Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
File:                     dWXhJLHEG5OxTX7eBda4B3eYmv0.mft (raw, json)
Hash identifier:          YynOT5uab9dU4ac27WkwOYP+NI7wyCfXVuFTyoTsZZE=
Subject key identifier:   28:A9:B8:DC:4F:D5:33:94:DC:94:B1:85:19:C8:59:26:48:20:1B:2F
Authority key identifier: 75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD
Certificate issuer:       /CN=7565e124b1c41b93b14d7ede05d6b80777989afd
Certificate serial:       019652A46765C3BB1352A5760722FF152B45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
Manifest number:          12A1
Signing time:             Sun 20 Apr 2025 10:00:28 +0000
Manifest this update:     Sun 20 Apr 2025 10:00:28 +0000
Manifest next update:     Mon 21 Apr 2025 10:00:28 +0000
Files and hashes:         1: dWXhJLHEG5OxTX7eBda4B3eYmv0.crl (hash: N6ro13WL7Pm6Rqc/Mv5fx1tFJN5WJATkTRR5LAnX42c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 10:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:67:65:c3:bb:13:52:a5:76:07:22:ff:15:2b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7565e124b1c41b93b14d7ede05d6b80777989afd
        Validity
            Not Before: Apr 20 10:00:28 2025 GMT
            Not After : Apr 21 10:00:28 2025 GMT
        Subject: CN=28a9b8dc4fd53394dc94b18519c8592648201b2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:34:d8:c2:d6:f1:c0:79:7b:09:e1:ae:fe:03:
                    30:54:4e:ec:75:b2:9d:5d:82:6b:f4:37:e7:b9:ab:
                    7d:97:ec:9b:86:7a:50:cd:2b:d2:53:60:22:82:01:
                    82:d4:0d:08:dd:f3:da:53:0e:bf:99:e8:34:e7:b5:
                    80:56:8b:bb:f3:28:3a:5d:3c:c0:b5:9b:bf:26:f7:
                    67:ce:e5:75:59:14:dd:bf:e1:52:14:1a:62:a9:6e:
                    3a:43:9a:54:d4:78:9e:88:4f:3f:67:8d:e8:20:1e:
                    5b:05:14:0a:51:1a:2d:c7:e3:1d:0e:3f:9c:7e:4d:
                    8e:52:46:ef:06:c8:98:77:14:6b:77:98:e9:50:2b:
                    3d:ed:77:d8:92:95:a2:72:6b:30:4b:96:3f:81:69:
                    92:e0:66:da:55:7b:39:7c:74:32:6f:5e:ee:0f:98:
                    ad:49:10:4c:14:34:41:05:e7:7a:fd:59:61:24:46:
                    61:ec:f0:ba:56:54:60:1d:b4:c1:22:4f:da:b5:a3:
                    1a:ff:c0:68:4e:29:c9:db:f3:5b:25:b5:d6:11:d5:
                    97:1d:4a:a7:71:62:20:9d:e9:7e:ed:6f:b5:66:79:
                    55:09:8c:9a:87:59:f3:34:a4:c0:bc:8c:64:27:04:
                    ac:88:7d:7a:cc:ea:fb:30:5f:cd:74:55:fc:71:7f:
                    38:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A9:B8:DC:4F:D5:33:94:DC:94:B1:85:19:C8:59:26:48:20:1B:2F
            X509v3 Authority Key Identifier:
                keyid:75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:b4:1e:4f:09:6d:2d:d6:ea:1f:c9:a6:ab:e7:b5:ce:24:89:
         c5:dd:30:1e:c0:ae:a7:e7:d1:e2:d8:69:38:51:fc:9f:a7:f3:
         85:5c:63:f9:a6:ef:be:e5:a5:59:95:63:fc:85:2a:0f:59:48:
         ee:c6:5d:cd:2d:72:9f:8d:59:59:8c:92:55:a1:50:ef:6a:53:
         ba:ab:c9:f1:2b:e9:00:fd:97:bf:e7:d9:21:c4:f2:ac:05:b0:
         d8:1d:c9:42:94:0e:88:4f:77:1f:44:24:f3:09:2a:8f:4c:14:
         3d:d8:bf:21:ab:96:f3:58:d9:0b:9b:17:31:a1:e3:07:8a:1f:
         d8:17:ed:16:5d:76:ff:d9:3f:44:b9:19:d3:17:34:60:49:16:
         2b:10:49:70:79:93:81:31:c1:b4:1e:e1:15:0d:b2:81:0e:78:
         3f:42:c4:9d:98:49:58:df:ad:d6:a6:d1:9d:bc:73:32:a1:c3:
         88:c3:11:c6:b0:94:be:8d:2b:f2:4e:33:e8:70:96:f0:d8:3b:
         61:cf:9a:b8:57:aa:9f:a2:1a:15:22:f7:d6:77:ba:79:5c:9a:
         95:10:47:fa:4c:93:da:fb:12:05:76:3e:d3:b2:d9:0b:5a:3e:
         5c:ce:b2:49:24:35:c0:65:aa:c2:d8:5f:a7:16:44:5b:dc:9a:
         48:f7:45:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpGdlw7sTUqV2ByL/FStFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NjVlMTI0YjFjNDFiOTNiMTRkN2VkZTA1ZDZiODA3Nzc5
ODlhZmQwHhcNMjUwNDIwMTAwMDI4WhcNMjUwNDIxMTAwMDI4WjAzMTEwLwYDVQQD
EygyOGE5YjhkYzRmZDUzMzk0ZGM5NGIxODUxOWM4NTkyNjQ4MjAxYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjTYwtbxwHl7CeGu/gMwVE7sdbKd
XYJr9Dfnuat9l+ybhnpQzSvSU2AiggGC1A0I3fPaUw6/meg057WAVou78yg6XTzA
tZu/JvdnzuV1WRTdv+FSFBpiqW46Q5pU1HieiE8/Z43oIB5bBRQKURotx+MdDj+c
fk2OUkbvBsiYdxRrd5jpUCs97XfYkpWicmswS5Y/gWmS4GbaVXs5fHQyb17uD5it
SRBMFDRBBed6/VlhJEZh7PC6VlRgHbTBIk/ataMa/8BoTinJ2/NbJbXWEdWXHUqn
cWIgnel+7W+1ZnlVCYyah1nzNKTAvIxkJwSsiH16zOr7MF/NdFX8cX84wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCipuNxP1TOU3JSxhRnIWSZIIBsvMB8GA1UdIwQY
MBaAFHVl4SSxxBuTsU1+3gXWuAd3mJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEt
MjllNDQ1ZGUyNDU5LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEtMjllNDQ1ZGUyNDU5
LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLQeTwlt
LdbqH8mmq+e1ziSJxd0wHsCup+fR4thpOFH8n6fzhVxj+abvvuWlWZVj/IUqD1lI
7sZdzS1yn41ZWYySVaFQ72pTuqvJ8SvpAP2Xv+fZIcTyrAWw2B3JQpQOiE93H0Qk
8wkqj0wUPdi/IauW81jZC5sXMaHjB4of2BftFl12/9k/RLkZ0xc0YEkWKxBJcHmT
gTHBtB7hFQ2ygQ54P0LEnZhJWN+t1qbRnbxzMqHDiMMRxrCUvo0r8k4z6HCW8Ng7
Yc+auFeqn6IaFSL31ne6eVyalRBH+kyT2vsSBXY+07LZC1o+XM6ySSQ1wGWqwthf
pxZEW9yaSPdFlA==
-----END CERTIFICATE-----