Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          AY8LGF5AzTU2NRZhZzFfGsZNCZhyXYD0EtPzZ7Cmw3g=
Subject key identifier:   56:28:F5:F8:39:BE:31:DB:FB:C2:64:48:1E:E8:76:F5:00:03:00:CD
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       01965B7059BA4DBEB5129AF541077ACA8249
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          13AD
Signing time:             Tue 22 Apr 2025 03:00:11 +0000
Manifest this update:     Tue 22 Apr 2025 03:00:11 +0000
Manifest next update:     Wed 23 Apr 2025 03:00:11 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: 03IKB7XNNrk9RhhME5sdZUUIhRpt11PZV/0aj3ooMEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 03:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:70:59:ba:4d:be:b5:12:9a:f5:41:07:7a:ca:82:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Apr 22 03:00:11 2025 GMT
            Not After : Apr 23 03:00:11 2025 GMT
        Subject: CN=5628f5f839be31dbfbc264481ee876f5000300cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:fa:c4:58:a0:bc:2d:02:09:aa:9c:61:32:62:
                    05:3f:a9:65:40:a5:4d:8e:2f:89:68:70:96:05:dd:
                    94:2d:87:9d:d9:ff:17:6e:aa:a3:7f:6e:ef:23:19:
                    73:c6:54:b6:4e:c5:62:bf:9d:61:06:98:c9:3b:36:
                    9c:f2:cc:cd:13:b0:d7:e8:91:c3:c7:32:3f:0e:1d:
                    d3:a7:7a:87:93:f3:8f:36:8e:f9:e6:2f:1f:03:53:
                    9d:de:77:ce:d3:ff:23:c7:2f:46:52:52:b7:f8:ae:
                    f8:c1:70:db:0f:21:1f:1a:85:f6:db:ab:36:e9:5a:
                    23:ed:83:4a:4d:54:51:31:78:e6:42:3e:61:59:10:
                    34:cd:2d:1b:19:36:22:1f:1d:f2:55:7f:f4:d6:a6:
                    7d:8a:30:4c:84:92:7d:45:87:20:b8:fc:20:2a:17:
                    04:42:27:cc:19:15:0d:41:96:d5:6d:f4:8c:3b:7e:
                    f7:5f:14:d3:b4:29:0e:26:53:fe:d4:f7:f7:61:a1:
                    e4:f0:cc:5a:2d:e1:07:fa:d2:47:43:82:bf:db:de:
                    0f:a0:b1:e9:f4:39:64:6a:7f:7e:aa:19:31:bb:95:
                    4f:f5:73:c4:42:53:2f:74:c1:27:3d:98:00:80:0b:
                    9b:44:88:0b:9e:80:dd:e6:d5:82:ae:ca:6d:5a:43:
                    12:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:28:F5:F8:39:BE:31:DB:FB:C2:64:48:1E:E8:76:F5:00:03:00:CD
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:6c:d4:52:e4:05:86:fc:08:98:25:1e:d2:43:11:ee:e2:d5:
         0c:62:77:20:5d:e6:bf:86:b6:c1:44:ec:16:00:00:32:50:d8:
         20:d7:45:eb:bf:05:dd:3b:f5:f2:51:5b:ac:0d:9b:92:0e:e1:
         bc:62:39:0d:91:51:5f:fc:e1:46:6d:15:46:67:00:72:42:30:
         15:fe:ab:75:6d:9f:3c:96:94:b4:2f:00:c1:64:7c:68:8c:89:
         dc:aa:9c:5a:13:33:d2:ec:d0:e8:00:db:5e:c5:1c:6f:b2:61:
         e7:3d:6b:cc:0b:d2:d3:1d:aa:24:0e:1b:01:ce:b9:f5:9c:8a:
         6d:76:3b:d1:16:cf:5c:5a:33:e0:be:36:48:36:40:36:ed:e5:
         e7:a5:d8:11:49:93:1e:c8:93:54:39:4f:58:a1:dc:2f:35:1a:
         6c:cf:53:fb:05:c3:80:4a:31:72:a5:a9:36:b9:e5:d7:95:fc:
         de:52:d2:c6:f4:4e:c2:1b:f5:ad:ac:40:f8:25:ea:2d:97:a3:
         95:06:58:e1:98:23:20:29:2a:ed:21:4b:06:74:04:13:2a:0a:
         c4:12:cd:24:2c:b7:b6:9e:56:b0:89:68:e2:bd:37:fc:a3:d9:
         ab:a7:6d:4a:24:ea:49:50:d8:ae:79:46:88:a8:6c:9e:da:07:
         d0:6c:55:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbcFm6Tb61Epr1QQd6yoJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwNDIyMDMwMDExWhcNMjUwNDIzMDMwMDExWjAzMTEwLwYDVQQD
Eyg1NjI4ZjVmODM5YmUzMWRiZmJjMjY0NDgxZWU4NzZmNTAwMDMwMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PrEWKC8LQIJqpxhMmIFP6llQKVN
ji+JaHCWBd2ULYed2f8Xbqqjf27vIxlzxlS2TsViv51hBpjJOzac8szNE7DX6JHD
xzI/Dh3Tp3qHk/OPNo755i8fA1Od3nfO0/8jxy9GUlK3+K74wXDbDyEfGoX226s2
6Voj7YNKTVRRMXjmQj5hWRA0zS0bGTYiHx3yVX/01qZ9ijBMhJJ9RYcguPwgKhcE
QifMGRUNQZbVbfSMO373XxTTtCkOJlP+1Pf3YaHk8MxaLeEH+tJHQ4K/294PoLHp
9Dlkan9+qhkxu5VP9XPEQlMvdMEnPZgAgAubRIgLnoDd5tWCrsptWkMS9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYo9fg5vjHb+8JkSB7odvUAAwDNMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWzUUuQF
hvwImCUe0kMR7uLVDGJ3IF3mv4a2wUTsFgAAMlDYINdF678F3Tv18lFbrA2bkg7h
vGI5DZFRX/zhRm0VRmcAckIwFf6rdW2fPJaUtC8AwWR8aIyJ3KqcWhMz0uzQ6ADb
XsUcb7Jh5z1rzAvS0x2qJA4bAc659ZyKbXY70RbPXFoz4L42SDZANu3l56XYEUmT
HsiTVDlPWKHcLzUabM9T+wXDgEoxcqWpNrnl15X83lLSxvROwhv1raxA+CXqLZej
lQZY4ZgjICkq7SFLBnQEEyoKxBLNJCy3tp5WsIlo4r03/KPZq6dtSiTqSVDYrnlG
iKhsntoH0GxVkA==
-----END CERTIFICATE-----