Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
File:                     fXrxi3mJleFLOBNhoGu2aEm36Fo.mft (raw, json)
Hash identifier:          P5lMPa3qEo0Km9gIfeWx1oXloX3+PT2yPNdZtp5grSM=
Subject key identifier:   41:CF:30:6C:F9:B5:15:B4:B4:9B:9D:39:ED:5E:6C:2B:B8:90:D2:12
Authority key identifier: 7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A
Certificate issuer:       /CN=7d7af18b798995e14b381361a06bb66849b7e85a
Certificate serial:       019653EEB18B2B45E9DCF70C6D78D7A2ABEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
Manifest number:          0628
Signing time:             Sun 20 Apr 2025 16:01:13 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:13 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:13 +0000
Files and hashes:         1: fXrxi3mJleFLOBNhoGu2aEm36Fo.crl (hash: FmaGP8gsRNcS71VWYDUYG/PJM7MintlaTrQqwjPYzN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:b1:8b:2b:45:e9:dc:f7:0c:6d:78:d7:a2:ab:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7af18b798995e14b381361a06bb66849b7e85a
        Validity
            Not Before: Apr 20 16:01:13 2025 GMT
            Not After : Apr 21 16:01:13 2025 GMT
        Subject: CN=41cf306cf9b515b4b49b9d39ed5e6c2bb890d212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:df:bf:0c:fe:a7:84:88:c3:ae:61:5f:00:7b:
                    a4:6b:48:e6:07:48:de:a0:77:9b:11:78:dc:74:70:
                    98:a9:2a:00:c4:b6:8f:b5:77:83:78:64:6c:b5:0c:
                    99:82:17:94:22:90:a8:8d:62:2e:54:6e:ab:9e:39:
                    c2:5d:3f:9f:f6:52:f5:ba:5b:f0:3e:2d:4d:c9:03:
                    eb:41:7f:36:f2:e2:35:24:3a:96:ee:67:36:3f:f4:
                    90:b1:75:ff:5b:7b:0d:a7:c9:83:aa:44:88:ae:7f:
                    a5:2c:14:74:49:bb:9a:18:7d:34:ae:5c:a1:3e:fb:
                    f9:4a:18:15:f7:0a:f6:d3:e3:78:11:74:21:27:a6:
                    4d:16:b0:87:fc:bf:9c:a7:7f:c8:fc:50:d8:5d:06:
                    8b:03:3f:ff:11:4b:a8:94:d3:54:7a:f7:c8:eb:19:
                    3f:e0:61:32:64:9c:fb:47:80:2d:67:54:0a:a8:f1:
                    a0:12:dc:7c:c1:c0:e2:e2:b9:34:aa:99:83:06:99:
                    b7:66:40:4b:b3:7d:da:5c:e0:73:72:ee:37:f2:7c:
                    1f:d1:5f:82:d1:d7:c8:e4:cc:f1:d0:af:fb:d7:52:
                    3b:d7:e0:fd:77:6b:e0:62:43:e2:70:07:d5:b1:27:
                    76:1b:1b:b7:75:0f:2a:9d:35:68:92:65:7a:1a:80:
                    6e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:CF:30:6C:F9:B5:15:B4:B4:9B:9D:39:ED:5E:6C:2B:B8:90:D2:12
            X509v3 Authority Key Identifier:
                keyid:7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:97:46:6f:e4:e2:a7:25:cc:31:55:5a:f7:93:2a:83:72:86:
         b4:f2:37:bb:d2:9b:d9:04:21:6e:49:fc:90:73:75:c2:64:31:
         32:35:f3:2b:ab:21:02:94:a2:4d:b6:8c:99:06:1d:fa:40:0e:
         03:0b:23:2a:e8:d8:e1:ec:f9:24:59:8f:cb:35:af:9d:67:b2:
         b4:3f:55:1d:97:42:01:81:da:62:6d:bf:2a:a1:fe:40:55:d7:
         f9:25:3f:f8:44:8f:90:ce:9e:37:0d:68:d9:3f:a1:60:df:45:
         e0:ba:0f:48:23:f2:8b:62:e2:dd:6f:f4:13:91:88:17:7f:36:
         2c:6a:fb:80:3b:cb:84:04:2b:43:4f:a1:af:0c:a6:b6:33:94:
         47:8f:77:57:da:bb:54:c5:0a:e0:e7:85:27:4a:ab:2b:f3:54:
         92:30:40:97:6f:7a:29:78:da:d4:1b:36:cd:ac:5d:e5:41:c4:
         8b:2d:d2:9c:54:bb:15:e6:7c:97:5e:26:ec:35:ce:1c:31:96:
         21:ef:df:e7:72:74:23:a5:7a:31:0b:99:13:eb:42:9b:c4:57:
         c2:1e:24:52:7e:ed:c5:bc:21:bf:24:78:64:82:b4:74:5b:9b:
         35:0d:1b:c0:75:9e:cb:7b:79:bf:0a:b0:b5:f4:68:52:a3:59:
         11:71:f2:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7rGLK0Xp3PcMbXjXoqvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2FmMThiNzk4OTk1ZTE0YjM4MTM2MWEwNmJiNjY4NDli
N2U4NWEwHhcNMjUwNDIwMTYwMTEzWhcNMjUwNDIxMTYwMTEzWjAzMTEwLwYDVQQD
Eyg0MWNmMzA2Y2Y5YjUxNWI0YjQ5YjlkMzllZDVlNmMyYmI4OTBkMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt+/DP6nhIjDrmFfAHuka0jmB0je
oHebEXjcdHCYqSoAxLaPtXeDeGRstQyZgheUIpCojWIuVG6rnjnCXT+f9lL1ulvw
Pi1NyQPrQX828uI1JDqW7mc2P/SQsXX/W3sNp8mDqkSIrn+lLBR0SbuaGH00rlyh
Pvv5ShgV9wr20+N4EXQhJ6ZNFrCH/L+cp3/I/FDYXQaLAz//EUuolNNUevfI6xk/
4GEyZJz7R4AtZ1QKqPGgEtx8wcDi4rk0qpmDBpm3ZkBLs33aXOBzcu438nwf0V+C
0dfI5Mzx0K/711I71+D9d2vgYkPicAfVsSd2Gxu3dQ8qnTVokmV6GoBuDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHPMGz5tRW0tJudOe1ebCu4kNISMB8GA1UdIwQY
MBaAFH168Yt5iZXhSzgTYaBrtmhJt+haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAt
N2M2MjUyYzVmNDVkLzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAtN2M2MjUyYzVmNDVk
LzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4ZdGb+Ti
pyXMMVVa95Mqg3KGtPI3u9Kb2QQhbkn8kHN1wmQxMjXzK6shApSiTbaMmQYd+kAO
AwsjKujY4ez5JFmPyzWvnWeytD9VHZdCAYHaYm2/KqH+QFXX+SU/+ESPkM6eNw1o
2T+hYN9F4LoPSCPyi2Li3W/0E5GIF382LGr7gDvLhAQrQ0+hrwymtjOUR493V9q7
VMUK4OeFJ0qrK/NUkjBAl296KXja1Bs2zaxd5UHEiy3SnFS7FeZ8l14m7DXOHDGW
Ie/f53J0I6V6MQuZE+tCm8RXwh4kUn7txbwhvyR4ZIK0dFubNQ0bwHWey3t5vwqw
tfRoUqNZEXHyTA==
-----END CERTIFICATE-----