Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
File:                     gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json)
Hash identifier:          edK4C3sY/2w4pWISRypPVTMJTSkmTLj6jsjr1+ffXCw=
Subject key identifier:   D9:69:5B:5C:06:F1:E1:7C:4B:DE:32:99:4A:6F:B0:2C:F3:98:CB:03
Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23
Certificate issuer:       /CN=813a42838d2e45ed5dad4114606d9729a6501d23
Certificate serial:       0196AE7B7EAB81D9FB6BFAFFF03B045A8ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
Manifest number:          0D8B
Signing time:             Thu 08 May 2025 06:00:51 +0000
Manifest this update:     Thu 08 May 2025 06:00:51 +0000
Manifest next update:     Fri 09 May 2025 06:00:51 +0000
Files and hashes:         1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: hdxr++naIwY8LO38js7PQ5YeuzuQjeiBXtvA0h/V3bs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 06:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:7b:7e:ab:81:d9:fb:6b:fa:ff:f0:3b:04:5a:8e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23
        Validity
            Not Before: May  8 06:00:51 2025 GMT
            Not After : May  9 06:00:51 2025 GMT
        Subject: CN=d9695b5c06f1e17c4bde32994a6fb02cf398cb03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:71:ef:f0:20:ba:25:8b:da:b7:57:9a:57:24:
                    5a:f4:20:5c:11:c0:d7:33:0a:06:99:4a:fa:64:4e:
                    de:07:16:1a:50:ac:79:e5:55:46:55:4f:fc:4d:4e:
                    72:df:28:6e:63:e6:b7:68:83:65:12:ee:0e:cf:3e:
                    94:35:17:73:31:dc:22:64:f8:b4:3b:f8:1c:38:ed:
                    71:af:9e:ac:8d:c9:6e:0e:3f:a3:8f:42:62:28:b0:
                    57:94:aa:f4:b5:ed:87:54:15:a2:23:bb:2b:8e:3f:
                    92:4f:22:31:d4:e2:ef:60:c7:27:68:06:d2:86:86:
                    96:e1:06:3d:64:32:04:54:d2:4e:77:6d:98:b2:ea:
                    05:4b:67:a9:03:c4:46:c2:48:f2:a2:28:df:20:b4:
                    78:34:ce:c8:89:3e:5c:3f:9e:f7:38:bf:b7:0d:fb:
                    5f:8c:3b:ae:91:44:46:26:d0:4c:37:6a:7e:a1:39:
                    51:79:fc:36:b8:a7:52:10:de:6a:ff:7b:ee:62:89:
                    86:b7:42:09:25:36:5f:c4:cf:9b:f0:ad:f5:e6:1d:
                    b5:f2:97:b2:76:65:19:b5:af:21:58:c4:b3:8c:72:
                    4f:aa:f6:3f:1f:b6:f2:8f:97:74:47:0e:17:e4:67:
                    c6:04:fd:b1:87:e6:60:84:ea:53:7e:45:87:92:af:
                    91:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:69:5B:5C:06:F1:E1:7C:4B:DE:32:99:4A:6F:B0:2C:F3:98:CB:03
            X509v3 Authority Key Identifier:
                keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:35:c4:80:9e:06:1a:b5:14:81:d3:9c:7e:45:d9:e7:16:04:
         34:7c:87:38:24:01:d8:f6:ed:a3:0b:43:59:57:81:54:8b:df:
         aa:3b:0f:ae:a0:ab:20:b8:95:d2:00:d5:f5:c1:2c:90:3f:a2:
         df:d7:6e:d1:79:30:68:1f:cb:83:62:3a:c8:5b:01:b9:ef:65:
         84:43:6e:7c:5e:ac:53:ad:fa:ef:b5:e9:79:d4:d3:75:9b:05:
         52:ac:1f:cd:a8:12:1c:da:c4:61:c6:56:0c:6f:3b:17:d6:c7:
         6e:94:68:f8:89:18:60:b7:db:38:df:9a:82:27:2d:0d:84:fa:
         86:ab:2a:d2:c4:27:03:bd:d0:13:87:d4:11:27:9f:cf:c0:47:
         40:78:17:8c:de:bc:04:d1:a9:e8:fb:2d:09:75:7b:01:10:61:
         36:96:99:ef:5f:74:02:f9:5d:86:9a:08:70:f2:f6:de:c5:d5:
         2b:79:c8:d8:f6:1a:92:0a:20:ed:56:77:d4:25:fb:78:bb:40:
         f9:0f:37:2d:35:42:f0:38:4d:61:28:55:ea:00:3a:e5:c1:93:
         3a:06:e9:ca:24:a9:a5:90:f5:16:20:4d:02:c9:85:e3:20:ac:
         fd:37:2b:1f:3b:88:05:96:7a:d9:26:5a:7b:33:54:68:53:eb:
         15:d4:cf:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaue36rgdn7a/r/8DsEWo7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1
MDFkMjMwHhcNMjUwNTA4MDYwMDUxWhcNMjUwNTA5MDYwMDUxWjAzMTEwLwYDVQQD
EyhkOTY5NWI1YzA2ZjFlMTdjNGJkZTMyOTk0YTZmYjAyY2YzOThjYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnHv8CC6JYvat1eaVyRa9CBcEcDX
MwoGmUr6ZE7eBxYaUKx55VVGVU/8TU5y3yhuY+a3aINlEu4Ozz6UNRdzMdwiZPi0
O/gcOO1xr56sjcluDj+jj0JiKLBXlKr0te2HVBWiI7srjj+STyIx1OLvYMcnaAbS
hoaW4QY9ZDIEVNJOd22YsuoFS2epA8RGwkjyoijfILR4NM7IiT5cP573OL+3Dftf
jDuukURGJtBMN2p+oTlRefw2uKdSEN5q/3vuYomGt0IJJTZfxM+b8K315h218pey
dmUZta8hWMSzjHJPqvY/H7byj5d0Rw4X5GfGBP2xh+ZghOpTfkWHkq+R+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlpW1wG8eF8S94ymUpvsCzzmMsDMB8GA1UdIwQY
MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct
NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz
LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkDXEgJ4G
GrUUgdOcfkXZ5xYENHyHOCQB2PbtowtDWVeBVIvfqjsPrqCrILiV0gDV9cEskD+i
39du0XkwaB/Lg2I6yFsBue9lhENufF6sU63677XpedTTdZsFUqwfzagSHNrEYcZW
DG87F9bHbpRo+IkYYLfbON+agictDYT6hqsq0sQnA73QE4fUESefz8BHQHgXjN68
BNGp6PstCXV7ARBhNpaZ7190AvldhpoIcPL23sXVK3nI2PYakgog7VZ31CX7eLtA
+Q83LTVC8DhNYShV6gA65cGTOgbpyiSppZD1FiBNAsmF4yCs/TcrHzuIBZZ62SZa
ezNUaFPrFdTPQg==
-----END CERTIFICATE-----