Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          1WA4kh8nHB8vDPY6Ssy+NfzTuuE1JKJoapx0/lxr8sY=
Subject key identifier:   E5:F2:2D:EB:81:9B:6D:E0:36:0F:89:FF:1E:90:08:F3:DA:E4:17:56
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       019611A0D0999B6DD5A789922552CB05756A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          0FEF
Signing time:             Mon 07 Apr 2025 19:01:13 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:13 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:13 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: xI0Y/JA33LeFsdM16UJAfJpiuMVlrUzAnBtmdoUaeHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a0:d0:99:9b:6d:d5:a7:89:92:25:52:cb:05:75:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Apr  7 19:01:13 2025 GMT
            Not After : Apr  8 19:01:13 2025 GMT
        Subject: CN=e5f22deb819b6de0360f89ff1e9008f3dae41756
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1b:fb:81:fe:b7:c8:a1:d1:ec:59:30:77:8f:
                    9b:02:9f:27:ba:64:78:cd:38:1e:79:02:d8:dd:fc:
                    87:ff:7c:0a:19:8e:70:b2:2f:36:89:bc:e5:23:7b:
                    71:7b:30:4f:38:35:d5:f1:aa:1f:57:77:9c:ac:9a:
                    a7:99:48:c4:17:db:f2:de:9f:b6:e8:ee:2e:ee:65:
                    a4:05:31:b9:1d:c0:0b:7d:b5:fc:16:a7:56:0b:7c:
                    81:6f:72:fe:d7:b6:5a:dc:e6:b2:ff:c8:ec:1d:1b:
                    99:37:a2:cb:57:de:23:3d:a1:f5:a6:49:28:c4:13:
                    ec:9c:0f:5b:73:5f:19:bf:7c:9c:99:dc:13:58:78:
                    70:75:7a:04:05:63:ff:94:45:e9:37:1c:58:fd:d6:
                    4a:ef:62:d9:79:ba:88:da:dd:cd:8b:46:e0:14:f1:
                    3b:4e:90:07:dd:b6:79:51:f8:5f:bf:60:1d:55:58:
                    73:ff:4f:4d:64:48:cc:e9:c5:d1:88:59:6c:f7:32:
                    99:0c:af:58:49:13:bd:e4:53:ba:08:f0:02:44:e2:
                    bc:f6:f3:16:6a:1d:c6:9d:48:18:c0:7c:ab:5b:1b:
                    6e:f8:54:15:2e:3a:24:57:ad:64:52:96:d7:72:7a:
                    c2:d4:b7:7c:94:ee:d4:68:e6:fb:b9:a8:67:4d:ce:
                    3f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:F2:2D:EB:81:9B:6D:E0:36:0F:89:FF:1E:90:08:F3:DA:E4:17:56
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:ff:82:36:78:25:45:b1:68:cf:ca:ec:71:4c:c5:aa:d2:4a:
         a7:53:6b:45:65:e4:19:58:8b:51:f6:df:cd:a8:c8:dc:ae:cb:
         25:45:bd:7b:b6:64:fc:f9:38:e3:b7:e4:a9:d8:d2:46:38:dc:
         f3:3d:dd:20:49:27:0b:89:c1:8a:b1:c6:0f:3e:17:7f:6d:0b:
         47:d8:42:72:5f:4f:c2:8a:ab:97:4a:ca:d2:00:65:fa:9d:a2:
         2f:86:2b:3e:f0:9f:a9:d0:f1:df:3b:68:c5:82:f9:39:3d:a4:
         8f:94:cb:fe:1a:63:d0:55:fb:90:11:2e:75:b6:8f:ff:9a:df:
         28:32:0a:44:b7:c5:02:27:64:89:c3:83:a7:df:73:fe:21:2f:
         79:74:33:1f:a7:a2:2d:78:86:65:64:88:4c:c2:91:e0:a3:59:
         6a:d0:ae:f8:2b:ef:05:7d:d9:06:9b:02:e4:6b:73:79:b4:c7:
         20:bc:62:d2:d7:ae:4b:71:d7:a9:64:72:cf:55:b6:61:10:33:
         e6:64:f5:c8:e8:59:88:55:da:f7:5b:28:7f:8b:69:f1:19:15:
         6b:74:06:1a:a1:1d:8d:e9:4d:e5:05:2f:ea:12:dd:80:c6:32:
         60:98:b5:6b:a4:f8:81:47:6d:dc:f3:67:96:0e:f6:28:fc:b6:
         3e:eb:38:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoNCZm23Vp4mSJVLLBXVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjUwNDA3MTkwMTEzWhcNMjUwNDA4MTkwMTEzWjAzMTEwLwYDVQQD
EyhlNWYyMmRlYjgxOWI2ZGUwMzYwZjg5ZmYxZTkwMDhmM2RhZTQxNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRv7gf63yKHR7Fkwd4+bAp8numR4
zTgeeQLY3fyH/3wKGY5wsi82ibzlI3txezBPODXV8aofV3ecrJqnmUjEF9vy3p+2
6O4u7mWkBTG5HcALfbX8FqdWC3yBb3L+17Za3Oay/8jsHRuZN6LLV94jPaH1pkko
xBPsnA9bc18Zv3ycmdwTWHhwdXoEBWP/lEXpNxxY/dZK72LZebqI2t3Ni0bgFPE7
TpAH3bZ5Ufhfv2AdVVhz/09NZEjM6cXRiFls9zKZDK9YSRO95FO6CPACROK89vMW
ah3GnUgYwHyrWxtu+FQVLjokV61kUpbXcnrC1Ld8lO7UaOb7uahnTc4/9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXyLeuBm23gNg+J/x6QCPPa5BdWMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASf+CNngl
RbFoz8rscUzFqtJKp1NrRWXkGViLUfbfzajI3K7LJUW9e7Zk/Pk447fkqdjSRjjc
8z3dIEknC4nBirHGDz4Xf20LR9hCcl9Pwoqrl0rK0gBl+p2iL4YrPvCfqdDx3zto
xYL5OT2kj5TL/hpj0FX7kBEudbaP/5rfKDIKRLfFAidkicODp99z/iEveXQzH6ei
LXiGZWSITMKR4KNZatCu+CvvBX3ZBpsC5GtzebTHILxi0teuS3HXqWRyz1W2YRAz
5mT1yOhZiFXa91sof4tp8RkVa3QGGqEdjelN5QUv6hLdgMYyYJi1a6T4gUdt3PNn
lg72KPy2Pus4QA==
-----END CERTIFICATE-----