Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
File:                     dXFLWBraGW41UcCM52JDvgWLROs.mft (raw, json)
Hash identifier:          LGP7Ua+n9PylKbTubHDxW/KU/Kx8rWxY9tLBUz699ME=
Subject key identifier:   D1:5B:91:AA:11:D6:04:9A:E4:52:DA:F1:5B:4A:0E:79:4C:10:0E:59
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Certificate issuer:       /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial:       019758A3E29CEB1A231B73B19454B256B72A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
Manifest number:          1581
Signing time:             Tue 10 Jun 2025 07:00:24 +0000
Manifest this update:     Tue 10 Jun 2025 07:00:24 +0000
Manifest next update:     Wed 11 Jun 2025 07:00:24 +0000
Files and hashes:         1: dXFLWBraGW41UcCM52JDvgWLROs.crl (hash: BMSK9Fm6miWZR7Q1OaPNAXr+Mm/JLD8mhz/MgYAAWKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a3:e2:9c:eb:1a:23:1b:73:b1:94:54:b2:56:b7:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
        Validity
            Not Before: Jun 10 07:00:24 2025 GMT
            Not After : Jun 11 07:00:24 2025 GMT
        Subject: CN=d15b91aa11d6049ae452daf15b4a0e794c100e59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:47:fb:fb:05:3d:b7:6d:d5:4b:01:a9:da:3b:
                    9e:65:e6:2f:35:a2:7b:21:48:bf:86:77:8d:d4:f3:
                    f8:8d:62:89:17:71:3b:e9:0a:44:e9:a3:f6:d8:60:
                    4f:4a:37:b4:e1:ba:d7:8e:28:d6:65:5c:36:f2:be:
                    fc:89:06:45:23:c8:2c:bb:dc:4f:25:95:4f:5d:82:
                    52:f0:7e:74:25:9d:f5:44:8f:2d:e8:cd:c2:5a:00:
                    51:d1:dd:42:9e:51:44:91:91:d6:72:01:86:1f:64:
                    c8:c4:67:80:03:fe:81:c9:49:ab:d0:8d:d8:50:07:
                    52:46:69:ef:d1:7c:4e:d0:24:15:93:e9:2c:6b:da:
                    1e:b1:5b:5b:14:e5:af:c3:4a:3e:db:b1:3e:7e:44:
                    7b:59:b8:8f:64:cb:cc:d4:0f:09:db:cd:66:6b:c9:
                    6c:50:c5:4c:b3:88:9b:d5:2e:0f:e7:7e:30:e0:ed:
                    f2:32:4c:26:fa:b4:c1:27:ed:d5:fa:49:cc:fa:cb:
                    79:6c:65:77:2c:d9:09:84:3f:1b:e3:f1:98:36:8d:
                    23:2a:d1:b4:31:bf:32:b7:07:81:f7:a3:02:5c:fc:
                    ae:b5:b1:6d:ec:e8:17:86:29:47:27:47:e6:05:b4:
                    1b:bc:53:86:69:a3:eb:8d:6d:c0:0c:5f:80:5e:f7:
                    af:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:5B:91:AA:11:D6:04:9A:E4:52:DA:F1:5B:4A:0E:79:4C:10:0E:59
            X509v3 Authority Key Identifier:
                keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:15:ad:09:4b:aa:8e:03:7e:cb:43:87:bf:75:16:1a:78:c9:
         b5:ef:3f:85:74:58:c9:14:4b:62:65:59:d6:a6:c3:9a:4e:47:
         c6:9e:7d:97:a0:70:5d:51:a6:17:bd:0b:49:f2:6a:6b:e7:1b:
         78:7c:75:27:f8:49:ee:df:04:f5:d3:34:f8:86:89:11:39:af:
         5c:ff:d1:61:3a:85:6c:75:a6:8c:e8:64:9c:cb:26:21:9d:92:
         9f:33:b1:0d:78:99:da:32:bf:ea:16:4b:08:b8:19:1c:5d:55:
         f8:08:8f:8f:b8:da:20:de:3c:b2:61:16:d5:a8:81:e9:4d:3d:
         94:c9:1a:3a:81:18:06:ef:30:45:16:e4:f2:16:6b:fe:f1:49:
         fe:19:e6:40:4f:56:03:97:01:79:a7:78:2d:95:ea:0e:ee:ba:
         16:97:3f:91:db:80:80:67:c0:6a:05:4c:ae:22:9c:08:4a:7f:
         48:76:ec:be:a7:b6:60:71:9a:6a:6d:3a:ec:f1:e3:5f:af:48:
         a9:c1:69:82:27:a8:7a:16:d2:32:d1:32:ba:cf:bf:8e:59:db:
         75:57:2d:e3:03:ee:ac:df:78:53:df:d8:32:29:94:d6:48:cb:
         67:b7:35:ec:03:3f:05:d0:c4:c2:09:4b:bb:ef:72:2f:98:db:
         4a:e4:24:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYo+Kc6xojG3OxlFSyVrcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNjEwMDcwMDI0WhcNMjUwNjExMDcwMDI0WjAzMTEwLwYDVQQD
EyhkMTViOTFhYTExZDYwNDlhZTQ1MmRhZjE1YjRhMGU3OTRjMTAwZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkf7+wU9t23VSwGp2jueZeYvNaJ7
IUi/hneN1PP4jWKJF3E76QpE6aP22GBPSje04brXjijWZVw28r78iQZFI8gsu9xP
JZVPXYJS8H50JZ31RI8t6M3CWgBR0d1CnlFEkZHWcgGGH2TIxGeAA/6ByUmr0I3Y
UAdSRmnv0XxO0CQVk+ksa9oesVtbFOWvw0o+27E+fkR7WbiPZMvM1A8J281ma8ls
UMVMs4ib1S4P534w4O3yMkwm+rTBJ+3V+knM+st5bGV3LNkJhD8b4/GYNo0jKtG0
Mb8ytweB96MCXPyutbFt7OgXhilHJ0fmBbQbvFOGaaPrjW3ADF+AXvevwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFbkaoR1gSa5FLa8VtKDnlMEA5ZMB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRWtCUuq
jgN+y0OHv3UWGnjJte8/hXRYyRRLYmVZ1qbDmk5Hxp59l6BwXVGmF70LSfJqa+cb
eHx1J/hJ7t8E9dM0+IaJETmvXP/RYTqFbHWmjOhknMsmIZ2SnzOxDXiZ2jK/6hZL
CLgZHF1V+AiPj7jaIN48smEW1aiB6U09lMkaOoEYBu8wRRbk8hZr/vFJ/hnmQE9W
A5cBead4LZXqDu66Fpc/kduAgGfAagVMriKcCEp/SHbsvqe2YHGaam067PHjX69I
qcFpgieoehbSMtEyus+/jlnbdVct4wPurN94U9/YMimU1kjLZ7c17AM/BdDEwglL
u+9yL5jbSuQkTw==
-----END CERTIFICATE-----