Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          J0/YXFCqtRwbeSzZ0isVEb9WxT8IP2DDLJvHR+UcOFo=
Subject key identifier:   CA:EE:C6:D7:E8:7A:A9:EF:9B:9F:80:33:72:60:CA:2A:0C:55:CE:42
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       019656B7FB7801C4A8D2DFB4871B3FD2C17F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          0260
Signing time:             Mon 21 Apr 2025 05:00:20 +0000
Manifest this update:     Mon 21 Apr 2025 05:00:20 +0000
Manifest next update:     Tue 22 Apr 2025 05:00:20 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: 5pnqWW5c4Nb2umhnaTveS8Z0XxAkwV+dfbAYhS5rDsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 05:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:b7:fb:78:01:c4:a8:d2:df:b4:87:1b:3f:d2:c1:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Apr 21 05:00:20 2025 GMT
            Not After : Apr 22 05:00:20 2025 GMT
        Subject: CN=caeec6d7e87aa9ef9b9f80337260ca2a0c55ce42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:be:82:d5:15:46:88:b1:85:8e:e7:9b:cb:d3:
                    b2:9c:c5:63:b1:bd:af:6e:64:67:af:e2:58:f0:38:
                    b7:3c:6a:6a:c0:44:bc:bf:c1:2c:ca:36:4d:80:d7:
                    b5:2b:57:88:55:b6:97:e2:e9:06:2d:2f:7d:1b:3d:
                    43:47:6b:48:bf:46:5a:89:c3:ef:ba:d3:0a:58:8a:
                    84:5b:b5:c1:3a:3a:7a:67:29:db:8f:b4:48:32:fc:
                    25:33:23:ab:5b:97:ee:f4:0e:43:e4:9b:2e:f8:6d:
                    f5:68:f2:c8:f9:94:5c:01:2f:8d:1f:0b:64:5a:2b:
                    13:86:21:7b:a3:dd:25:48:e0:11:19:d5:6f:8a:d1:
                    61:5a:e4:22:7e:51:dd:b4:ee:c0:06:eb:a0:8d:61:
                    f9:39:8f:c3:f8:e5:6a:fa:6c:55:c0:f6:c9:5b:60:
                    fc:87:dc:f0:18:c7:34:0c:ed:05:a3:7f:bf:63:54:
                    6a:b5:77:61:71:66:67:fb:5d:0b:35:c5:d7:37:24:
                    05:35:c2:20:0c:c0:1e:ea:79:73:7b:e1:78:85:59:
                    4d:53:e0:63:a7:cc:eb:a2:1c:2b:e4:2a:c0:db:a4:
                    b9:40:53:d2:43:75:57:43:68:1d:3b:2b:16:3f:f1:
                    da:f3:a6:82:81:ea:d6:0b:86:f5:bf:53:46:d3:4f:
                    be:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:EE:C6:D7:E8:7A:A9:EF:9B:9F:80:33:72:60:CA:2A:0C:55:CE:42
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:19:38:f2:53:e3:61:53:4d:ff:aa:cb:70:63:09:43:b4:8c:
         7c:48:cd:cb:ae:9f:a1:6d:41:7a:08:b3:d0:fd:a9:7b:1b:a9:
         ac:a1:e2:34:13:da:46:e2:43:ff:7b:df:c9:15:8a:0e:d5:ff:
         17:c3:f7:24:93:51:56:e7:42:0b:17:fc:4f:d2:2e:a7:22:8a:
         66:e5:1a:3b:17:fd:5f:ba:63:3b:77:4f:6c:da:c0:75:9d:d2:
         60:34:33:0b:8d:52:04:fb:b8:af:8c:db:26:6e:0a:ae:a8:d0:
         c8:19:7f:12:44:1f:12:54:a4:d8:a0:38:43:d3:92:b1:9a:37:
         ac:c6:f9:4c:64:47:be:f6:68:98:e0:f6:41:35:58:0f:54:cf:
         f8:24:1d:c1:5d:22:b9:f7:ef:3d:34:93:8e:fd:02:b6:f6:b4:
         92:98:2b:64:b5:af:8b:88:02:fe:97:72:60:a9:5b:1f:17:d2:
         f7:f9:35:8f:26:59:a9:c2:d2:b5:07:44:8f:d9:6f:10:7d:db:
         99:3a:41:bf:69:d9:1e:48:8f:e0:47:15:84:89:09:5f:a3:53:
         75:a4:3d:d7:3e:1a:36:0b:72:42:6e:15:55:e5:3e:4b:cf:0c:
         3d:33:ae:18:e7:ea:77:bd:bc:70:57:f4:3d:f6:b0:61:06:f6:
         18:2c:d2:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWt/t4AcSo0t+0hxs/0sF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUwNDIxMDUwMDIwWhcNMjUwNDIyMDUwMDIwWjAzMTEwLwYDVQQD
EyhjYWVlYzZkN2U4N2FhOWVmOWI5ZjgwMzM3MjYwY2EyYTBjNTVjZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL6C1RVGiLGFjueby9OynMVjsb2v
bmRnr+JY8Di3PGpqwES8v8EsyjZNgNe1K1eIVbaX4ukGLS99Gz1DR2tIv0ZaicPv
utMKWIqEW7XBOjp6Zynbj7RIMvwlMyOrW5fu9A5D5Jsu+G31aPLI+ZRcAS+NHwtk
WisThiF7o90lSOARGdVvitFhWuQiflHdtO7ABuugjWH5OY/D+OVq+mxVwPbJW2D8
h9zwGMc0DO0Fo3+/Y1RqtXdhcWZn+10LNcXXNyQFNcIgDMAe6nlze+F4hVlNU+Bj
p8zrohwr5CrA26S5QFPSQ3VXQ2gdOysWP/Ha86aCgerWC4b1v1NG00++RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMruxtfoeqnvm5+AM3JgyioMVc5CMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRk48lPj
YVNN/6rLcGMJQ7SMfEjNy66foW1Begiz0P2pexuprKHiNBPaRuJD/3vfyRWKDtX/
F8P3JJNRVudCCxf8T9IupyKKZuUaOxf9X7pjO3dPbNrAdZ3SYDQzC41SBPu4r4zb
Jm4KrqjQyBl/EkQfElSk2KA4Q9OSsZo3rMb5TGRHvvZomOD2QTVYD1TP+CQdwV0i
uffvPTSTjv0Ctva0kpgrZLWvi4gC/pdyYKlbHxfS9/k1jyZZqcLStQdEj9lvEH3b
mTpBv2nZHkiP4EcVhIkJX6NTdaQ91z4aNgtyQm4VVeU+S88MPTOuGOfqd728cFf0
PfawYQb2GCzSag==
-----END CERTIFICATE-----