Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          lEYQAkyOiEBxyUabGLJpaSNNsstnyjE9zvEyHBCGx3w=
Subject key identifier:   28:96:DB:C3:17:D5:75:18:2B:8D:C9:1D:93:74:6D:99:1A:1D:49:BB
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       0196428CD90EF6BBCDAEFF4268FA3BEC29C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          06AE
Signing time:             Thu 17 Apr 2025 07:00:48 +0000
Manifest this update:     Thu 17 Apr 2025 07:00:48 +0000
Manifest next update:     Fri 18 Apr 2025 07:00:48 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: ZLA3EyMDuE48dDVbDc5cUJZrXDs73aH9TsMQOoP1tYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:42:8c:d9:0e:f6:bb:cd:ae:ff:42:68:fa:3b:ec:29:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Apr 17 07:00:48 2025 GMT
            Not After : Apr 18 07:00:48 2025 GMT
        Subject: CN=2896dbc317d575182b8dc91d93746d991a1d49bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1e:1a:d2:15:de:2c:9f:1b:36:9a:b3:df:6b:
                    5f:61:d9:ca:2b:ca:45:a5:36:4f:9f:e5:fa:cd:3c:
                    07:4c:d8:08:82:cf:0b:a0:9b:d0:2f:07:9c:6f:7b:
                    ac:57:f8:46:37:cb:e7:6c:99:b4:e1:10:64:47:34:
                    6d:2f:71:53:ee:67:2a:10:06:ce:a8:7b:6b:b1:3e:
                    81:2c:55:0e:f4:c3:1c:51:24:3a:5f:e1:2d:ee:47:
                    f9:a3:3e:c4:eb:7e:80:77:b1:43:b6:19:48:0e:a0:
                    1d:ff:18:37:32:b3:28:f2:ce:61:f7:45:0d:39:96:
                    b8:f3:cb:a1:45:43:d9:32:f2:7a:cd:99:44:75:bd:
                    1e:db:a1:e1:ad:d6:72:16:de:bf:7d:63:6d:fa:c2:
                    22:84:bf:17:d9:4a:c8:a5:d1:41:8a:0c:cb:68:f2:
                    12:0f:da:02:57:f5:b0:4c:58:78:3f:f7:cb:6f:d3:
                    75:77:11:0d:06:6f:bf:14:32:e5:5c:c8:91:de:90:
                    dc:96:10:7f:cb:c1:a4:0e:b9:af:a7:c7:5a:7e:cf:
                    13:66:1c:1e:8c:2e:54:9f:fd:7a:8e:dc:b6:f5:d9:
                    2c:e2:12:f9:ff:75:94:99:c9:5a:52:fb:f3:5f:a4:
                    fe:ae:91:e6:a6:51:22:72:50:8d:e9:7f:81:aa:36:
                    9d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:96:DB:C3:17:D5:75:18:2B:8D:C9:1D:93:74:6D:99:1A:1D:49:BB
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:2f:d4:41:c3:c3:7b:6e:aa:75:10:5a:a9:d8:23:fb:9f:e9:
         d9:4a:64:ad:e8:d4:7c:06:e7:96:59:30:e9:db:b6:3e:e4:af:
         fb:4c:a2:0e:ca:83:30:02:34:73:0a:be:5b:03:50:9e:2d:7a:
         eb:7e:f6:cc:5f:d9:c2:9a:ef:21:20:76:41:1f:64:55:06:f2:
         cb:35:51:17:8b:7c:7b:4e:d0:44:c6:78:2f:9c:5c:3e:53:17:
         c5:43:41:e8:2f:15:28:1e:c4:65:23:85:ec:0a:6d:2b:4d:60:
         ad:05:ea:76:ba:7a:2c:43:5b:ec:0f:17:82:cb:af:c5:13:a0:
         84:72:8e:c9:cc:52:0b:3a:30:00:af:6f:12:a4:ff:53:b2:be:
         7a:d0:b4:60:00:fc:72:70:16:73:8e:2c:69:0a:f3:a7:70:12:
         31:a6:4c:fc:3d:17:2b:92:65:e2:f7:85:a1:27:dd:a5:b1:ab:
         26:3b:60:37:8b:14:48:d7:7f:72:22:fe:09:f8:ff:2b:3a:6e:
         77:31:97:bf:de:e6:60:42:75:b8:98:38:56:cd:a9:06:86:2b:
         e5:f4:1f:7f:ef:ac:52:0c:bd:a6:b4:f6:9e:a0:4f:4c:5c:7e:
         21:32:71:46:1f:db:e4:7b:89:74:02:45:73:2c:6e:52:f5:6d:
         9a:eb:a6:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZCjNkO9rvNrv9CaPo77CnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjUwNDE3MDcwMDQ4WhcNMjUwNDE4MDcwMDQ4WjAzMTEwLwYDVQQD
EygyODk2ZGJjMzE3ZDU3NTE4MmI4ZGM5MWQ5Mzc0NmQ5OTFhMWQ0OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh4a0hXeLJ8bNpqz32tfYdnKK8pF
pTZPn+X6zTwHTNgIgs8LoJvQLwecb3usV/hGN8vnbJm04RBkRzRtL3FT7mcqEAbO
qHtrsT6BLFUO9MMcUSQ6X+Et7kf5oz7E636Ad7FDthlIDqAd/xg3MrMo8s5h90UN
OZa488uhRUPZMvJ6zZlEdb0e26HhrdZyFt6/fWNt+sIihL8X2UrIpdFBigzLaPIS
D9oCV/WwTFh4P/fLb9N1dxENBm+/FDLlXMiR3pDclhB/y8GkDrmvp8dafs8TZhwe
jC5Un/16jty29dks4hL5/3WUmclaUvvzX6T+rpHmplEiclCN6X+BqjadnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiW28MX1XUYK43JHZN0bZkaHUm7MB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZi/UQcPD
e26qdRBaqdgj+5/p2UpkrejUfAbnllkw6du2PuSv+0yiDsqDMAI0cwq+WwNQni16
6372zF/ZwprvISB2QR9kVQbyyzVRF4t8e07QRMZ4L5xcPlMXxUNB6C8VKB7EZSOF
7AptK01grQXqdrp6LENb7A8XgsuvxROghHKOycxSCzowAK9vEqT/U7K+etC0YAD8
cnAWc44saQrzp3ASMaZM/D0XK5Jl4veFoSfdpbGrJjtgN4sUSNd/ciL+Cfj/Kzpu
dzGXv97mYEJ1uJg4Vs2pBoYr5fQff++sUgy9prT2nqBPTFx+ITJxRh/b5HuJdAJF
cyxuUvVtmuum6Q==
-----END CERTIFICATE-----