Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          zpBJXtmswnLGQmAn2RRIB51S+nOKCe3FbKt+dUGDzSc=
Subject key identifier:   DF:6D:54:02:9E:3B:06:56:BC:69:2C:66:D7:26:A2:07:9C:0D:8A:F9
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       01964F6D23A760CAD3C22B840CCB077C803A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          0709
Signing time:             Sat 19 Apr 2025 19:01:14 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:14 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:14 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: H1uFWEkVXw42waxFhVclfz+B3BEjEl1Wa2+J6ejbFRk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:23:a7:60:ca:d3:c2:2b:84:0c:cb:07:7c:80:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Apr 19 19:01:14 2025 GMT
            Not After : Apr 20 19:01:14 2025 GMT
        Subject: CN=df6d54029e3b0656bc692c66d726a2079c0d8af9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1c:ab:a2:6c:71:63:30:d0:64:07:90:e8:04:
                    4d:f3:c6:39:7b:4f:fa:6d:50:30:c2:14:f2:88:7e:
                    cd:f2:6b:e9:bf:56:f1:4f:d3:80:7d:03:4e:5e:30:
                    7b:c0:df:07:01:de:b8:52:1e:10:99:54:19:05:22:
                    69:1e:70:35:23:65:9a:60:db:8a:26:73:81:f1:67:
                    8a:27:3d:60:eb:cd:78:34:7b:c2:a3:85:da:6a:76:
                    22:be:1c:f1:16:3f:c0:ab:bb:03:8a:fc:ee:c7:e8:
                    53:9a:31:f3:33:e3:20:11:5f:e8:f5:e1:92:c6:df:
                    95:37:33:d7:56:97:5e:ce:43:28:28:0e:80:32:c7:
                    a1:8e:ba:f7:3c:03:fb:07:82:73:4b:c5:75:85:57:
                    99:26:1b:16:ab:f7:ec:4c:62:22:08:ac:b9:90:4e:
                    96:64:15:eb:94:fe:86:b8:46:be:26:76:84:6d:38:
                    da:89:e8:7f:9d:82:b0:b2:40:be:7a:fd:e6:81:4f:
                    69:14:47:2d:1d:ee:97:ed:37:ea:67:8f:c2:33:5d:
                    ae:69:65:4e:18:6c:f0:0e:ec:a2:c4:69:da:95:96:
                    df:24:ab:bc:27:3b:e1:bf:18:a0:d1:4a:c4:b2:a6:
                    66:7a:9a:0a:d1:68:7a:78:21:27:46:85:17:db:de:
                    11:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:6D:54:02:9E:3B:06:56:BC:69:2C:66:D7:26:A2:07:9C:0D:8A:F9
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:19:3a:dc:f9:3c:3f:69:2b:50:b4:31:ff:88:c1:11:65:8b:
         0a:9d:cf:c9:9e:41:00:a0:a4:7a:cd:81:07:38:76:18:99:37:
         ae:31:a6:66:05:d6:69:d8:46:08:ef:11:9a:4e:c6:c8:f8:94:
         2a:e8:c4:e8:cb:6c:4a:ed:f7:89:47:a0:4f:c4:a5:46:08:2f:
         95:e7:a9:18:56:29:62:c0:fa:18:c2:fb:5e:21:ee:77:07:19:
         b2:f1:b7:f5:6e:1c:19:ef:9a:c1:0c:87:1b:da:45:e2:68:0c:
         82:ab:08:f4:db:c1:9c:df:57:44:c7:89:a0:26:ab:49:35:fc:
         c6:6f:3c:98:2f:c9:7e:eb:59:f5:ce:20:c5:f8:ce:50:0f:07:
         d0:b1:fe:db:5c:26:02:fe:89:f3:bc:52:c1:ce:0e:90:c2:ea:
         1a:09:cc:36:52:56:0c:b7:71:8c:72:b7:1f:84:2c:e4:fd:0f:
         21:19:81:8d:fc:5a:be:90:df:5f:bd:fd:10:10:8f:b5:85:2d:
         b7:76:d1:56:ae:a7:85:9e:12:26:56:31:49:3a:54:a5:ef:03:
         73:5b:3d:29:b8:55:19:e9:7f:8f:1b:85:5d:e4:9a:46:43:84:
         db:36:ad:bf:b1:fc:ba:f3:6f:74:73:00:81:7e:71:07:9e:d8:
         f1:05:3e:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbSOnYMrTwiuEDMsHfIA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjUwNDE5MTkwMTE0WhcNMjUwNDIwMTkwMTE0WjAzMTEwLwYDVQQD
EyhkZjZkNTQwMjllM2IwNjU2YmM2OTJjNjZkNzI2YTIwNzljMGQ4YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RyromxxYzDQZAeQ6ARN88Y5e0/6
bVAwwhTyiH7N8mvpv1bxT9OAfQNOXjB7wN8HAd64Uh4QmVQZBSJpHnA1I2WaYNuK
JnOB8WeKJz1g6814NHvCo4XaanYivhzxFj/Aq7sDivzux+hTmjHzM+MgEV/o9eGS
xt+VNzPXVpdezkMoKA6AMsehjrr3PAP7B4JzS8V1hVeZJhsWq/fsTGIiCKy5kE6W
ZBXrlP6GuEa+JnaEbTjaieh/nYKwskC+ev3mgU9pFEctHe6X7TfqZ4/CM12uaWVO
GGzwDuyixGnalZbfJKu8Jzvhvxig0UrEsqZmepoK0Wh6eCEnRoUX294RUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9tVAKeOwZWvGksZtcmogecDYr5MB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhk63Pk8
P2krULQx/4jBEWWLCp3PyZ5BAKCkes2BBzh2GJk3rjGmZgXWadhGCO8Rmk7GyPiU
KujE6MtsSu33iUegT8SlRggvleepGFYpYsD6GML7XiHudwcZsvG39W4cGe+awQyH
G9pF4mgMgqsI9NvBnN9XRMeJoCarSTX8xm88mC/JfutZ9c4gxfjOUA8H0LH+21wm
Av6J87xSwc4OkMLqGgnMNlJWDLdxjHK3H4Qs5P0PIRmBjfxavpDfX739EBCPtYUt
t3bRVq6nhZ4SJlYxSTpUpe8Dc1s9KbhVGel/jxuFXeSaRkOE2zatv7H8uvNvdHMA
gX5xB57Y8QU+ig==
-----END CERTIFICATE-----