Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
File:                     LKzIXJmo4dt9HFImfC3b08OeGLI.mft (raw, json)
Hash identifier:          sxR+DH5ecJlVfW1+BE6GWmRfsCxVpGJR19FTI+E5ap8=
Subject key identifier:   6E:82:13:6B:5B:FE:0F:AE:E7:09:47:0F:AE:82:E9:0C:0C:E6:54:D3
Authority key identifier: 2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2
Certificate issuer:       /CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
Certificate serial:       0196515ADE07FA6AA89171213150AF3F695C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
Manifest number:          0C13
Signing time:             Sun 20 Apr 2025 04:00:31 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:31 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:31 +0000
Files and hashes:         1: LKzIXJmo4dt9HFImfC3b08OeGLI.crl (hash: /hf4kADwS53/G2xD5/USEBQKjWpUW1g6xmorP7m9RwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5a:de:07:fa:6a:a8:91:71:21:31:50:af:3f:69:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
        Validity
            Not Before: Apr 20 04:00:31 2025 GMT
            Not After : Apr 21 04:00:31 2025 GMT
        Subject: CN=6e82136b5bfe0faee709470fae82e90c0ce654d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d3:20:55:94:9b:9c:48:88:c3:ca:dc:e6:cc:
                    df:4a:26:1a:d0:aa:e5:8b:e1:5f:72:39:29:58:ee:
                    ca:ea:6e:62:d8:f2:46:6d:a9:86:71:b0:87:62:fa:
                    5e:16:2d:32:03:8e:cc:65:f6:94:ea:dc:19:c8:63:
                    69:2b:c1:fb:5b:57:9a:4a:d4:8f:4f:29:ef:45:4d:
                    2b:1b:24:1d:52:06:cb:e6:e6:47:d0:9e:d2:cd:a9:
                    91:af:f9:68:14:b5:55:3b:a6:b5:22:da:99:3b:c9:
                    ea:32:c5:e4:d8:79:e1:4a:81:61:9f:30:f6:5e:33:
                    ac:ac:46:ec:4b:59:c5:86:e1:32:97:2e:16:36:e5:
                    73:9d:33:5f:ab:76:93:ad:fa:e5:07:a7:bb:83:ba:
                    61:05:f9:b7:cb:5d:04:1c:b5:11:6e:da:94:16:e3:
                    b2:b0:f3:b7:b1:7e:e4:57:f1:f2:aa:fe:94:86:57:
                    b0:50:45:1e:35:33:5b:b6:88:20:ad:d1:3d:9d:7d:
                    cb:61:f6:e5:3a:9e:ff:d9:9f:c5:fe:c7:96:0b:d0:
                    5e:a7:5f:2e:49:4f:6f:c4:66:96:db:75:4d:d7:28:
                    a5:57:60:46:21:b3:b0:01:94:d9:71:99:f8:d3:7b:
                    d0:b4:d2:f3:18:3d:a0:2b:08:8a:03:c2:6a:9f:0e:
                    c9:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:82:13:6B:5B:FE:0F:AE:E7:09:47:0F:AE:82:E9:0C:0C:E6:54:D3
            X509v3 Authority Key Identifier:
                keyid:2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:d5:3f:96:5b:c5:b8:3f:91:af:d9:57:b8:de:fe:a4:5b:7e:
         4d:35:54:cf:57:17:aa:2c:9e:be:86:80:85:a7:35:1a:a2:bf:
         28:eb:ae:d7:f6:c2:03:65:79:b1:6b:a2:ca:af:dd:59:20:bb:
         67:e1:48:80:7f:6d:ae:58:1f:98:41:c9:94:62:1f:87:7d:9e:
         42:d6:da:9e:7d:ce:02:84:58:77:09:65:78:3f:9b:c7:41:f6:
         bb:32:02:43:cb:dc:a1:2e:ff:e0:02:fb:f7:ae:a1:07:f5:45:
         43:de:92:84:e5:29:97:34:e2:7a:a0:0a:6a:83:c9:38:59:a8:
         e6:53:a3:66:7f:10:17:4b:6b:e8:a6:8c:9d:cf:36:9d:1f:a6:
         a7:92:86:6d:3d:46:98:05:c1:ce:52:20:6f:3e:b4:23:62:f6:
         98:69:68:42:88:a6:38:ab:21:67:2f:1b:ac:79:cc:f9:61:f3:
         ad:71:d6:f1:7c:d8:11:9e:6c:a9:65:d8:0e:78:95:95:ab:0b:
         64:13:a5:6e:a3:69:28:be:3e:78:2c:d2:b4:a5:6e:e3:88:73:
         b2:80:18:ac:b5:e5:59:41:d7:2f:98:da:27:cd:9e:32:ba:63:
         4e:55:e8:25:1f:0c:d5:3d:0b:6f:d1:b7:7a:65:ad:c0:12:9d:
         cd:cf:50:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWt4H+mqokXEhMVCvP2lcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWNjODVjOTlhOGUxZGI3ZDFjNTIyNjdjMmRkYmQzYzM5
ZTE4YjIwHhcNMjUwNDIwMDQwMDMxWhcNMjUwNDIxMDQwMDMxWjAzMTEwLwYDVQQD
Eyg2ZTgyMTM2YjViZmUwZmFlZTcwOTQ3MGZhZTgyZTkwYzBjZTY1NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19MgVZSbnEiIw8rc5szfSiYa0Krl
i+FfcjkpWO7K6m5i2PJGbamGcbCHYvpeFi0yA47MZfaU6twZyGNpK8H7W1eaStSP
TynvRU0rGyQdUgbL5uZH0J7SzamRr/loFLVVO6a1ItqZO8nqMsXk2HnhSoFhnzD2
XjOsrEbsS1nFhuEyly4WNuVznTNfq3aTrfrlB6e7g7phBfm3y10EHLURbtqUFuOy
sPO3sX7kV/Hyqv6UhlewUEUeNTNbtoggrdE9nX3LYfblOp7/2Z/F/seWC9Bep18u
SU9vxGaW23VN1yilV2BGIbOwAZTZcZn403vQtNLzGD2gKwiKA8Jqnw7J2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6CE2tb/g+u5wlHD66C6QwM5lTTMB8GA1UdIwQY
MBaAFCysyFyZqOHbfRxSJnwt29PDnhiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUt
MDFjZTA2ZDMxNWNkLzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUtMDFjZTA2ZDMxNWNk
LzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ9U/llvF
uD+Rr9lXuN7+pFt+TTVUz1cXqiyevoaAhac1GqK/KOuu1/bCA2V5sWuiyq/dWSC7
Z+FIgH9trlgfmEHJlGIfh32eQtbann3OAoRYdwlleD+bx0H2uzICQ8vcoS7/4AL7
966hB/VFQ96ShOUplzTieqAKaoPJOFmo5lOjZn8QF0tr6KaMnc82nR+mp5KGbT1G
mAXBzlIgbz60I2L2mGloQoimOKshZy8brHnM+WHzrXHW8XzYEZ5sqWXYDniVlasL
ZBOlbqNpKL4+eCzStKVu44hzsoAYrLXlWUHXL5jaJ82eMrpjTlXoJR8M1T0Lb9G3
emWtwBKdzc9QFw==
-----END CERTIFICATE-----