Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
File:                     dXFLWBraGW41UcCM52JDvgWLROs.mft (raw, json)
Hash identifier:          7dXYn052SfG0yBFz4KbKkGjrdzu6U/ldEeu/LDMpkSA=
Subject key identifier:   F3:07:64:8D:31:B0:21:10:AA:C2:FF:A3:07:2A:85:9E:73:2B:EA:FD
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Certificate issuer:       /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial:       0197624BCC3DA41C64205DB638064678C2EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
Manifest number:          1586
Signing time:             Thu 12 Jun 2025 04:00:24 +0000
Manifest this update:     Thu 12 Jun 2025 04:00:24 +0000
Manifest next update:     Fri 13 Jun 2025 04:00:24 +0000
Files and hashes:         1: dXFLWBraGW41UcCM52JDvgWLROs.crl (hash: FGa0wlFzp9e1svWdbTnrpluZNkDscV6/Fw64nDLPfTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:4b:cc:3d:a4:1c:64:20:5d:b6:38:06:46:78:c2:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
        Validity
            Not Before: Jun 12 04:00:24 2025 GMT
            Not After : Jun 13 04:00:24 2025 GMT
        Subject: CN=f307648d31b02110aac2ffa3072a859e732beafd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f6:fd:65:2e:98:4b:7e:9b:93:49:6e:ac:6b:
                    72:b1:f4:8a:c4:f7:b1:37:36:4b:ff:4e:18:0e:14:
                    f0:64:f1:c9:95:a9:64:e3:7c:fb:57:78:2e:1c:29:
                    a8:88:35:44:41:e3:37:d8:f5:d3:7c:64:7a:04:aa:
                    74:7b:85:1c:e0:27:f5:90:f2:e1:ed:95:7b:9a:a7:
                    48:7e:df:23:7c:69:35:02:4f:76:0d:9e:b2:c5:18:
                    1a:ad:12:a8:8a:5e:7e:1a:69:b7:0b:de:35:ee:93:
                    4d:a2:9f:bc:2b:cd:07:9c:7e:94:04:7b:45:4e:01:
                    46:30:01:06:a1:0f:f3:db:05:27:64:5b:1a:e0:e6:
                    ed:ab:81:a4:6f:7a:36:7c:b6:6b:e1:8b:bd:44:40:
                    23:1b:6a:55:83:50:d9:59:58:3d:9c:16:10:35:4c:
                    98:69:46:12:57:4d:0f:01:60:fe:89:d3:34:6b:78:
                    66:50:fd:f8:3f:e1:94:7c:26:0f:db:df:80:ef:cc:
                    62:a9:ec:a6:58:b6:ff:42:c5:f8:9b:f8:7d:7c:8f:
                    b5:c6:cd:8d:91:33:93:3d:db:a6:79:ab:5b:3b:0f:
                    64:48:5b:13:c0:6f:11:19:46:e3:59:e3:c2:93:42:
                    8f:cf:47:92:55:23:ea:cd:ee:e2:fb:57:be:8a:6a:
                    58:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:07:64:8D:31:B0:21:10:AA:C2:FF:A3:07:2A:85:9E:73:2B:EA:FD
            X509v3 Authority Key Identifier:
                keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:90:90:08:ae:74:d7:0e:64:cc:12:cd:f7:72:77:bb:05:93:
         3e:93:00:4c:17:ef:12:12:f8:d4:c5:a6:8b:8a:db:a1:f1:31:
         94:40:62:36:de:3b:6c:fe:90:9c:1e:85:6e:89:37:d6:e4:c5:
         a1:7e:05:e2:c5:18:c6:46:dc:e1:8e:0c:b5:22:37:6d:3a:80:
         ae:24:99:71:f9:dd:b2:9b:b5:43:bd:2a:ae:5a:17:8f:8e:5f:
         3c:c1:9a:c5:bf:e4:0f:19:ae:b2:6c:86:c1:67:d2:69:41:d8:
         07:66:07:36:61:0f:bb:89:07:0a:10:b2:4e:b4:7b:ce:01:38:
         64:be:d9:ac:eb:c9:4d:bf:63:c1:c6:26:c5:6f:16:dd:c4:1c:
         44:be:1d:f3:d5:f3:cf:30:95:4c:5e:55:cc:7f:33:b1:8d:55:
         a5:f8:93:47:c4:6c:e7:a5:eb:3f:34:0d:07:cb:b2:3d:0b:7f:
         44:99:33:9c:df:45:01:a8:a0:a0:d4:e9:f3:09:bb:43:16:2d:
         4d:44:11:00:8c:e3:96:71:54:e8:6b:b7:fe:f3:d7:1b:7a:f9:
         18:8f:db:b2:f5:02:3e:cf:76:1c:c8:00:a9:a5:98:d4:f4:34:
         8d:a5:28:fd:b9:26:a0:12:aa:a5:2d:74:d5:d2:a6:e8:c7:66:
         e4:9e:25:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiS8w9pBxkIF22OAZGeMLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNjEyMDQwMDI0WhcNMjUwNjEzMDQwMDI0WjAzMTEwLwYDVQQD
EyhmMzA3NjQ4ZDMxYjAyMTEwYWFjMmZmYTMwNzJhODU5ZTczMmJlYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPb9ZS6YS36bk0lurGtysfSKxPex
NzZL/04YDhTwZPHJlalk43z7V3guHCmoiDVEQeM32PXTfGR6BKp0e4Uc4Cf1kPLh
7ZV7mqdIft8jfGk1Ak92DZ6yxRgarRKoil5+Gmm3C9417pNNop+8K80HnH6UBHtF
TgFGMAEGoQ/z2wUnZFsa4Obtq4Gkb3o2fLZr4Yu9REAjG2pVg1DZWVg9nBYQNUyY
aUYSV00PAWD+idM0a3hmUP34P+GUfCYP29+A78xiqeymWLb/QsX4m/h9fI+1xs2N
kTOTPdumeatbOw9kSFsTwG8RGUbjWePCk0KPz0eSVSPqze7i+1e+impYCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMHZI0xsCEQqsL/owcqhZ5zK+r9MB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZCQCK50
1w5kzBLN93J3uwWTPpMATBfvEhL41MWmi4rbofExlEBiNt47bP6QnB6Fbok31uTF
oX4F4sUYxkbc4Y4MtSI3bTqAriSZcfndspu1Q70qrloXj45fPMGaxb/kDxmusmyG
wWfSaUHYB2YHNmEPu4kHChCyTrR7zgE4ZL7ZrOvJTb9jwcYmxW8W3cQcRL4d89Xz
zzCVTF5VzH8zsY1VpfiTR8Rs56XrPzQNB8uyPQt/RJkznN9FAaigoNTp8wm7QxYt
TUQRAIzjlnFU6Gu3/vPXG3r5GI/bsvUCPs92HMgAqaWY1PQ0jaUo/bkmoBKqpS10
1dKm6Mdm5J4lLA==
-----END CERTIFICATE-----