifest number:          1038
Signing time:             Sun 20 Apr 2025 07:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:35 +0000
Files and hashes:         1: 6MSDt1wtsc-f9OlMeg_fDbAADwA.crl (hash: iaCnxMAjnP+nQDdKhfUgRYMmqz9dfzfZCrlB1d5cF/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:ba:2f:f8:0e:99:8d:31:7a:59:fc:6b:e3:49:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
        Validity
            Not Before: Apr 20 07:00:35 2025 GMT
            Not After : Apr 21 07:00:35 2025 GMT
        Subject: CN=c32295ea29ddfd08e9be1d0d26cad49dd47ea355
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4d:3c:57:c3:1a:1b:eb:6d:d2:73:a5:4e:30:
                    db:f6:9a:a6:1e:3a:2a:cf:8f:91:b7:a3:d2:71:8a:
                    04:26:e4:59:c2:57:ff:8a:37:9f:eb:b7:c0:3c:61:
                    c2:62:60:96:1c:95:c2:38:66:09:df:f9:d8:a9:ee:
                    8f:4f:a4:e4:11:ea:61:38:af:c8:fe:2e:21:a4:a8:
                    f0:a9:5d:e1:d5:4b:0c:4b:b3:e6:f2:1a:b7:00:03:
                    6f:65:7a:9a:18:27:93:47:57:74:cb:10:10:f0:06:
                    d7:df:ac:75:92:42:51:53:fd:12:68:a2:15:e3:f0:
                    27:bc:c0:5f:37:55:77:81:f4:b3:84:d3:5c:d7:df:
                    aa:0b:5f:44:85:42:0a:b6:10:1a:88:22:bb:e6:28:
                    6c:e3:8e:dd:cc:e4:66:09:a7:23:01:53:3d:50:34:
                    5c:83:ce:a7:d6:9f:69:5c:f6:56:af:d2:4c:a4:e1:
                    02:7a:86:e0:68:91:9a:aa:d4:63:bf:14:71:a1:4b:
                    af:70:e0:cb:7d:62:5f:d2:1f:80:2f:79:79:72:96:
                    41:38:0d:70:fe:15:d4:0e:f3:52:56:59:15:24:51:
                    c9:ca:5c:90:68:71:ba:bf:8b:40:12:da:1c:7e:d7:
                    6a:82:01:d1:ee:4f:90:83:e8:e0:23:9c:f7:2c:1f:
                    76:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:22:95:EA:29:DD:FD:08:E9:BE:1D:0D:26:CA:D4:9D:D4:7E:A3:55
            X509v3 Authority Key Identifier:
                keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:54:0d:c9:ed:74:56:28:8f:99:e1:a6:b6:b7:4a:29:cb:bb:
         51:b7:c8:ad:0c:ea:7f:17:be:55:6b:8d:be:12:e0:56:17:9c:
         4b:83:08:2c:b5:04:f2:b4:ac:8d:4f:e2:e5:a1:c4:ed:0f:16:
         c5:89:6f:4f:9d:ea:10:7e:89:ad:87:62:0e:36:70:87:4c:39:
         fe:e6:60:b5:4e:5c:7d:ab:7c:5e:26:3d:63:50:e2:c2:95:05:
         65:08:8a:15:47:d3:f8:d1:fd:18:85:63:dc:e6:44:07:b6:2f:
         cb:be:54:ed:fc:69:d6:c9:11:99:3c:6b:d6:fd:64:07:b1:fd:
         f9:80:a0:31:36:1c:18:c7:8d:bc:05:0c:c2:b3:32:a0:a5:63:
         a1:81:30:82:8f:62:9c:e2:26:d5:73:6e:25:b3:60:91:c3:53:
         96:b1:01:25:81:16:e4:34:c7:4f:6c:49:c6:2b:e7:b9:a5:8e:
         74:19:be:51:d0:25:fe:10:f4:d5:9b:88:1a:00:15:db:da:80:
         de:d9:b5:10:39:07:89:c4:ce:68:e8:69:99:c5:6e:ab:f6:52:
         bb:12:24:0a:99:bf:d9:e9:13:2f:b4:6e:99:2b:8b:a4:67:60:
         ce:eb:d7:ad:84:48:6f:d2:dd:23:a2:02:88:a4:b7:41:ad:69:
         02:e0:e9:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/7ov+A6ZjTF6Wfxr40lKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzQ4M2I3NWMyZGIxY2Y5ZmY0ZTk0YzdhMGZkZjBkYjAw
MDBmMDAwHhcNMjUwNDIwMDcwMDM1WhcNMjUwNDIxMDcwMDM1WjAzMTEwLwYDVQQD
EyhjMzIyOTVlYTI5ZGRmZDA4ZTliZTFkMGQyNmNhZDQ5ZGQ0N2VhMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk08V8MaG+tt0nOlTjDb9pqmHjoq
z4+Rt6PScYoEJuRZwlf/ijef67fAPGHCYmCWHJXCOGYJ3/nYqe6PT6TkEephOK/I
/i4hpKjwqV3h1UsMS7Pm8hq3AANvZXqaGCeTR1d0yxAQ8AbX36x1kkJRU/0SaKIV
4/AnvMBfN1V3gfSzhNNc19+qC19EhUIKthAaiCK75ihs447dzORmCacjAVM9UDRc
g86n1p9pXPZWr9JMpOECeobgaJGaqtRjvxRxoUuvcODLfWJf0h+AL3l5cpZBOA1w
/hXUDvNSVlkVJFHJylyQaHG6v4tAEtocftdqggHR7k+Qg+jgI5z3LB92ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMileop3f0I6b4dDSbK1J3UfqNVMB8GA1UdIwQY
MBaAFOjEg7dcLbHPn/TpTHoP3w2wAA8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTIt
ZWIzNWJmYTA2NWFkLzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTItZWIzNWJmYTA2NWFk
LzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFQNye10
ViiPmeGmtrdKKcu7UbfIrQzqfxe+VWuNvhLgVhecS4MILLUE8rSsjU/i5aHE7Q8W
xYlvT53qEH6JrYdiDjZwh0w5/uZgtU5cfat8XiY9Y1DiwpUFZQiKFUfT+NH9GIVj
3OZEB7Yvy75U7fxp1skRmTxr1v1kB7H9+YCgMTYcGMeNvAUMwrMyoKVjoYEwgo9i
nOIm1XNuJbNgkcNTlrEBJYEW5DTHT2xJxivnuaWOdBm+UdAl/hD01ZuIGgAV29qA
3tm1EDkHicTOaOhpmcVuq/ZSuxIkCpm/2ekTL7RumSuLpGdgzuvXrYRIb9LdI6IC
iKS3Qa1pAuDpug==
-----END CERTIFICATE-----