Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
File:                     dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json)
Hash identifier:          ilqLTKGhUshlkJI8lD/MbhRV3BoWzTLqCCbpOsdvG98=
Subject key identifier:   EE:1F:CF:46:3F:BB:A9:6E:95:AF:81:DF:FD:D4:C6:82:2F:7D:EC:A7
Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
Certificate issuer:       /CN=7429d1ef49270810e1020cea86198642339131a0
Certificate serial:       019611A1292078BF017F6CF6B2963267B83B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
Manifest number:          09A7
Signing time:             Mon 07 Apr 2025 19:01:36 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:36 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:36 +0000
Files and hashes:         1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: Tpus6hbhn13/gQaawAUaoEDFQD7I97ykNaXKAn19/Bs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 19:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a1:29:20:78:bf:01:7f:6c:f6:b2:96:32:67:b8:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7429d1ef49270810e1020cea86198642339131a0
        Validity
            Not Before: Apr  7 19:01:36 2025 GMT
            Not After : Apr  8 19:01:36 2025 GMT
        Subject: CN=ee1fcf463fbba96e95af81dffdd4c6822f7deca7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:65:c3:ac:1d:76:17:b7:fe:2f:7c:47:81:48:
                    a8:98:0f:31:73:fd:c4:22:af:22:6d:dd:48:c2:82:
                    a9:7a:49:39:77:df:5f:81:19:70:d8:9b:1d:6c:b8:
                    f7:e9:8f:d6:a5:fa:78:5b:27:16:ff:f7:a5:96:27:
                    9e:37:ee:31:10:d6:85:60:87:f0:8b:21:9d:be:33:
                    cb:a1:62:d7:ae:04:f9:7b:11:5b:40:82:cb:75:44:
                    43:a1:3a:b8:14:16:07:9c:d9:24:72:c9:8a:11:40:
                    ff:e3:dd:5d:ad:a9:c3:bf:79:72:46:cf:b6:21:f2:
                    83:95:db:e8:4e:6a:26:b7:08:5a:cd:f9:80:b1:25:
                    0b:42:27:c9:b9:3d:59:d2:d4:a2:17:43:f7:5e:64:
                    df:ff:cf:4d:59:fa:58:a2:30:3e:31:ff:ad:27:70:
                    03:16:7a:e6:cb:bf:79:e1:c4:7e:3a:03:73:10:42:
                    5a:4d:25:fd:70:24:35:60:b2:19:fc:3e:86:4c:6f:
                    94:cf:92:4b:99:2c:c9:85:9c:c6:2c:9d:8a:ff:0c:
                    9c:3f:95:69:29:64:a3:38:79:22:e5:d8:26:db:9d:
                    57:58:80:ce:1c:41:18:fe:e3:c9:f5:23:a9:ef:10:
                    2e:e6:d1:24:3e:b2:64:21:a1:07:cf:fa:0f:06:0e:
                    27:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:1F:CF:46:3F:BB:A9:6E:95:AF:81:DF:FD:D4:C6:82:2F:7D:EC:A7
            X509v3 Authority Key Identifier:
                keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:f3:1c:87:53:a7:0a:18:e3:77:39:f2:5a:f0:18:d7:d1:a0:
         4c:e5:de:0c:0a:7c:a6:67:b7:8a:0a:f4:31:ba:5a:e7:15:f2:
         60:04:80:e5:2c:79:ac:29:11:82:a9:81:a1:86:75:07:b7:e5:
         25:4f:55:ba:a9:04:ef:01:68:99:bf:93:93:50:84:2d:85:0e:
         b3:03:51:94:48:ae:07:15:b2:0d:62:7d:72:26:03:0b:ac:0d:
         b0:59:11:a8:bf:38:6f:0e:27:6e:c1:46:28:30:cc:e0:3a:da:
         7c:e2:c9:92:d1:d2:6b:90:ff:0d:66:05:d9:30:2b:c4:2f:37:
         a2:b0:64:20:93:95:eb:3e:14:ca:f8:74:45:34:c6:2b:df:4a:
         64:d5:63:8b:5e:25:eb:96:0f:2e:40:54:50:42:a3:ef:25:f2:
         d5:24:f8:4a:c4:07:d2:0a:f3:2d:94:e8:c5:34:4f:8d:6f:ed:
         1b:2a:ac:3a:08:64:91:88:84:0a:4b:17:4a:95:98:b3:18:84:
         2d:88:5e:a0:b3:34:50:5b:83:2f:da:5d:da:7a:0e:ea:10:ac:
         98:da:84:92:77:10:d3:68:d3:2b:33:5d:c3:04:4d:33:de:cb:
         b9:95:5b:d1:da:05:9c:75:fb:9f:86:db:c4:27:7e:8b:23:4f:
         f6:2d:d9:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoSkgeL8Bf2z2spYyZ7g7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5
MTMxYTAwHhcNMjUwNDA3MTkwMTM2WhcNMjUwNDA4MTkwMTM2WjAzMTEwLwYDVQQD
EyhlZTFmY2Y0NjNmYmJhOTZlOTVhZjgxZGZmZGQ0YzY4MjJmN2RlY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGXDrB12F7f+L3xHgUiomA8xc/3E
Iq8ibd1IwoKpekk5d99fgRlw2JsdbLj36Y/Wpfp4WycW//ellieeN+4xENaFYIfw
iyGdvjPLoWLXrgT5exFbQILLdURDoTq4FBYHnNkkcsmKEUD/491dranDv3lyRs+2
IfKDldvoTmomtwhazfmAsSULQifJuT1Z0tSiF0P3XmTf/89NWfpYojA+Mf+tJ3AD
Fnrmy7954cR+OgNzEEJaTSX9cCQ1YLIZ/D6GTG+Uz5JLmSzJhZzGLJ2K/wycP5Vp
KWSjOHki5dgm251XWIDOHEEY/uPJ9SOp7xAu5tEkPrJkIaEHz/oPBg4nNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO4fz0Y/u6lula+B3/3UxoIvfeynMB8GA1UdIwQY
MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt
ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0
LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/Mch1On
ChjjdznyWvAY19GgTOXeDAp8pme3igr0Mbpa5xXyYASA5Sx5rCkRgqmBoYZ1B7fl
JU9VuqkE7wFomb+Tk1CELYUOswNRlEiuBxWyDWJ9ciYDC6wNsFkRqL84bw4nbsFG
KDDM4DrafOLJktHSa5D/DWYF2TArxC83orBkIJOV6z4Uyvh0RTTGK99KZNVji14l
65YPLkBUUEKj7yXy1ST4SsQH0grzLZToxTRPjW/tGyqsOghkkYiECksXSpWYsxiE
LYheoLM0UFuDL9pd2noO6hCsmNqEkncQ02jTKzNdwwRNM97LuZVb0doFnHX7n4bb
xCd+iyNP9i3Zbg==
-----END CERTIFICATE-----