Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          /ZUdGEPjSCwjlMOapf0C69D8BLcP6ekANMeJU90OYJA=
Subject key identifier:   22:CC:F2:46:66:8B:2A:EE:78:FB:DD:5A:E3:F7:CC:EE:01:67:D2:12
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       019653B78689CB79A049FB72172328B443EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          03F9
Signing time:             Sun 20 Apr 2025 15:00:58 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:58 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:58 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: LgQewshWgUoVP+32XNxUfZiSIQVSSWFr88c5vl4gr2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b7:86:89:cb:79:a0:49:fb:72:17:23:28:b4:43:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Apr 20 15:00:58 2025 GMT
            Not After : Apr 21 15:00:58 2025 GMT
        Subject: CN=22ccf246668b2aee78fbdd5ae3f7ccee0167d212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c2:d8:b3:cc:fb:ae:dd:1c:ab:7d:5c:d3:25:
                    cd:66:7e:31:f4:f5:29:3e:5b:b1:5f:4d:25:e5:01:
                    61:df:e6:62:30:eb:ee:4c:94:c2:8c:01:77:8e:28:
                    32:e0:1d:9e:d3:67:cf:ea:db:08:84:dc:7d:5c:93:
                    44:8b:e6:28:7e:dd:37:37:14:c2:da:a2:db:be:39:
                    28:c7:3a:3c:1f:05:96:ca:fc:18:e6:1b:44:19:f9:
                    53:09:55:43:0f:4f:16:0f:dd:80:71:c6:c4:c7:af:
                    b4:3c:3d:47:23:27:64:10:57:ad:d2:19:7a:ae:e8:
                    a5:db:5c:8a:7e:f1:28:88:03:ac:29:84:1a:11:de:
                    de:2a:36:93:94:84:d4:c0:0b:3a:ed:7c:ff:89:b8:
                    6f:69:47:70:63:89:d5:5e:67:89:c5:88:71:14:ef:
                    1e:31:70:ca:2d:82:26:66:e6:b3:e5:b2:92:56:21:
                    1b:e8:6a:e9:d4:af:a4:0e:1d:99:d8:87:26:f0:07:
                    a5:a2:b5:e1:39:7a:6c:d8:e4:4f:56:86:b9:20:58:
                    52:53:15:d3:94:6a:af:72:ce:9c:54:ba:ff:45:3b:
                    77:25:5c:ac:72:1b:21:64:04:82:90:c2:3e:e9:61:
                    04:e6:f5:34:9c:b4:7b:45:ba:69:ca:36:cf:dd:80:
                    0c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:CC:F2:46:66:8B:2A:EE:78:FB:DD:5A:E3:F7:CC:EE:01:67:D2:12
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:2c:e0:41:58:08:6f:41:06:f7:17:90:26:22:f5:8b:63:1e:
         47:6c:12:84:58:71:fe:a5:5b:bd:cb:d2:17:55:25:75:b4:b5:
         1a:29:e9:2b:32:35:5f:0f:58:3f:f9:de:ff:38:bd:7a:6e:8c:
         79:fb:9d:a6:69:cb:46:55:d0:36:98:6b:64:3c:9c:26:d2:4b:
         8a:dc:1b:35:48:ae:b9:06:17:32:59:a4:b7:24:d1:17:e9:10:
         d5:c2:af:1b:26:20:cc:43:40:96:6b:75:0d:1d:0d:48:5b:f4:
         6b:f4:e8:6e:1f:17:7f:9c:0a:cb:c5:87:cb:c3:e7:e8:ec:69:
         97:bd:77:aa:48:bc:3f:3e:80:5a:fe:5b:8b:72:1d:ed:91:f7:
         64:1e:fd:49:a1:7e:45:e9:39:f2:d0:21:27:8a:43:72:41:e2:
         74:44:33:b8:4a:05:ca:30:0d:ad:99:43:3b:4c:bd:9d:8d:38:
         e6:42:4e:2a:31:7d:b2:b9:78:fd:12:74:f1:84:50:fa:90:cd:
         f9:36:54:b8:11:36:f5:32:1f:1f:05:07:53:d4:9e:03:e6:96:
         f6:aa:85:3a:1e:d5:1b:7c:9c:19:69:f1:e9:e6:9e:74:19:1a:
         1b:f8:59:7d:47:90:fd:d6:a1:07:7f:88:05:ba:ba:8d:e0:30:
         a0:60:18:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTt4aJy3mgSftyFyMotEPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwNDIwMTUwMDU4WhcNMjUwNDIxMTUwMDU4WjAzMTEwLwYDVQQD
EygyMmNjZjI0NjY2OGIyYWVlNzhmYmRkNWFlM2Y3Y2NlZTAxNjdkMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8LYs8z7rt0cq31c0yXNZn4x9PUp
PluxX00l5QFh3+ZiMOvuTJTCjAF3jigy4B2e02fP6tsIhNx9XJNEi+Yoft03NxTC
2qLbvjkoxzo8HwWWyvwY5htEGflTCVVDD08WD92AccbEx6+0PD1HIydkEFet0hl6
ruil21yKfvEoiAOsKYQaEd7eKjaTlITUwAs67Xz/ibhvaUdwY4nVXmeJxYhxFO8e
MXDKLYImZuaz5bKSViEb6Grp1K+kDh2Z2Icm8AelorXhOXps2ORPVoa5IFhSUxXT
lGqvcs6cVLr/RTt3JVyschshZASCkMI+6WEE5vU0nLR7RbppyjbP3YAMWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLM8kZmiyruePvdWuP3zO4BZ9ISMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCzgQVgI
b0EG9xeQJiL1i2MeR2wShFhx/qVbvcvSF1UldbS1GinpKzI1Xw9YP/ne/zi9em6M
efudpmnLRlXQNphrZDycJtJLitwbNUiuuQYXMlmktyTRF+kQ1cKvGyYgzENAlmt1
DR0NSFv0a/Tobh8Xf5wKy8WHy8Pn6Oxpl713qki8Pz6AWv5bi3Id7ZH3ZB79SaF+
Rek58tAhJ4pDckHidEQzuEoFyjANrZlDO0y9nY045kJOKjF9srl4/RJ08YRQ+pDN
+TZUuBE29TIfHwUHU9SeA+aW9qqFOh7VG3ycGWnx6eaedBkaG/hZfUeQ/dahB3+I
Bbq6jeAwoGAYqA==
-----END CERTIFICATE-----