Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          Rc/2zm7pj2oie6W9184jKDfUvF6HJzuyK1Rt6CzaiLM=
Subject key identifier:   C6:9A:92:E9:BC:9B:7E:9D:EC:9D:CD:D7:00:79:64:A6:E7:34:38:57
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       01964BFDF5B8873464739C1395EFBF2A6D7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          14F5
Signing time:             Sat 19 Apr 2025 03:00:56 +0000
Manifest this update:     Sat 19 Apr 2025 03:00:56 +0000
Manifest next update:     Sun 20 Apr 2025 03:00:56 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: qBfSuMGm5O8AUB1Jg+DnGtzxWALOKiQv69VPubvGOeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 03:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:fd:f5:b8:87:34:64:73:9c:13:95:ef:bf:2a:6d:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Apr 19 03:00:56 2025 GMT
            Not After : Apr 20 03:00:56 2025 GMT
        Subject: CN=c69a92e9bc9b7e9dec9dcdd7007964a6e7343857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7e:d3:5d:0b:c5:6f:cd:4a:dc:11:f3:0e:0f:
                    41:2a:b6:1e:b4:a2:a6:73:96:98:9e:90:58:8a:6e:
                    b5:8e:60:a3:d4:ae:34:d3:0a:40:36:84:a0:f1:41:
                    d8:ca:31:2f:de:3f:d0:c8:5d:ff:1e:6b:25:18:f8:
                    f0:35:2f:41:87:5e:62:81:85:b0:c7:34:d4:fd:eb:
                    63:a6:4b:ef:8e:d4:2a:61:6c:cd:e9:b6:4a:3a:3d:
                    06:af:bc:72:16:15:99:6f:ae:28:76:5e:3e:41:0f:
                    3d:72:e7:21:2a:ec:c3:63:d6:14:d0:67:30:fd:05:
                    dc:af:26:96:b1:7c:0f:42:5f:d7:94:37:60:14:b7:
                    fe:74:b5:80:cd:bb:a2:9c:04:a8:40:ae:5d:6a:c3:
                    ae:87:a5:5f:3b:07:ea:ae:05:c0:87:54:60:1f:ec:
                    3b:b2:2e:73:bc:69:a9:62:b2:f1:66:cc:7d:97:2b:
                    05:c6:f7:a8:0e:23:57:fe:85:8f:c8:70:f5:62:8b:
                    6e:d1:b3:c9:5e:9b:91:1b:4f:29:a3:6b:9a:cc:22:
                    4c:80:e2:f4:3c:f8:ab:94:91:04:c7:6c:c3:f1:05:
                    37:18:df:d2:8b:85:12:b0:6e:20:c1:ec:1b:f8:d5:
                    34:b2:b7:80:1e:f0:00:f8:8b:db:d0:2d:b5:fa:4c:
                    a0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:9A:92:E9:BC:9B:7E:9D:EC:9D:CD:D7:00:79:64:A6:E7:34:38:57
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:67:c7:54:ea:1e:fa:d4:0d:66:12:57:ae:43:3f:de:6d:8d:
         ca:c7:4d:01:1e:7b:b4:ce:1f:b9:4e:46:ad:40:81:b7:66:5f:
         9b:c9:c3:23:19:62:4a:35:fa:2a:62:42:2b:1d:f4:d4:ca:bb:
         ec:2e:e8:06:1e:62:22:97:fc:42:b2:32:ae:4f:89:76:4f:7c:
         bb:b3:30:ef:8f:d2:c9:73:0f:6d:fc:74:42:72:ab:b3:31:c8:
         e3:fe:73:c1:07:a9:c8:bd:82:4a:64:b1:37:cb:b6:55:0d:f4:
         bd:7a:f1:48:c4:10:1b:44:10:11:68:90:7a:85:3a:f1:66:bd:
         78:ee:c1:75:c1:92:7b:a6:b8:20:8d:89:33:46:1a:ba:bd:77:
         78:04:9a:26:ec:d6:0c:5d:05:88:ac:f7:be:1e:d8:9f:1c:67:
         8c:45:91:38:49:5c:9d:61:0d:ce:b2:94:e7:c2:dc:6c:d9:6a:
         a4:a4:8a:9f:b8:87:8b:f2:b5:c0:44:ce:f4:b5:5a:2e:9c:51:
         05:f4:94:7c:d5:51:55:ac:e8:0c:96:22:8e:9e:4e:68:38:47:
         48:c5:ff:99:b0:26:79:98:a7:fa:1d:3a:e7:f8:10:c2:e8:c3:
         94:b6:4a:19:f8:59:87:66:38:76:bd:82:ce:2a:06:d1:3b:cb:
         4f:30:56:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/fW4hzRkc5wTle+/Km17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUwNDE5MDMwMDU2WhcNMjUwNDIwMDMwMDU2WjAzMTEwLwYDVQQD
EyhjNjlhOTJlOWJjOWI3ZTlkZWM5ZGNkZDcwMDc5NjRhNmU3MzQzODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH7TXQvFb81K3BHzDg9BKrYetKKm
c5aYnpBYim61jmCj1K400wpANoSg8UHYyjEv3j/QyF3/HmslGPjwNS9Bh15igYWw
xzTU/etjpkvvjtQqYWzN6bZKOj0Gr7xyFhWZb64odl4+QQ89cuchKuzDY9YU0Gcw
/QXcryaWsXwPQl/XlDdgFLf+dLWAzbuinASoQK5dasOuh6VfOwfqrgXAh1RgH+w7
si5zvGmpYrLxZsx9lysFxveoDiNX/oWPyHD1Yotu0bPJXpuRG08po2uazCJMgOL0
PPirlJEEx2zD8QU3GN/Si4USsG4gwewb+NU0sreAHvAA+Ivb0C21+kygzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaakum8m36d7J3N1wB5ZKbnNDhXMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGfHVOoe
+tQNZhJXrkM/3m2NysdNAR57tM4fuU5GrUCBt2Zfm8nDIxliSjX6KmJCKx301Mq7
7C7oBh5iIpf8QrIyrk+Jdk98u7Mw74/SyXMPbfx0QnKrszHI4/5zwQepyL2CSmSx
N8u2VQ30vXrxSMQQG0QQEWiQeoU68Wa9eO7BdcGSe6a4II2JM0Yaur13eASaJuzW
DF0FiKz3vh7YnxxnjEWROElcnWENzrKU58LcbNlqpKSKn7iHi/K1wETO9LVaLpxR
BfSUfNVRVazoDJYijp5OaDhHSMX/mbAmeZin+h065/gQwujDlLZKGfhZh2Y4dr2C
zioG0TvLTzBWfg==
-----END CERTIFICATE-----