Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
File:                     r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json)
Hash identifier:          D/OHDzFcBUhMW6VmbdEHIzUmIk4xB2HdAbDAAh9AxwE=
Subject key identifier:   A5:79:07:D6:15:43:A2:5F:42:5F:25:F3:1D:3A:6A:0B:64:B5:BF:16
Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
Certificate issuer:       /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Certificate serial:       019645C461C64EF3513622BD61BC00A4F886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
Manifest number:          09EB
Signing time:             Thu 17 Apr 2025 22:00:19 +0000
Manifest this update:     Thu 17 Apr 2025 22:00:19 +0000
Manifest next update:     Fri 18 Apr 2025 22:00:19 +0000
Files and hashes:         1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: GgJW1DUu1PAZu70qHmJypXRZOr5PONRCmRuOdd/ThKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c4:61:c6:4e:f3:51:36:22:bd:61:bc:00:a4:f8:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
        Validity
            Not Before: Apr 17 22:00:19 2025 GMT
            Not After : Apr 18 22:00:19 2025 GMT
        Subject: CN=a57907d61543a25f425f25f31d3a6a0b64b5bf16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:89:a9:59:99:53:a0:f3:98:ea:75:17:45:b9:
                    16:50:18:06:2f:13:c4:22:d5:60:04:0f:e0:f1:f7:
                    5e:8b:2c:55:5b:72:66:72:a8:07:93:ff:fb:a5:74:
                    b6:c4:d9:8f:8f:d3:af:45:da:39:ef:2b:da:b3:51:
                    29:49:cf:fe:2c:10:82:e2:3d:e5:dd:86:8a:26:fe:
                    da:d8:11:9e:26:29:80:f5:fa:16:63:d8:aa:83:9d:
                    54:66:0d:fa:74:c6:54:25:79:d5:ae:b9:f6:5e:92:
                    ba:34:bf:1f:ad:d7:43:90:44:8c:20:9a:4f:e9:ee:
                    b9:8f:86:ee:7d:12:06:56:13:65:18:f8:56:ee:0b:
                    42:73:2b:f7:86:91:a8:7d:13:d6:b5:b5:40:bd:12:
                    56:0a:92:62:0b:e4:20:b0:84:72:b8:98:80:43:76:
                    92:28:46:69:fc:77:5f:c5:fe:08:61:a1:33:7c:63:
                    0e:7e:9f:be:4a:ca:6f:83:d4:b1:63:6c:0d:c7:0c:
                    f9:84:b4:ea:86:64:bc:52:08:97:2e:bf:4d:a7:aa:
                    de:dd:fc:86:3c:5d:b8:4b:d5:0a:d0:af:d4:3b:86:
                    fb:ff:93:18:07:eb:db:0c:69:fc:8a:28:8a:5d:e1:
                    da:28:ce:79:e4:d9:1c:c3:fd:d3:1c:13:96:56:df:
                    4c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:79:07:D6:15:43:A2:5F:42:5F:25:F3:1D:3A:6A:0B:64:B5:BF:16
            X509v3 Authority Key Identifier:
                keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:5a:82:86:45:52:f0:39:d8:ff:03:82:98:d5:94:39:7e:d1:
         d9:94:0d:3b:47:86:5e:05:68:a9:ac:a2:00:58:95:86:b3:b3:
         92:43:56:f8:9c:43:e9:43:36:04:7c:90:d0:e2:c2:9d:55:92:
         8a:19:0f:64:c7:2b:3e:34:d0:76:a6:83:3b:ec:a0:da:a3:75:
         1b:08:55:a9:5e:e9:0b:c5:fd:d2:21:d1:39:a6:07:5d:68:d8:
         c8:39:9b:96:e0:cf:da:bf:80:a5:f4:f0:37:3e:cc:5e:31:50:
         2a:43:c6:13:14:11:59:0c:53:a8:0b:a6:1b:8e:e3:18:a9:9f:
         c6:d1:b4:0c:29:73:88:38:65:d9:77:5d:a5:b2:2d:c4:87:ef:
         a3:86:17:40:0f:d0:79:63:8e:ea:f2:47:6c:ac:49:71:ab:05:
         7b:c6:10:f1:dd:9e:dc:96:98:c5:f0:99:92:df:3f:0c:32:e2:
         34:ce:b7:84:01:87:1a:a2:a2:d4:97:31:92:93:f4:f1:a1:f8:
         57:ee:76:e6:5d:4c:8d:d7:e0:a6:db:11:a9:54:bd:5b:4f:a9:
         53:ef:c7:b5:02:2c:c0:0a:f3:85:b1:a8:fb:be:fd:dc:fe:2d:
         f4:54:fe:9c:0f:de:2e:64:31:8b:95:2a:ea:df:e7:13:10:74:
         78:d6:06:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxGHGTvNRNiK9YbwApPiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx
NWM5MTAwHhcNMjUwNDE3MjIwMDE5WhcNMjUwNDE4MjIwMDE5WjAzMTEwLwYDVQQD
EyhhNTc5MDdkNjE1NDNhMjVmNDI1ZjI1ZjMxZDNhNmEwYjY0YjViZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnompWZlToPOY6nUXRbkWUBgGLxPE
ItVgBA/g8fdeiyxVW3JmcqgHk//7pXS2xNmPj9OvRdo57yvas1EpSc/+LBCC4j3l
3YaKJv7a2BGeJimA9foWY9iqg51UZg36dMZUJXnVrrn2XpK6NL8frddDkESMIJpP
6e65j4bufRIGVhNlGPhW7gtCcyv3hpGofRPWtbVAvRJWCpJiC+QgsIRyuJiAQ3aS
KEZp/Hdfxf4IYaEzfGMOfp++Sspvg9SxY2wNxwz5hLTqhmS8UgiXLr9Np6re3fyG
PF24S9UK0K/UO4b7/5MYB+vbDGn8iiiKXeHaKM555Nkcw/3THBOWVt9MjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKV5B9YVQ6JfQl8l8x06agtktb8WMB8GA1UdIwQY
MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt
YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx
LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsVqChkVS
8DnY/wOCmNWUOX7R2ZQNO0eGXgVoqayiAFiVhrOzkkNW+JxD6UM2BHyQ0OLCnVWS
ihkPZMcrPjTQdqaDO+yg2qN1GwhVqV7pC8X90iHROaYHXWjYyDmbluDP2r+ApfTw
Nz7MXjFQKkPGExQRWQxTqAumG47jGKmfxtG0DClziDhl2XddpbItxIfvo4YXQA/Q
eWOO6vJHbKxJcasFe8YQ8d2e3JaYxfCZkt8/DDLiNM63hAGHGqKi1JcxkpP08aH4
V+525l1MjdfgptsRqVS9W0+pU+/HtQIswArzhbGo+7793P4t9FT+nA/eLmQxi5Uq
6t/nExB0eNYGLQ==
-----END CERTIFICATE-----