Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
File:                     e9g2worwknoDVYYlrt9v14ekkFw.mft (raw, json)
Hash identifier:          NxslEhgwSg9PzRWH7ZLv1AkXcN2zNCwMD6X885G1SM0=
Subject key identifier:   3D:6F:5A:F4:6D:A6:17:1F:E3:BB:DF:CA:C5:36:70:5E:84:B8:1A:10
Authority key identifier: 7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C
Certificate issuer:       /CN=7bd836c28af0927a03558625aedf6fd787a4905c
Certificate serial:       019655381617E5E2A4FB3D1ECE9D7B0CC5BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
Manifest number:          1438
Signing time:             Sun 20 Apr 2025 22:01:01 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:01 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:01 +0000
Files and hashes:         1: e9g2worwknoDVYYlrt9v14ekkFw.crl (hash: TtzrSYeZMDW/jasRFmXdm8dmyhl4rJRF9cCxQ1wAqjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:16:17:e5:e2:a4:fb:3d:1e:ce:9d:7b:0c:c5:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bd836c28af0927a03558625aedf6fd787a4905c
        Validity
            Not Before: Apr 20 22:01:01 2025 GMT
            Not After : Apr 21 22:01:01 2025 GMT
        Subject: CN=3d6f5af46da6171fe3bbdfcac536705e84b81a10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:46:4b:b2:e7:d8:eb:2e:d3:d5:81:e5:08:1b:
                    4b:5a:74:3f:24:6d:47:b0:4d:c4:19:88:83:e1:85:
                    6b:60:ef:80:53:a9:d9:4c:85:aa:e8:6b:4c:d0:0a:
                    0b:b7:fc:3d:f5:fb:d0:cb:d7:25:f4:41:82:c8:fc:
                    3b:6b:6e:d1:fe:94:e4:45:40:ed:59:c2:d9:d2:dc:
                    01:65:20:54:14:3b:26:95:05:7f:a7:6a:65:c8:76:
                    3a:9a:f9:b8:52:47:15:ce:03:c4:c2:2a:da:66:59:
                    17:1a:d3:14:34:58:4a:3a:43:ac:ba:bf:ee:f2:1b:
                    d3:85:a3:5a:39:c8:46:90:9b:c3:85:6b:0c:08:47:
                    de:1c:e9:0d:26:8b:ce:38:61:8a:5f:51:f7:9b:0a:
                    26:1c:71:b7:24:48:06:5f:8a:8d:64:cd:a8:d8:2c:
                    7c:86:9f:d8:51:4b:b8:c8:8e:1e:4a:90:96:4b:de:
                    9b:6b:e9:ac:75:da:ff:db:37:69:75:06:9f:07:80:
                    7a:39:96:4f:2a:84:02:8f:33:1f:57:4c:99:4d:c4:
                    ee:76:6f:f4:ad:f9:52:84:fc:9d:40:df:c4:12:0e:
                    50:e2:9e:1b:17:f2:36:1d:be:4d:be:de:ef:f3:72:
                    cc:1b:17:46:39:33:a3:23:ab:83:3a:2b:6d:a2:e1:
                    06:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:6F:5A:F4:6D:A6:17:1F:E3:BB:DF:CA:C5:36:70:5E:84:B8:1A:10
            X509v3 Authority Key Identifier:
                keyid:7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:a8:28:83:98:34:8d:78:31:e5:fe:06:4f:aa:3e:7a:f9:58:
         4f:3e:2d:19:89:c0:90:9e:a1:8b:19:b7:4b:2d:7c:6b:08:3f:
         ab:7d:a9:c0:df:e4:e1:c0:95:19:f7:e5:1d:fd:5b:e3:02:9f:
         44:ca:c1:3e:05:65:8d:1f:ba:f4:19:f9:cf:9b:68:67:17:5d:
         73:6b:03:1e:90:f3:c8:84:e6:fa:f9:5a:b7:d4:72:5e:fa:da:
         ca:40:df:1c:68:4a:c2:49:f0:cd:e7:b1:f7:63:c2:72:52:99:
         96:a5:14:34:1b:5f:88:5d:76:2f:a5:92:4d:9f:1b:ca:29:98:
         ad:9c:06:f0:88:d0:72:0a:81:2f:56:1a:c2:d4:04:66:15:5b:
         59:83:2d:ae:ff:ab:1d:3d:c7:ee:5b:d3:e9:2d:33:8d:0c:94:
         97:24:20:6c:9a:0c:17:22:d3:a3:7f:5d:0e:fa:95:d8:12:9a:
         42:11:36:46:6b:f9:b6:9f:0c:be:64:96:4b:a1:08:4c:50:47:
         17:6f:d0:b8:fe:aa:72:1c:37:8f:84:58:8c:a4:41:36:1d:b3:
         04:de:5a:d2:1c:7b:4a:87:64:37:50:70:a7:03:c9:fb:cf:94:
         39:11:9f:4e:c6:51:c6:7b:95:00:89:ad:0b:84:63:bc:29:8b:
         66:06:b8:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOBYX5eKk+z0ezp17DMW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDgzNmMyOGFmMDkyN2EwMzU1ODYyNWFlZGY2ZmQ3ODdh
NDkwNWMwHhcNMjUwNDIwMjIwMTAxWhcNMjUwNDIxMjIwMTAxWjAzMTEwLwYDVQQD
EygzZDZmNWFmNDZkYTYxNzFmZTNiYmRmY2FjNTM2NzA1ZTg0YjgxYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UZLsufY6y7T1YHlCBtLWnQ/JG1H
sE3EGYiD4YVrYO+AU6nZTIWq6GtM0AoLt/w99fvQy9cl9EGCyPw7a27R/pTkRUDt
WcLZ0twBZSBUFDsmlQV/p2plyHY6mvm4UkcVzgPEwiraZlkXGtMUNFhKOkOsur/u
8hvThaNaOchGkJvDhWsMCEfeHOkNJovOOGGKX1H3mwomHHG3JEgGX4qNZM2o2Cx8
hp/YUUu4yI4eSpCWS96ba+msddr/2zdpdQafB4B6OZZPKoQCjzMfV0yZTcTudm/0
rflShPydQN/EEg5Q4p4bF/I2Hb5Nvt7v83LMGxdGOTOjI6uDOittouEGqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1vWvRtphcf47vfysU2cF6EuBoQMB8GA1UdIwQY
MBaAFHvYNsKK8JJ6A1WGJa7fb9eHpJBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTct
YWRiMzE0YTU3NTNjLzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTctYWRiMzE0YTU3NTNj
LzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxagog5g0
jXgx5f4GT6o+evlYTz4tGYnAkJ6hixm3Sy18awg/q32pwN/k4cCVGfflHf1b4wKf
RMrBPgVljR+69Bn5z5toZxddc2sDHpDzyITm+vlat9RyXvraykDfHGhKwknwzeex
92PCclKZlqUUNBtfiF12L6WSTZ8byimYrZwG8IjQcgqBL1YawtQEZhVbWYMtrv+r
HT3H7lvT6S0zjQyUlyQgbJoMFyLTo39dDvqV2BKaQhE2Rmv5tp8MvmSWS6EITFBH
F2/QuP6qchw3j4RYjKRBNh2zBN5a0hx7SodkN1BwpwPJ+8+UORGfTsZRxnuVAImt
C4RjvCmLZga4LQ==
-----END CERTIFICATE-----