Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          J+9r0y5zzeZndEHNALmQUsXc2vOkqyDRGQA7rE2Hy4E=
Subject key identifier:   54:9D:4A:2F:BC:D3:EE:45:F3:B5:7D:B9:4E:E5:41:C2:54:CC:7F:48
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       019611A100EBBB7F1380452C94D1D2514146
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          14D9
Signing time:             Mon 07 Apr 2025 19:01:26 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:26 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:26 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: f6ShJx8zAAU5jN7rO/Of2eaQpduzxCMvYIhYl1YNHOc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 19:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a1:00:eb:bb:7f:13:80:45:2c:94:d1:d2:51:41:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Apr  7 19:01:26 2025 GMT
            Not After : Apr  8 19:01:26 2025 GMT
        Subject: CN=549d4a2fbcd3ee45f3b57db94ee541c254cc7f48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ae:9c:e5:83:32:73:f6:2c:d7:b3:fd:b2:46:
                    70:59:fa:f9:37:99:a8:88:ab:1c:63:e6:7d:06:4a:
                    6e:7f:cb:44:aa:eb:9a:42:b1:6c:c7:c1:1c:6a:d8:
                    a2:8b:7e:e8:a5:c6:93:b0:6b:b2:36:16:d7:2d:c7:
                    37:a8:cb:88:fd:27:ed:69:71:ff:e2:2a:a3:6d:cd:
                    16:5c:72:59:c8:87:9e:0d:83:8b:ab:c7:ee:4b:78:
                    3d:bb:9a:3b:b5:55:99:93:b0:bf:f4:da:91:a6:bf:
                    f0:17:0b:17:54:68:23:03:01:f1:67:c3:b6:ee:72:
                    18:fd:29:9e:7f:5c:26:a0:6f:39:0b:1f:d7:03:34:
                    2a:cc:4a:07:4c:2a:9d:91:c6:bf:17:0e:8c:c6:7d:
                    8e:4a:e2:19:72:43:30:85:4c:5a:81:c1:e1:6c:8c:
                    3d:bf:ac:c4:1c:1d:95:39:08:06:a7:cd:ef:ce:c1:
                    19:9f:3d:2e:7c:9e:28:04:3c:27:20:ef:b2:76:11:
                    c2:a8:a8:1f:cb:77:6a:54:75:65:78:e3:cf:e2:77:
                    76:ee:43:b5:69:3e:e1:b4:a8:c6:e4:e5:16:7e:ee:
                    d9:9e:c4:8c:c3:ff:dd:0d:b9:30:99:67:eb:d9:b9:
                    0d:c7:b3:2e:2b:5a:ae:e4:97:a5:47:d0:0b:dd:8e:
                    8d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:9D:4A:2F:BC:D3:EE:45:F3:B5:7D:B9:4E:E5:41:C2:54:CC:7F:48
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:90:43:63:6f:1c:72:75:82:41:7d:5a:5f:76:34:7a:73:5c:
         04:c0:f3:da:d3:d7:05:6d:e3:45:77:2e:ab:1c:bb:a3:8e:eb:
         ad:27:13:7e:df:44:9a:eb:ee:dd:63:4b:6c:6e:69:22:99:2c:
         65:42:c5:6c:47:51:e2:3b:df:9c:94:d2:43:a3:78:37:56:9d:
         48:ec:28:cf:fc:df:ef:5a:b3:7b:62:ae:78:cb:90:fa:38:af:
         21:b6:38:a4:05:64:10:9f:5e:32:3f:1c:e0:21:52:65:11:2e:
         17:0a:37:57:e2:88:df:b8:91:f1:0f:dd:fa:5e:be:bb:0d:89:
         72:48:e8:a0:3f:10:6a:75:ad:cd:5d:f3:db:c3:11:c2:99:8e:
         bf:a1:6a:1a:9e:9c:d9:93:58:2a:d5:ab:40:65:e7:28:55:e3:
         ae:1f:7c:f1:77:08:bd:51:24:ea:da:30:95:0d:a0:13:17:71:
         a7:46:a2:9f:fe:2f:09:b7:3c:20:e2:23:a3:ed:fa:ca:9f:9b:
         a5:ba:31:76:f0:b7:a7:f3:28:7d:f3:ca:59:22:00:f9:b1:c7:
         3d:d3:d2:da:81:34:bd:7f:11:b6:32:ce:46:db:d2:64:8d:79:
         30:65:d4:b8:92:c8:6b:ea:ac:92:f3:fa:f7:ca:a1:70:24:1b:
         3a:ca:6a:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoQDru38TgEUslNHSUUFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUwNDA3MTkwMTI2WhcNMjUwNDA4MTkwMTI2WjAzMTEwLwYDVQQD
Eyg1NDlkNGEyZmJjZDNlZTQ1ZjNiNTdkYjk0ZWU1NDFjMjU0Y2M3ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq6c5YMyc/Ys17P9skZwWfr5N5mo
iKscY+Z9Bkpuf8tEquuaQrFsx8Ecatiii37opcaTsGuyNhbXLcc3qMuI/SftaXH/
4iqjbc0WXHJZyIeeDYOLq8fuS3g9u5o7tVWZk7C/9NqRpr/wFwsXVGgjAwHxZ8O2
7nIY/Smef1wmoG85Cx/XAzQqzEoHTCqdkca/Fw6Mxn2OSuIZckMwhUxagcHhbIw9
v6zEHB2VOQgGp83vzsEZnz0ufJ4oBDwnIO+ydhHCqKgfy3dqVHVleOPP4nd27kO1
aT7htKjG5OUWfu7ZnsSMw//dDbkwmWfr2bkNx7MuK1qu5JelR9AL3Y6NvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSdSi+80+5F87V9uU7lQcJUzH9IMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkpBDY28c
cnWCQX1aX3Y0enNcBMDz2tPXBW3jRXcuqxy7o47rrScTft9Emuvu3WNLbG5pIpks
ZULFbEdR4jvfnJTSQ6N4N1adSOwoz/zf71qze2KueMuQ+jivIbY4pAVkEJ9eMj8c
4CFSZREuFwo3V+KI37iR8Q/d+l6+uw2JckjooD8QanWtzV3z28MRwpmOv6FqGp6c
2ZNYKtWrQGXnKFXjrh988XcIvVEk6towlQ2gExdxp0ain/4vCbc8IOIjo+36yp+b
pboxdvC3p/MoffPKWSIA+bHHPdPS2oE0vX8RtjLORtvSZI15MGXUuJLIa+qskvP6
98qhcCQbOspqwA==
-----END CERTIFICATE-----