Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
File:                     K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft (raw, json)
Hash identifier:          8jefUO9p0J/7lduLr7PvaXo8mTArStLl2RhawVdhHj8=
Subject key identifier:   3C:DF:68:51:C3:81:37:23:3F:DC:40:AF:A1:2F:70:82:11:28:2C:32
Authority key identifier: 2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73
Certificate issuer:       /CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
Certificate serial:       019657CB8B24F186A9DE457DE7016031C342
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
Manifest number:          06CC
Signing time:             Mon 21 Apr 2025 10:01:19 +0000
Manifest this update:     Mon 21 Apr 2025 10:01:19 +0000
Manifest next update:     Tue 22 Apr 2025 10:01:19 +0000
Files and hashes:         1: K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl (hash: 4qWtp4AFZ6a1Mu4fbDqtqIMrtyTz18XN/Tp7lFdoXOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:cb:8b:24:f1:86:a9:de:45:7d:e7:01:60:31:c3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
        Validity
            Not Before: Apr 21 10:01:19 2025 GMT
            Not After : Apr 22 10:01:19 2025 GMT
        Subject: CN=3cdf6851c38137233fdc40afa12f708211282c32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:6d:8e:3b:62:d2:ae:77:e6:a4:71:9f:5c:bb:
                    79:fb:eb:c1:91:59:02:20:d9:e0:39:95:b8:78:d0:
                    0d:ec:a8:02:a9:22:13:9f:f1:c2:2a:2a:41:c0:e2:
                    98:dc:ed:0b:6b:f0:1d:87:45:9e:ec:a9:a4:f6:5b:
                    d7:09:a5:fb:78:4d:a4:98:df:56:03:dc:b2:a9:96:
                    ab:b3:e0:48:77:c1:10:6d:43:fd:f1:06:c7:ea:c0:
                    33:3b:4d:51:bb:21:37:83:3d:ff:58:a0:90:d6:8b:
                    84:7b:92:dd:35:08:dc:91:df:75:8d:0f:e1:9c:c9:
                    56:bb:be:84:1e:a5:0c:51:6a:60:32:5f:f1:ab:f1:
                    1d:b0:66:3f:12:ab:03:2b:b5:15:09:03:8b:f3:83:
                    b4:20:a8:da:3a:55:8b:84:e7:15:f2:ad:88:02:f3:
                    0e:1f:52:dc:92:50:e7:41:8e:f5:de:6f:0a:52:4d:
                    7a:cf:a8:31:88:65:c8:09:71:58:20:46:36:4b:0a:
                    62:82:48:ca:5e:62:19:f2:15:be:db:a8:de:0a:0d:
                    cd:71:ea:bb:d0:c6:2c:40:78:bc:d8:6c:e7:2a:fc:
                    a4:fd:54:91:e5:58:2b:bc:87:53:e5:c2:76:f6:94:
                    82:26:19:bb:8e:14:80:84:c8:46:71:88:bb:8f:05:
                    52:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:DF:68:51:C3:81:37:23:3F:DC:40:AF:A1:2F:70:82:11:28:2C:32
            X509v3 Authority Key Identifier:
                keyid:2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:b7:53:32:46:ae:44:41:fb:f6:70:13:cb:4b:81:16:74:d4:
         ac:d0:b5:55:06:ee:cf:49:d7:46:ba:9e:fe:fc:0b:65:f3:56:
         c8:51:72:ac:bf:8d:20:5d:cb:f2:8a:fe:84:bf:61:14:2d:9d:
         3b:c6:fc:c7:62:44:45:14:aa:a4:f4:8c:19:69:4c:48:c2:13:
         78:d9:b2:08:a5:07:44:d1:15:40:a1:be:8a:32:28:a0:b4:7e:
         42:21:52:b1:2c:8b:73:fb:dd:8b:3b:3e:fb:ef:91:0d:4f:10:
         35:29:6d:0b:68:f0:b2:04:73:c2:1d:89:12:33:22:98:36:36:
         7a:da:51:aa:0b:06:a9:cb:44:f1:10:90:ec:8a:a0:10:75:b5:
         a0:8e:f3:e4:ad:38:ab:03:20:44:6d:12:b5:cf:84:6c:a8:8b:
         d4:e0:b4:d3:ed:dc:d8:f8:dd:ba:8a:70:b6:b1:15:c0:8d:2d:
         0a:ed:d3:80:5b:25:d7:35:4a:55:fd:0a:79:72:d9:53:f7:8e:
         a4:3f:81:a9:c6:bb:7d:da:54:9a:fa:52:96:99:1a:f9:b2:29:
         9b:c8:3b:dc:0e:9d:19:39:0d:74:e8:75:63:05:67:99:14:d2:
         20:43:3a:2e:18:69:b4:59:cd:ba:ae:96:7e:72:70:99:a1:16:
         3a:b2:f4:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy4sk8Yap3kV95wFgMcNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjJkMDIzNDFjMTE5NDlhOGM4NzE1M2Y4NjZjMGY2OGYx
YmJkNzMwHhcNMjUwNDIxMTAwMTE5WhcNMjUwNDIyMTAwMTE5WjAzMTEwLwYDVQQD
EygzY2RmNjg1MWMzODEzNzIzM2ZkYzQwYWZhMTJmNzA4MjExMjgyYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+G2OO2LSrnfmpHGfXLt5++vBkVkC
INngOZW4eNAN7KgCqSITn/HCKipBwOKY3O0La/Adh0We7Kmk9lvXCaX7eE2kmN9W
A9yyqZars+BId8EQbUP98QbH6sAzO01RuyE3gz3/WKCQ1ouEe5LdNQjckd91jQ/h
nMlWu76EHqUMUWpgMl/xq/EdsGY/EqsDK7UVCQOL84O0IKjaOlWLhOcV8q2IAvMO
H1LcklDnQY713m8KUk16z6gxiGXICXFYIEY2SwpigkjKXmIZ8hW+26jeCg3Nceq7
0MYsQHi82GznKvyk/VSR5VgrvIdT5cJ29pSCJhm7jhSAhMhGcYi7jwVSVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzfaFHDgTcjP9xAr6EvcIIRKCwyMB8GA1UdIwQY
MBaAFCuy0CNBwRlJqMhxU/hmwPaPG71zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYt
NDYwNjU2ZmUzYWI1LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYtNDYwNjU2ZmUzYWI1
LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAErdTMkau
REH79nATy0uBFnTUrNC1VQbuz0nXRrqe/vwLZfNWyFFyrL+NIF3L8or+hL9hFC2d
O8b8x2JERRSqpPSMGWlMSMITeNmyCKUHRNEVQKG+ijIooLR+QiFSsSyLc/vdizs+
+++RDU8QNSltC2jwsgRzwh2JEjMimDY2etpRqgsGqctE8RCQ7IqgEHW1oI7z5K04
qwMgRG0Stc+EbKiL1OC00+3c2PjduopwtrEVwI0tCu3TgFsl1zVKVf0KeXLZU/eO
pD+Bqca7fdpUmvpSlpka+bIpm8g73A6dGTkNdOh1YwVnmRTSIEM6LhhptFnNuq6W
fnJwmaEWOrL03Q==
-----END CERTIFICATE-----