Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File:                     gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier:          rc2niymQXi26hqvzS7v0gSLwg0BYJ80WsX+KmsM5l5Q=
Subject key identifier:   CD:A0:BF:B8:E1:18:C8:06:CD:07:F8:55:19:08:68:3C:64:0D:66:BC
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer:       /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial:       01976BBCBE6D954AF1AEBB42411159D64E80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number:          03CF
Signing time:             Sat 14 Jun 2025 00:00:20 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:20 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:20 +0000
Files and hashes:         1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: iA4YFExclF/h2a3dHYcPiQ4+59atUFUElys1q2alo5A=)
                          2: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (hash: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bc:be:6d:95:4a:f1:ae:bb:42:41:11:59:d6:4e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
        Validity
            Not Before: Jun 14 00:00:20 2025 GMT
            Not After : Jun 15 00:00:20 2025 GMT
        Subject: CN=cda0bfb8e118c806cd07f8551908683c640d66bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cf:41:5e:53:d3:63:5e:68:21:7f:b4:67:fa:
                    c3:fc:2d:c9:ef:f3:4f:10:9e:ba:61:b7:66:58:b5:
                    5e:de:2d:60:93:7a:ce:58:4f:37:6d:92:96:25:c6:
                    6c:bc:34:02:5c:40:a4:9d:4a:f8:b0:86:cf:7f:58:
                    42:29:18:d9:0e:5f:e0:c0:85:f0:4e:19:14:dd:6d:
                    52:94:f7:f3:6e:9d:ab:2f:0f:3b:42:eb:f6:2d:98:
                    34:45:22:04:d1:cb:d8:c3:2f:f9:9a:00:c0:1f:c7:
                    08:36:1f:76:5c:e0:be:b0:4c:ad:52:1d:ff:30:24:
                    1a:93:f3:19:6f:8c:d1:6f:65:de:9a:b7:1d:70:1a:
                    bf:dc:56:da:c2:5f:ad:5c:96:fc:84:4f:95:49:31:
                    57:7b:ce:bf:b6:3d:49:13:a3:1e:72:5a:77:44:1d:
                    86:54:6f:e6:fe:9a:53:e7:2a:ca:e0:57:5d:f5:b7:
                    0d:e5:97:fd:01:fb:5a:73:e2:fd:3c:29:23:2c:4e:
                    ec:20:5c:5d:9a:b5:8b:25:c3:e9:3e:99:14:40:5b:
                    3c:e9:19:86:64:4b:9b:3e:98:59:16:5e:d1:fd:58:
                    ed:e1:95:18:7d:75:9d:03:10:f2:9a:4e:23:07:d4:
                    20:b5:71:24:ff:26:24:b9:52:2d:d8:2e:20:3d:17:
                    a0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A0:BF:B8:E1:18:C8:06:CD:07:F8:55:19:08:68:3C:64:0D:66:BC
            X509v3 Authority Key Identifier:
                keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:17:d8:4c:87:72:59:2a:0b:22:61:63:45:8b:22:a6:a0:70:
         16:8d:e6:e1:43:a4:e2:a9:86:2d:4e:f0:a5:ea:9c:e3:5f:43:
         32:33:4b:e3:85:9c:28:73:db:57:9a:01:a5:84:b2:e6:ed:14:
         31:3a:cb:be:4d:40:85:81:4c:12:7a:68:7d:18:8f:23:77:91:
         e5:bf:66:c3:6a:b4:dd:34:72:be:23:5a:88:28:cb:e8:c3:8d:
         ad:13:f9:09:20:1c:d7:d6:0b:a2:02:01:7b:c6:33:6c:89:bc:
         e8:3b:e5:ed:4c:1a:50:74:ec:f7:24:05:d5:d7:7a:88:f2:4f:
         2c:17:b8:21:bd:40:16:f6:25:f3:ca:bb:44:9a:93:8a:0a:ba:
         57:d3:6e:60:a9:9c:bf:69:a8:99:46:ed:3b:dc:68:a0:27:a3:
         5c:eb:99:dd:1b:74:c7:df:10:45:59:9f:d3:27:ce:99:43:4e:
         25:42:20:69:62:de:c2:d9:17:54:d0:2c:c4:44:c8:c8:64:46:
         ca:d3:58:51:b9:ed:44:e0:72:2e:bd:32:e0:b7:e0:f6:19:29:
         f9:cc:83:ee:07:4b:1d:6b:3d:b1:52:62:d4:2a:52:c5:d4:76:
         83:d8:9a:83:38:4a:1f:ab:c6:79:18:38:87:36:7e:b9:dc:2d:
         2b:96:eb:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvL5tlUrxrrtCQRFZ1k6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjUwNjE0MDAwMDIwWhcNMjUwNjE1MDAwMDIwWjAzMTEwLwYDVQQD
EyhjZGEwYmZiOGUxMThjODA2Y2QwN2Y4NTUxOTA4NjgzYzY0MGQ2NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs9BXlPTY15oIX+0Z/rD/C3J7/NP
EJ66YbdmWLVe3i1gk3rOWE83bZKWJcZsvDQCXECknUr4sIbPf1hCKRjZDl/gwIXw
ThkU3W1SlPfzbp2rLw87Quv2LZg0RSIE0cvYwy/5mgDAH8cINh92XOC+sEytUh3/
MCQak/MZb4zRb2XemrcdcBq/3Fbawl+tXJb8hE+VSTFXe86/tj1JE6Meclp3RB2G
VG/m/ppT5yrK4Fdd9bcN5Zf9Aftac+L9PCkjLE7sIFxdmrWLJcPpPpkUQFs86RmG
ZEubPphZFl7R/Vjt4ZUYfXWdAxDymk4jB9QgtXEk/yYkuVIt2C4gPRegRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2gv7jhGMgGzQf4VRkIaDxkDWa8MB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvxfYTIdy
WSoLImFjRYsipqBwFo3m4UOk4qmGLU7wpeqc419DMjNL44WcKHPbV5oBpYSy5u0U
MTrLvk1AhYFMEnpofRiPI3eR5b9mw2q03TRyviNaiCjL6MONrRP5CSAc19YLogIB
e8YzbIm86Dvl7UwaUHTs9yQF1dd6iPJPLBe4Ib1AFvYl88q7RJqTigq6V9NuYKmc
v2momUbtO9xooCejXOuZ3Rt0x98QRVmf0yfOmUNOJUIgaWLewtkXVNAsxETIyGRG
ytNYUbntROByLr0y4Lfg9hkp+cyD7gdLHWs9sVJi1CpSxdR2g9iagzhKH6vGeRg4
hzZ+udwtK5brXg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 02:13:00 2025 by rpki-client