Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
File:                     dXFLWBraGW41UcCM52JDvgWLROs.mft (raw, json)
Hash identifier:          1d+LcJCW1ecHa8qzCrWC5jV00F2l4zMRmapi4BcCoI0=
Subject key identifier:   76:24:A1:BB:BC:05:6D:DE:FF:0E:62:71:28:6E:EC:4C:FA:5E:ED:AE
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Certificate issuer:       /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial:       01976BF428C6C2837F3348C3A5547DC5407C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 01:00:52 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:52 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:52 +0000
Files and hashes:         1: dXFLWBraGW41UcCM52JDvgWLROs.crl (hash: Hgw0lJ+XzFjjwZBIuf3tstejVilyvijo53NuQc6GOcI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:28:c6:c2:83:7f:33:48:c3:a5:54:7d:c5:40:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
        Validity
            Not Before: Jun 14 01:00:52 2025 GMT
            Not After : Jun 15 01:00:52 2025 GMT
        Subject: CN=7624a1bbbc056ddeff0e6271286eec4cfa5eedae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f1:ea:bb:41:20:2c:52:13:75:bc:a4:21:bf:
                    cf:52:ed:74:27:f6:96:7c:07:40:19:ca:3d:3e:94:
                    cf:28:79:25:3b:bc:99:ba:28:d0:58:4c:aa:da:ff:
                    81:88:b4:da:5e:9f:2e:5c:bc:76:15:9e:34:d5:58:
                    e2:4c:60:f0:c1:f9:65:63:b8:f0:26:75:24:3e:ae:
                    2d:14:0b:12:c3:6b:ee:00:0b:23:f5:4e:d4:f9:e2:
                    9b:44:8a:f3:e7:f7:6a:a8:51:45:f5:4f:e6:8f:9d:
                    e1:75:ce:a0:d9:8d:f0:01:1e:40:33:cd:7a:da:ac:
                    34:b6:6b:c0:1d:9d:17:c2:71:bb:45:dc:dd:23:d3:
                    d0:7f:e1:83:b0:4b:86:5d:4a:c5:8d:0a:23:b0:a4:
                    ba:8f:00:2d:d2:d2:2b:c4:72:84:4b:6a:2d:a5:5d:
                    8b:17:1e:a9:17:ce:93:92:58:9c:79:24:4b:66:16:
                    d6:1d:bc:10:1c:90:9e:80:a3:48:29:44:b0:0c:d6:
                    51:c7:7a:ee:19:0f:6c:a6:e2:b8:05:e1:49:ff:a7:
                    cf:4c:14:b4:6f:a8:cb:05:48:38:d7:18:51:10:66:
                    1a:ab:b9:a5:a2:3f:54:f5:7e:f2:9b:92:a2:58:ef:
                    bf:93:7a:1d:37:30:ea:84:df:83:f6:5e:ef:07:8b:
                    ba:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:24:A1:BB:BC:05:6D:DE:FF:0E:62:71:28:6E:EC:4C:FA:5E:ED:AE
            X509v3 Authority Key Identifier:
                keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:19:62:ff:21:47:a3:0f:19:30:e4:f6:c2:5d:61:ab:b5:28:
         f5:ca:6e:f5:1a:2a:fd:71:76:bc:b0:a4:95:71:35:5b:0e:4e:
         91:26:f1:e8:83:dc:da:8f:01:db:db:7c:b2:6d:22:62:a2:ea:
         f6:75:06:10:ee:45:7e:2a:2a:55:b2:1b:19:bd:1c:29:36:50:
         5a:e7:e9:4a:b7:d4:75:65:d8:26:03:4f:ba:1d:29:8b:24:e5:
         46:82:a6:13:8a:38:1a:9e:54:28:12:23:9c:cf:c1:e6:f3:bf:
         8e:b5:dd:c1:e5:07:0e:69:df:8e:73:1f:33:22:ca:4c:7f:f7:
         eb:f3:05:6e:f0:45:67:90:aa:6e:6a:5e:83:2e:bd:b7:2e:43:
         19:10:df:0d:76:5b:67:d8:42:1b:ae:ea:8b:48:94:86:f6:19:
         a8:22:80:6f:38:99:a3:4a:e3:1c:00:54:2f:32:49:9a:ca:77:
         36:9f:0f:44:dc:1d:58:6e:85:7e:2d:ff:4f:11:e3:cb:b8:ff:
         a3:27:49:ab:41:cd:c5:65:f8:7a:29:0c:97:29:b6:bd:2c:20:
         22:e2:0b:c1:a8:bc:2d:05:35:4e:8a:50:65:f0:48:0d:4f:2c:
         1a:b3:29:27:db:06:c1:b1:2e:08:ae:63:5d:6e:66:cd:a5:22:
         01:9d:db:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9CjGwoN/M0jDpVR9xUB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNjE0MDEwMDUyWhcNMjUwNjE1MDEwMDUyWjAzMTEwLwYDVQQD
Eyg3NjI0YTFiYmJjMDU2ZGRlZmYwZTYyNzEyODZlZWM0Y2ZhNWVlZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfHqu0EgLFITdbykIb/PUu10J/aW
fAdAGco9PpTPKHklO7yZuijQWEyq2v+BiLTaXp8uXLx2FZ401VjiTGDwwfllY7jw
JnUkPq4tFAsSw2vuAAsj9U7U+eKbRIrz5/dqqFFF9U/mj53hdc6g2Y3wAR5AM816
2qw0tmvAHZ0XwnG7RdzdI9PQf+GDsEuGXUrFjQojsKS6jwAt0tIrxHKES2otpV2L
Fx6pF86TkliceSRLZhbWHbwQHJCegKNIKUSwDNZRx3ruGQ9spuK4BeFJ/6fPTBS0
b6jLBUg41xhREGYaq7mloj9U9X7ym5KiWO+/k3odNzDqhN+D9l7vB4u6twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYkobu8BW3e/w5icShu7Ez6Xu2uMB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyBli/yFH
ow8ZMOT2wl1hq7Uo9cpu9Roq/XF2vLCklXE1Ww5OkSbx6IPc2o8B29t8sm0iYqLq
9nUGEO5FfioqVbIbGb0cKTZQWufpSrfUdWXYJgNPuh0piyTlRoKmE4o4Gp5UKBIj
nM/B5vO/jrXdweUHDmnfjnMfMyLKTH/36/MFbvBFZ5Cqbmpegy69ty5DGRDfDXZb
Z9hCG67qi0iUhvYZqCKAbziZo0rjHABULzJJmsp3Np8PRNwdWG6Ffi3/TxHjy7j/
oydJq0HNxWX4eikMlym2vSwgIuILwai8LQU1TopQZfBIDU8sGrMpJ9sGwbEuCK5j
XW5mzaUiAZ3bbg==
-----END CERTIFICATE-----