Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          5E+Fap0eILH0rqxgFVCCvt4RXGeTvkt6wsg5x+bACRM=
Subject key identifier:   34:E5:54:67:2A:DF:B7:6C:FB:96:3B:96:F3:F7:F8:3D:83:1E:3E:41
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       01965CF12AC53D7F6AA6320784935CED9A3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0C25
Signing time:             Tue 22 Apr 2025 10:00:30 +0000
Manifest this update:     Tue 22 Apr 2025 10:00:30 +0000
Manifest next update:     Wed 23 Apr 2025 10:00:30 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: Zh+GSI9b3i8RcWw3HBNVML1I5z5F3tMfsIZNo88QsR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f1:2a:c5:3d:7f:6a:a6:32:07:84:93:5c:ed:9a:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Apr 22 10:00:30 2025 GMT
            Not After : Apr 23 10:00:30 2025 GMT
        Subject: CN=34e554672adfb76cfb963b96f3f7f83d831e3e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:62:27:cb:85:eb:9c:1d:42:d4:f4:ea:19:c9:
                    ab:d2:21:55:cd:e8:65:38:cd:3b:94:3a:67:5c:21:
                    58:1a:78:bf:da:f6:66:de:f3:8d:9c:14:69:c3:23:
                    5e:00:62:1e:8d:91:ee:10:54:7b:61:5e:13:78:76:
                    3d:9e:d4:68:5f:66:08:76:d2:1d:73:d8:be:c0:3b:
                    15:15:81:6e:99:4a:e0:00:21:d9:58:9a:d9:65:49:
                    c5:cd:42:16:b6:43:53:f3:32:f6:ae:be:00:5a:cb:
                    9c:18:49:8f:51:3d:42:48:d3:3b:54:72:0a:60:e3:
                    e7:c2:c7:8b:d4:ab:20:31:96:83:74:8c:01:f1:91:
                    7c:d5:7c:2e:f8:87:2d:4b:9c:07:cb:de:be:9a:6d:
                    32:19:66:03:ce:94:d0:2c:e3:5f:f7:d0:4c:c5:9d:
                    ea:d7:ab:5c:fa:28:0a:b9:db:96:ff:a9:c5:51:43:
                    8d:9d:3b:ef:02:f5:67:6f:26:ad:68:bc:b6:64:ca:
                    09:28:94:de:88:7d:6f:5c:f1:e6:4c:5e:bb:04:aa:
                    63:7d:71:82:d3:96:5b:df:53:bc:8a:ca:3b:d4:91:
                    30:7b:80:db:c1:58:f1:51:c5:c4:cb:0d:fe:e1:25:
                    88:83:da:cf:ac:ef:49:e9:24:fc:6d:11:4d:0d:80:
                    69:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E5:54:67:2A:DF:B7:6C:FB:96:3B:96:F3:F7:F8:3D:83:1E:3E:41
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:2e:3c:07:02:56:e6:3c:25:c8:84:ae:58:e7:13:91:f6:cc:
         07:50:fc:f2:af:24:cc:55:85:93:95:52:77:81:24:a2:5c:a3:
         01:36:c7:31:33:c0:52:35:ac:62:12:2c:53:81:11:d3:86:a7:
         66:fe:d4:34:34:62:eb:cc:24:eb:f7:27:0d:99:7c:bc:81:96:
         70:d1:55:d8:b0:0f:68:f6:1d:8a:01:ea:1f:aa:bc:a0:18:93:
         49:c3:88:df:24:9e:43:22:ed:aa:72:b8:84:3e:ca:a0:e4:2a:
         75:2f:80:94:1b:6f:2a:55:61:5c:a8:72:2c:ef:7c:ac:80:7d:
         28:46:a2:c5:a2:d2:ff:13:97:78:8a:63:43:7d:c4:82:36:15:
         f3:34:aa:dd:96:7d:26:26:bb:3b:eb:f5:8f:e1:36:3b:65:d4:
         41:6e:b8:3a:fd:25:20:d3:49:46:b0:ce:ad:34:41:cb:55:a2:
         10:ff:f3:96:92:55:5a:05:7e:0a:f6:9c:83:3c:ca:d1:af:48:
         0b:fa:75:fa:9b:10:7d:61:06:1c:ea:cc:b8:c4:c1:e0:e9:4f:
         a8:ea:1f:ce:51:fe:8f:ac:f8:b4:ec:b2:9a:4e:ae:c0:60:0d:
         8f:44:97:83:97:ad:b0:e7:9e:40:aa:1a:16:99:30:71:45:98:
         69:5f:c7:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8SrFPX9qpjIHhJNc7Zo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjUwNDIyMTAwMDMwWhcNMjUwNDIzMTAwMDMwWjAzMTEwLwYDVQQD
EygzNGU1NTQ2NzJhZGZiNzZjZmI5NjNiOTZmM2Y3ZjgzZDgzMWUzZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WIny4XrnB1C1PTqGcmr0iFVzehl
OM07lDpnXCFYGni/2vZm3vONnBRpwyNeAGIejZHuEFR7YV4TeHY9ntRoX2YIdtId
c9i+wDsVFYFumUrgACHZWJrZZUnFzUIWtkNT8zL2rr4AWsucGEmPUT1CSNM7VHIK
YOPnwseL1KsgMZaDdIwB8ZF81Xwu+IctS5wHy96+mm0yGWYDzpTQLONf99BMxZ3q
16tc+igKuduW/6nFUUONnTvvAvVnbyataLy2ZMoJKJTeiH1vXPHmTF67BKpjfXGC
05Zb31O8iso71JEwe4DbwVjxUcXEyw3+4SWIg9rPrO9J6ST8bRFNDYBpyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTlVGcq37ds+5Y7lvP3+D2DHj5BMB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwS48BwJW
5jwlyISuWOcTkfbMB1D88q8kzFWFk5VSd4EkolyjATbHMTPAUjWsYhIsU4ER04an
Zv7UNDRi68wk6/cnDZl8vIGWcNFV2LAPaPYdigHqH6q8oBiTScOI3ySeQyLtqnK4
hD7KoOQqdS+AlBtvKlVhXKhyLO98rIB9KEaixaLS/xOXeIpjQ33EgjYV8zSq3ZZ9
Jia7O+v1j+E2O2XUQW64Ov0lINNJRrDOrTRBy1WiEP/zlpJVWgV+CvacgzzK0a9I
C/p1+psQfWEGHOrMuMTB4OlPqOofzlH+j6z4tOyymk6uwGANj0SXg5etsOeeQKoa
FpkwcUWYaV/HTg==
-----END CERTIFICATE-----