Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
File:                     mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft (raw, json)
Hash identifier:          DreG/+4Y7G9Sx22aylqIue57Z/pGLQLCS+yBapP3pyA=
Subject key identifier:   1D:AA:C2:40:F1:23:67:27:4E:16:08:EC:E2:9F:F8:1D:04:C5:FB:AF
Authority key identifier: 99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47
Certificate issuer:       /CN=9972148c7362c2c9399bb3af741592c42516c547
Certificate serial:       0195786B41E65202CF613D8C06FF7B025916
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
Manifest number:          0FC7
Signing time:             Sun 09 Mar 2025 01:00:49 +0000
Manifest this update:     Sun 09 Mar 2025 01:00:49 +0000
Manifest next update:     Mon 10 Mar 2025 01:00:49 +0000
Files and hashes:         1: mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl (hash: hs2+PRkpwAT+a75X0EaK1umh6Y5jw+ppP/LxRCkQjhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 01:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:78:6b:41:e6:52:02:cf:61:3d:8c:06:ff:7b:02:59:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9972148c7362c2c9399bb3af741592c42516c547
        Validity
            Not Before: Mar  9 01:00:49 2025 GMT
            Not After : Mar 10 01:00:49 2025 GMT
        Subject: CN=1daac240f12367274e1608ece29ff81d04c5fbaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7e:d0:27:34:68:81:81:69:52:6a:08:63:02:
                    d8:99:fc:b8:23:10:a0:48:93:80:78:8d:07:8e:2d:
                    51:a3:04:f4:af:eb:88:41:5c:05:82:a4:86:50:98:
                    4b:a6:74:fc:fb:09:69:57:c8:74:1e:8a:17:70:14:
                    79:a6:ca:5f:8e:68:d7:43:21:96:e0:97:18:9b:25:
                    75:c3:5f:4d:92:fd:99:5d:38:5b:44:33:07:55:4e:
                    df:b7:08:56:57:fb:c7:35:c7:f1:b1:2c:19:8f:77:
                    45:af:4d:ff:dc:b2:60:a2:ed:c6:2d:7b:93:51:2d:
                    09:ce:9e:b5:bf:75:73:1e:04:c1:72:57:26:27:6a:
                    f1:9e:60:84:d7:63:d1:0f:4d:be:20:48:bd:e6:a9:
                    34:70:90:eb:e4:4e:bb:a1:c7:ee:62:70:ff:12:9a:
                    54:da:16:64:b0:b6:14:11:bf:7f:c2:cd:45:d1:86:
                    cc:4d:3e:35:0a:6a:a1:b8:05:eb:cd:4d:e9:38:0d:
                    cf:f9:ea:f0:70:e9:19:6c:be:88:47:86:c3:74:77:
                    a7:4e:6c:86:e9:e7:9f:3a:9f:04:fc:00:05:4f:0d:
                    23:02:f5:3b:6e:9b:e3:ab:96:ed:93:9b:9e:7d:60:
                    ca:63:d5:95:76:15:e7:15:c9:14:db:c3:54:eb:a0:
                    56:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:AA:C2:40:F1:23:67:27:4E:16:08:EC:E2:9F:F8:1D:04:C5:FB:AF
            X509v3 Authority Key Identifier:
                keyid:99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:23:00:f4:43:25:6e:95:e1:6e:1a:60:e3:91:6a:73:29:81:
         03:e7:4f:72:86:e1:cb:c2:b6:65:00:9f:d6:1c:5c:f5:ce:00:
         5d:68:80:cc:37:f0:9a:c3:2a:26:4a:e9:ff:6c:b9:0b:8a:1d:
         10:32:7d:9d:0a:d9:ba:86:06:e9:4e:08:e0:01:8a:76:ca:dd:
         65:41:65:5f:75:d6:cb:3b:b9:c3:30:7c:8c:b8:bc:36:6e:e9:
         87:76:42:43:88:ef:5e:33:ed:19:46:09:c2:15:78:90:bd:c3:
         e4:9d:8d:f3:1c:50:88:6c:1e:88:f6:3f:06:1a:09:33:38:59:
         fc:e5:c6:16:39:f2:33:c2:9a:99:e7:48:77:2b:86:65:87:c9:
         35:67:c9:07:7d:5e:83:4d:3c:c2:55:fb:24:e2:14:2b:b6:76:
         a2:25:4e:0d:74:b2:35:f4:dc:0c:c2:b4:6d:a4:3a:46:5e:84:
         91:41:1a:cb:5b:1e:34:fd:80:be:aa:2b:02:3a:a3:91:c0:dc:
         ae:e7:8d:b0:a2:bf:36:ae:64:e1:c8:2b:a1:92:39:fc:98:ae:
         ca:28:e1:56:d3:e2:ce:89:14:7b:0a:9f:73:e5:36:be:25:36:
         bc:92:01:f4:d4:89:0b:f1:de:c5:03:c4:2d:82:19:49:fc:10:
         a6:49:58:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV4a0HmUgLPYT2MBv97AlkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzIxNDhjNzM2MmMyYzkzOTliYjNhZjc0MTU5MmM0MjUx
NmM1NDcwHhcNMjUwMzA5MDEwMDQ5WhcNMjUwMzEwMDEwMDQ5WjAzMTEwLwYDVQQD
EygxZGFhYzI0MGYxMjM2NzI3NGUxNjA4ZWNlMjlmZjgxZDA0YzVmYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi37QJzRogYFpUmoIYwLYmfy4IxCg
SJOAeI0Hji1RowT0r+uIQVwFgqSGUJhLpnT8+wlpV8h0HooXcBR5pspfjmjXQyGW
4JcYmyV1w19Nkv2ZXThbRDMHVU7ftwhWV/vHNcfxsSwZj3dFr03/3LJgou3GLXuT
US0Jzp61v3VzHgTBclcmJ2rxnmCE12PRD02+IEi95qk0cJDr5E67ocfuYnD/EppU
2hZksLYUEb9/ws1F0YbMTT41CmqhuAXrzU3pOA3P+erwcOkZbL6IR4bDdHenTmyG
6eefOp8E/AAFTw0jAvU7bpvjq5btk5uefWDKY9WVdhXnFckU28NU66BWuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2qwkDxI2cnThYI7OKf+B0ExfuvMB8GA1UdIwQY
MBaAFJlyFIxzYsLJOZuzr3QVksQlFsVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjIt
NmVjNjI2OTBiMTliLzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjItNmVjNjI2OTBiMTli
LzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiMA9EMl
bpXhbhpg45FqcymBA+dPcobhy8K2ZQCf1hxc9c4AXWiAzDfwmsMqJkrp/2y5C4od
EDJ9nQrZuoYG6U4I4AGKdsrdZUFlX3XWyzu5wzB8jLi8Nm7ph3ZCQ4jvXjPtGUYJ
whV4kL3D5J2N8xxQiGweiPY/BhoJMzhZ/OXGFjnyM8KamedIdyuGZYfJNWfJB31e
g008wlX7JOIUK7Z2oiVODXSyNfTcDMK0baQ6Rl6EkUEay1seNP2AvqorAjqjkcDc
rueNsKK/Nq5k4cgroZI5/JiuyijhVtPizokUewqfc+U2viU2vJIB9NSJC/HexQPE
LYIZSfwQpklY/Q==
-----END CERTIFICATE-----