Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File:                     hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier:          haVxJu/RDo2bf43F/YFGzqRhgwSQBPgJ7jyyibw6WA0=
Subject key identifier:   6E:EE:99:E0:6D:C3:9B:79:E6:DE:18:40:B4:C3:EB:C1:FE:32:10:AE
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer:       /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial:       01974A7B50B596206170D1235A9012E17571
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number:          0BD2
Signing time:             Sat 07 Jun 2025 13:01:24 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:24 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:24 +0000
Files and hashes:         1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: b5U2AVuhyMaJdcSUdjUA7okcEk0cdjV3eCE7MHx5JEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:50:b5:96:20:61:70:d1:23:5a:90:12:e1:75:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
        Validity
            Not Before: Jun  7 13:01:24 2025 GMT
            Not After : Jun  8 13:01:24 2025 GMT
        Subject: CN=6eee99e06dc39b79e6de1840b4c3ebc1fe3210ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:59:30:31:f6:a7:fd:34:d9:74:d4:6a:73:7b:
                    74:c5:f4:ad:4a:5a:00:f0:36:b5:7a:31:3d:4e:4b:
                    76:5c:d1:71:e2:2b:97:cb:b4:ec:ad:00:7a:ac:66:
                    55:bd:5c:de:48:db:4d:57:0f:61:c4:88:eb:04:9c:
                    cf:f9:fc:ce:c1:b1:d3:84:f3:5e:b9:0f:94:bb:b9:
                    90:08:04:b4:af:c2:04:b9:6e:ae:57:f8:d9:40:a7:
                    60:9e:20:3a:0b:37:ec:4f:00:1e:dd:52:75:29:5b:
                    e3:5e:bc:72:d0:a5:c0:dc:3a:ca:a1:20:95:e0:68:
                    80:27:bb:ee:1f:f3:ca:8d:5d:d2:f1:85:63:98:58:
                    d0:e1:82:71:83:ae:04:02:7c:b3:b3:3d:c0:8a:49:
                    f7:be:84:6c:f5:43:9d:f4:63:97:7f:83:12:60:f4:
                    ab:57:4d:33:d0:94:ac:f0:38:d2:61:4b:69:d4:fc:
                    24:fb:7b:e5:1b:c6:e3:57:b6:97:d2:05:18:c8:75:
                    1f:7f:fb:a0:0c:ac:f8:54:14:7b:26:b8:89:1e:17:
                    86:9e:ff:cc:4f:16:31:04:b8:05:50:e3:71:79:46:
                    f8:6f:3f:21:73:ad:c4:61:b2:f5:9b:d9:57:e0:51:
                    73:34:3e:04:2e:b2:58:60:ff:00:a2:be:86:c4:fe:
                    6b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:EE:99:E0:6D:C3:9B:79:E6:DE:18:40:B4:C3:EB:C1:FE:32:10:AE
            X509v3 Authority Key Identifier:
                keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:73:58:e2:ae:12:d7:a8:06:f4:1c:4b:78:d2:27:1d:41:0c:
         b7:ab:4d:73:48:ff:30:be:65:ca:a3:8c:ef:03:f0:66:2c:90:
         a4:b8:2d:5b:50:9e:46:6a:4e:03:63:b6:7e:99:b5:10:8e:d5:
         8a:a9:28:96:e3:4b:b9:94:29:4e:d4:58:3f:9e:88:cc:7d:eb:
         a8:00:da:df:5e:60:19:02:e5:85:1b:41:54:55:0c:7f:41:ac:
         f8:b7:77:47:e3:68:fc:17:8a:6f:ea:61:59:d9:42:2e:e4:cd:
         0b:d0:0d:25:c8:93:f7:cd:22:0a:7e:b1:94:a0:61:79:fd:71:
         e4:16:d6:46:ff:98:8b:fa:4b:a9:74:4d:66:08:80:23:1f:a7:
         e7:96:1c:d5:33:9b:8c:cd:61:b8:8b:3e:ff:b4:02:04:8c:6d:
         e7:b1:df:b1:52:b5:74:8a:91:6f:73:4d:a4:df:d9:22:ee:93:
         67:4a:29:47:5d:38:bf:bc:06:b8:04:9c:1a:4e:2b:bc:a9:7a:
         e1:06:8e:8f:f1:53:13:16:bb:0c:bd:ad:89:07:c1:ee:b0:bb:
         ca:0a:91:71:9e:63:02:42:04:9e:4d:dd:14:87:5c:84:eb:00:
         05:29:a9:5e:9b:65:e1:df:09:3b:5f:d9:df:c3:40:a2:09:da:
         8d:af:2e:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe1C1liBhcNEjWpAS4XVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUwNjA3MTMwMTI0WhcNMjUwNjA4MTMwMTI0WjAzMTEwLwYDVQQD
Eyg2ZWVlOTllMDZkYzM5Yjc5ZTZkZTE4NDBiNGMzZWJjMWZlMzIxMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVkwMfan/TTZdNRqc3t0xfStSloA
8Da1ejE9Tkt2XNFx4iuXy7TsrQB6rGZVvVzeSNtNVw9hxIjrBJzP+fzOwbHThPNe
uQ+Uu7mQCAS0r8IEuW6uV/jZQKdgniA6CzfsTwAe3VJ1KVvjXrxy0KXA3DrKoSCV
4GiAJ7vuH/PKjV3S8YVjmFjQ4YJxg64EAnyzsz3Aikn3voRs9UOd9GOXf4MSYPSr
V00z0JSs8DjSYUtp1Pwk+3vlG8bjV7aX0gUYyHUff/ugDKz4VBR7JriJHheGnv/M
TxYxBLgFUONxeUb4bz8hc63EYbL1m9lX4FFzND4ELrJYYP8Aor6GxP5rzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7umeBtw5t55t4YQLTD68H+MhCuMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3NY4q4S
16gG9BxLeNInHUEMt6tNc0j/ML5lyqOM7wPwZiyQpLgtW1CeRmpOA2O2fpm1EI7V
iqkoluNLuZQpTtRYP56IzH3rqADa315gGQLlhRtBVFUMf0Gs+Ld3R+No/BeKb+ph
WdlCLuTNC9ANJciT980iCn6xlKBhef1x5BbWRv+Yi/pLqXRNZgiAIx+n55Yc1TOb
jM1huIs+/7QCBIxt57HfsVK1dIqRb3NNpN/ZIu6TZ0opR104v7wGuAScGk4rvKl6
4QaOj/FTExa7DL2tiQfB7rC7ygqRcZ5jAkIEnk3dFIdchOsABSmpXptl4d8JO1/Z
38NAognaja8ubg==
-----END CERTIFICATE-----