Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
File:                     CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft (raw, json)
Hash identifier:          Yz2cXk2xkxm83W4Z/+8e9LifjT6ShFuU0SyvSWYlIYg=
Subject key identifier:   85:9E:8D:BB:94:0E:29:49:BB:65:FC:27:26:9C:A1:D7:F9:60:6F:90
Authority key identifier: 08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Certificate issuer:       /CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
Certificate serial:       01963FFA3BEAC9CEAF6D2FA2DAE3C9CD3EFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
Manifest number:          098C
Signing time:             Wed 16 Apr 2025 19:01:25 +0000
Manifest this update:     Wed 16 Apr 2025 19:01:25 +0000
Manifest next update:     Thu 17 Apr 2025 19:01:25 +0000
Files and hashes:         1: CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl (hash: dZrmSj8OTfjxL2W9ovSOLwGqbxwS7hWyDX9oQRdT8zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:fa:3b:ea:c9:ce:af:6d:2f:a2:da:e3:c9:cd:3e:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
        Validity
            Not Before: Apr 16 19:01:25 2025 GMT
            Not After : Apr 17 19:01:25 2025 GMT
        Subject: CN=859e8dbb940e2949bb65fc27269ca1d7f9606f90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:12:4b:c7:dd:fe:93:9e:16:1a:46:e4:c8:8c:
                    50:ee:2c:8f:a7:fa:00:dd:2d:26:25:95:d8:2c:50:
                    62:4c:a8:7d:af:80:59:e7:37:21:a8:f8:14:f8:0e:
                    e0:d7:98:26:11:f3:d8:28:3e:c1:34:c2:30:3e:5c:
                    ed:a4:90:dd:a0:0b:0c:7c:70:00:16:27:1c:c7:45:
                    b7:b2:1f:77:43:7d:e9:7e:f4:ca:c9:fb:54:b1:13:
                    f5:c0:1a:29:7e:d9:d8:6c:0c:45:92:66:95:08:9f:
                    3d:09:7c:d1:17:92:2e:cd:00:bf:e9:4b:02:a1:94:
                    2b:51:6c:6e:05:c6:db:70:ea:f4:c9:7c:0f:5a:46:
                    e3:10:24:7c:4d:69:e6:7c:c9:e4:e9:ce:c5:4c:35:
                    22:c2:41:65:2b:3b:6c:a2:25:2e:1e:73:68:2e:ef:
                    77:bd:57:6d:a4:26:02:39:a0:52:a5:de:df:ce:c8:
                    fe:6f:99:83:87:ce:a2:61:69:35:63:ce:39:cc:b6:
                    f8:2f:84:fb:1f:54:aa:2e:43:96:2c:21:03:7e:b3:
                    94:7a:e1:83:bc:47:f6:d6:22:57:35:e8:ad:0d:db:
                    f3:67:08:cb:fa:80:1b:d8:e1:54:ee:5a:53:2a:2e:
                    c2:ee:a4:2b:08:54:03:bb:dd:ff:06:bc:07:20:cf:
                    0a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:9E:8D:BB:94:0E:29:49:BB:65:FC:27:26:9C:A1:D7:F9:60:6F:90
            X509v3 Authority Key Identifier:
                keyid:08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:db:61:c4:9c:ac:f9:1b:0c:cd:cb:10:8e:4a:61:5d:89:dc:
         f5:00:bd:0b:b5:d9:cc:5d:89:0d:1d:30:30:8a:be:8b:01:2f:
         18:81:87:2b:f7:66:dd:ce:09:7d:10:ad:39:a5:d5:44:fa:1d:
         78:e0:59:ea:25:ba:26:e8:d2:81:c9:52:41:6c:5e:ab:09:50:
         ee:6d:09:ab:c3:ae:a6:f2:10:b5:f5:79:d9:03:42:11:b2:49:
         ff:48:d5:9c:b6:46:18:b4:39:45:72:da:66:50:36:6c:7b:1a:
         2f:e6:b4:82:7b:c6:c9:98:0d:0b:4f:f1:88:55:69:f4:e8:b5:
         18:fd:e3:24:3b:d7:04:55:e9:23:23:6f:85:0b:b5:3c:1d:0e:
         fc:26:7b:c0:6a:c4:9e:4a:f7:3e:b4:3d:df:7f:e4:17:56:5a:
         d7:08:49:a1:3e:4d:7c:fa:82:7b:a4:b3:cb:c5:00:ed:61:b2:
         c7:90:38:a4:bb:d6:ec:8c:c2:2e:e8:94:bf:b6:dc:7e:a5:c8:
         06:16:c4:8a:57:da:9d:91:28:73:ac:44:5e:b7:6f:e6:e3:65:
         9b:42:3e:25:d0:6f:f4:b1:e7:80:e5:16:e5:0d:da:77:65:36:
         b4:55:f2:93:b4:29:61:da:ac:63:92:d4:d4:77:40:1b:e2:fb:
         fc:97:92:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+jvqyc6vbS+i2uPJzT77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDI3ZmRjOTBmODBmODA5NzJjMTI1YmQ0MWVkYjBhZTgz
MzRhYTAwHhcNMjUwNDE2MTkwMTI1WhcNMjUwNDE3MTkwMTI1WjAzMTEwLwYDVQQD
Eyg4NTllOGRiYjk0MGUyOTQ5YmI2NWZjMjcyNjljYTFkN2Y5NjA2ZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhJLx93+k54WGkbkyIxQ7iyPp/oA
3S0mJZXYLFBiTKh9r4BZ5zchqPgU+A7g15gmEfPYKD7BNMIwPlztpJDdoAsMfHAA
Ficcx0W3sh93Q33pfvTKyftUsRP1wBopftnYbAxFkmaVCJ89CXzRF5IuzQC/6UsC
oZQrUWxuBcbbcOr0yXwPWkbjECR8TWnmfMnk6c7FTDUiwkFlKztsoiUuHnNoLu93
vVdtpCYCOaBSpd7fzsj+b5mDh86iYWk1Y845zLb4L4T7H1SqLkOWLCEDfrOUeuGD
vEf21iJXNeitDdvzZwjL+oAb2OFU7lpTKi7C7qQrCFQDu93/BrwHIM8KGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWejbuUDilJu2X8Jyacodf5YG+QMB8GA1UdIwQY
MBaAFAjSf9yQ+A+AlywSW9Qe2wroM0qgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYt
OTEwNTQxMTU1ZmVmLzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYtOTEwNTQxMTU1ZmVm
LzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtthxJys
+RsMzcsQjkphXYnc9QC9C7XZzF2JDR0wMIq+iwEvGIGHK/dm3c4JfRCtOaXVRPod
eOBZ6iW6JujSgclSQWxeqwlQ7m0Jq8OupvIQtfV52QNCEbJJ/0jVnLZGGLQ5RXLa
ZlA2bHsaL+a0gnvGyZgNC0/xiFVp9Oi1GP3jJDvXBFXpIyNvhQu1PB0O/CZ7wGrE
nkr3PrQ933/kF1Za1whJoT5NfPqCe6Szy8UA7WGyx5A4pLvW7IzCLuiUv7bcfqXI
BhbEilfanZEoc6xEXrdv5uNlm0I+JdBv9LHngOUW5Q3ad2U2tFXyk7QpYdqsY5LU
1HdAG+L7/JeS9g==
-----END CERTIFICATE-----