Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          IwBdS++T/5R1qnY21dDau80Or38DLnt/MInZRQanBu8=
Subject key identifier:   B9:D9:79:95:75:11:F8:7F:01:CF:8F:F9:61:A1:5B:B8:D1:50:F1:1B
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       0196C34C5DA9A7AF49EF3E27C9E8D9E9A9D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          06B6
Signing time:             Mon 12 May 2025 07:01:23 +0000
Manifest this update:     Mon 12 May 2025 07:01:23 +0000
Manifest next update:     Tue 13 May 2025 07:01:23 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: AJcBLwQdxnvcTj47ViTsLsGIKphY1evZBKqOpX4jOeA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 07:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:5d:a9:a7:af:49:ef:3e:27:c9:e8:d9:e9:a9:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: May 12 07:01:23 2025 GMT
            Not After : May 13 07:01:23 2025 GMT
        Subject: CN=b9d979957511f87f01cf8ff961a15bb8d150f11b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6a:ce:04:b2:9a:76:5b:b6:5e:28:bc:00:f3:
                    ba:46:90:75:39:9b:ff:1d:7e:15:a7:38:65:a7:fc:
                    aa:50:b7:ab:13:dd:79:ee:a1:55:18:b9:24:62:17:
                    31:57:28:1d:3e:85:bf:bd:e5:d8:92:09:8f:bf:56:
                    e2:52:0c:9c:04:51:4b:e6:8d:78:70:a2:e5:99:49:
                    00:f9:db:cf:2c:52:50:e6:bf:3b:da:ab:dc:ec:74:
                    cb:ad:4c:35:4c:81:56:88:a0:6b:f3:7a:cf:12:e1:
                    d7:66:65:52:15:7d:78:d0:80:a3:5d:9e:7c:e9:3f:
                    f7:6f:54:a3:6b:d7:a2:63:14:60:88:f7:c3:97:66:
                    21:ac:f1:e4:03:48:77:f2:01:69:87:e0:72:ec:bc:
                    6d:c1:d2:da:2b:45:97:4c:5e:67:19:a8:d2:84:85:
                    cc:f4:bc:c8:2a:2e:46:99:70:92:45:6f:67:54:6d:
                    e3:4f:9a:66:84:8b:58:58:52:30:7c:b2:09:53:b1:
                    4b:d9:3b:ea:85:3b:b7:dd:6d:43:c7:1a:15:f4:d1:
                    f5:9d:61:8f:57:36:6c:27:be:e3:b9:17:3a:9c:1d:
                    a5:c9:aa:85:72:f4:81:26:a0:39:71:a9:8c:f6:f2:
                    46:b0:bb:69:ad:d6:b7:bf:31:81:e2:cd:58:fd:7d:
                    cf:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D9:79:95:75:11:F8:7F:01:CF:8F:F9:61:A1:5B:B8:D1:50:F1:1B
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:d3:14:80:21:9c:43:eb:84:6b:7f:a1:83:16:84:5e:89:e6:
         5d:a5:48:21:fd:43:5e:ad:0c:69:ae:6a:2f:80:3c:42:9e:af:
         e5:95:db:7a:4e:ff:a1:15:ef:f7:50:c8:45:c6:9b:c3:30:6f:
         df:95:0b:12:95:f5:35:a5:0f:41:3e:e6:bc:16:97:f7:ce:f0:
         31:07:f6:55:6a:e6:1c:31:d0:40:84:9d:3a:3e:dd:95:cb:1b:
         9e:b9:8f:40:21:fb:56:c3:a5:ca:7a:cc:a7:6c:c0:ae:72:83:
         f7:fd:fc:b2:0d:5a:c4:ba:53:b3:9d:23:de:8a:71:46:e3:93:
         0d:0f:ba:8c:1a:0e:99:1b:da:ba:be:5d:6f:12:c0:47:cb:f0:
         a4:13:bd:52:9b:ef:16:55:b8:1e:f1:c7:35:c9:56:5a:dd:6f:
         61:0c:6b:11:bb:72:38:16:53:7f:0a:78:cd:65:f0:cf:18:08:
         67:d7:fa:bd:6e:39:27:5f:78:da:08:4c:d2:c9:d3:19:6c:a2:
         f0:de:ba:cb:ec:60:8b:09:91:a0:37:95:be:e8:0a:b6:18:f4:
         be:f6:2e:77:a5:80:fd:aa:69:e4:7a:1c:61:df:b8:22:58:28:
         0d:7c:4f:d3:b3:c6:f4:99:cc:11:78:a5:1d:a1:60:12:31:4b:
         61:69:11:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTF2pp69J7z4nyejZ6anVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjUwNTEyMDcwMTIzWhcNMjUwNTEzMDcwMTIzWjAzMTEwLwYDVQQD
EyhiOWQ5Nzk5NTc1MTFmODdmMDFjZjhmZjk2MWExNWJiOGQxNTBmMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmrOBLKadlu2Xii8APO6RpB1OZv/
HX4Vpzhlp/yqULerE9157qFVGLkkYhcxVygdPoW/veXYkgmPv1biUgycBFFL5o14
cKLlmUkA+dvPLFJQ5r872qvc7HTLrUw1TIFWiKBr83rPEuHXZmVSFX140ICjXZ58
6T/3b1Sja9eiYxRgiPfDl2YhrPHkA0h38gFph+By7LxtwdLaK0WXTF5nGajShIXM
9LzIKi5GmXCSRW9nVG3jT5pmhItYWFIwfLIJU7FL2TvqhTu33W1DxxoV9NH1nWGP
VzZsJ77juRc6nB2lyaqFcvSBJqA5camM9vJGsLtprda3vzGB4s1Y/X3PjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnZeZV1Efh/Ac+P+WGhW7jRUPEbMB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNMUgCGc
Q+uEa3+hgxaEXonmXaVIIf1DXq0Maa5qL4A8Qp6v5ZXbek7/oRXv91DIRcabwzBv
35ULEpX1NaUPQT7mvBaX987wMQf2VWrmHDHQQISdOj7dlcsbnrmPQCH7VsOlynrM
p2zArnKD9/38sg1axLpTs50j3opxRuOTDQ+6jBoOmRvaur5dbxLAR8vwpBO9Upvv
FlW4HvHHNclWWt1vYQxrEbtyOBZTfwp4zWXwzxgIZ9f6vW45J1942ghM0snTGWyi
8N66y+xgiwmRoDeVvugKthj0vvYud6WA/app5HocYd+4IlgoDXxP07PG9JnMEXil
HaFgEjFLYWkRuA==
-----END CERTIFICATE-----