Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
File:                     mNtTOItvp7HlovTGhjq3Hxz7VRI.mft (raw, json)
Hash identifier:          TIwtEW6ae9NVvOkjNViQdrVTYCW3Il2U+haZgRtl5m0=
Subject key identifier:   B1:94:00:79:0D:E8:D6:17:A8:6D:26:E2:EE:A7:C2:2C:0A:27:70:83
Authority key identifier: 98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
Certificate issuer:       /CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
Certificate serial:       01969E63780012FCDC5260B645D301A36C80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
Manifest number:          022A
Signing time:             Mon 05 May 2025 03:00:40 +0000
Manifest this update:     Mon 05 May 2025 03:00:40 +0000
Manifest next update:     Tue 06 May 2025 03:00:40 +0000
Files and hashes:         1: mNtTOItvp7HlovTGhjq3Hxz7VRI.crl (hash: pB8m2D0NlHyWs3YL8IkppONB3dQk8WpoCizS6w/YbuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:63:78:00:12:fc:dc:52:60:b6:45:d3:01:a3:6c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
        Validity
            Not Before: May  5 03:00:40 2025 GMT
            Not After : May  6 03:00:40 2025 GMT
        Subject: CN=b19400790de8d617a86d26e2eea7c22c0a277083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4d:7b:cb:96:c1:d6:dd:fa:bb:4c:d3:cf:25:
                    e3:47:af:f3:67:cb:9c:a3:9b:bd:0e:16:fa:1a:0b:
                    19:d0:93:e9:88:51:c8:d9:a5:68:57:7b:eb:be:67:
                    4b:f9:08:b8:96:e0:3a:b2:54:54:fe:17:1f:ed:1c:
                    5a:e0:c1:4b:6c:0b:ec:61:2f:b9:9b:6d:4a:94:20:
                    e8:8d:2a:49:b0:bb:d8:50:57:80:6f:a9:4a:ca:d0:
                    a3:46:45:1d:23:c5:8e:ed:0f:5c:86:37:52:2d:ae:
                    54:b7:7a:21:6f:f4:ad:52:b3:1c:77:e5:c8:8f:0e:
                    a9:b6:b0:df:93:9d:3e:98:2f:e0:3c:c7:d9:82:03:
                    d0:f2:94:8c:9a:29:e8:19:36:08:54:93:5b:de:7f:
                    1e:95:a5:68:8f:c7:91:6d:4d:a5:77:91:56:2f:95:
                    53:37:b5:eb:b2:01:f3:16:8d:a6:bf:1b:80:b0:9d:
                    fa:3a:03:77:c3:72:66:3f:3a:f0:a4:3a:d2:fd:bb:
                    2a:84:38:85:12:d5:db:6c:21:e6:b6:ce:5f:f7:fd:
                    eb:82:9e:c4:c4:ae:86:1a:a3:9c:1e:29:8f:3c:9d:
                    cf:42:d0:97:db:ac:b2:36:99:cb:1b:6d:dc:2d:99:
                    f3:72:43:c0:d6:0d:1f:8e:1c:13:6f:2d:36:6b:c0:
                    90:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:94:00:79:0D:E8:D6:17:A8:6D:26:E2:EE:A7:C2:2C:0A:27:70:83
            X509v3 Authority Key Identifier:
                keyid:98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:cf:12:b3:a8:64:e5:7f:d3:e7:d4:26:6b:12:87:5f:dd:1f:
         de:13:f9:e2:2d:42:68:0a:01:b9:53:ad:cf:d4:c8:98:d5:8a:
         12:b7:79:a2:e3:5e:ba:22:a5:9a:5c:41:7d:4a:55:05:af:02:
         59:28:8a:af:fb:06:8e:ea:86:76:35:7e:00:d3:70:bd:6f:21:
         08:0f:53:ab:a3:33:93:95:e4:87:e9:d6:98:81:47:93:7d:97:
         09:fa:9b:fc:cf:3c:59:fa:72:3b:f7:ce:9f:38:95:f5:38:92:
         d4:f6:83:52:b5:2b:da:e8:d3:e0:f4:f5:24:39:16:b9:89:fd:
         79:ff:a0:41:b5:27:bf:f0:11:a0:bc:ea:bd:ce:08:c9:c0:b4:
         fe:07:49:1f:f8:4e:84:92:11:9f:53:ac:36:9d:48:92:ff:48:
         18:88:1a:26:63:08:e1:a5:a0:09:2f:6c:a6:63:7e:fb:ef:a5:
         d1:55:0d:29:e2:2d:88:78:eb:81:56:c4:bd:a5:5f:ef:1d:63:
         1a:4b:4d:cb:6b:52:9f:1b:cf:ba:b4:4a:e3:3a:c5:c4:fa:e5:
         14:96:48:4a:2e:49:fb:2d:41:91:8d:c9:87:c2:64:f6:6e:2a:
         e0:2a:d3:28:37:4a:01:ad:50:37:da:ff:4e:a5:76:ca:28:55:
         3e:e0:67:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaeY3gAEvzcUmC2RdMBo2yAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGI1MzM4OGI2ZmE3YjFlNWEyZjRjNjg2M2FiNzFmMWNm
YjU1MTIwHhcNMjUwNTA1MDMwMDQwWhcNMjUwNTA2MDMwMDQwWjAzMTEwLwYDVQQD
EyhiMTk0MDA3OTBkZThkNjE3YTg2ZDI2ZTJlZWE3YzIyYzBhMjc3MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk17y5bB1t36u0zTzyXjR6/zZ8uc
o5u9Dhb6GgsZ0JPpiFHI2aVoV3vrvmdL+Qi4luA6slRU/hcf7Rxa4MFLbAvsYS+5
m21KlCDojSpJsLvYUFeAb6lKytCjRkUdI8WO7Q9chjdSLa5Ut3ohb/StUrMcd+XI
jw6ptrDfk50+mC/gPMfZggPQ8pSMminoGTYIVJNb3n8elaVoj8eRbU2ld5FWL5VT
N7XrsgHzFo2mvxuAsJ36OgN3w3JmPzrwpDrS/bsqhDiFEtXbbCHmts5f9/3rgp7E
xK6GGqOcHimPPJ3PQtCX26yyNpnLG23cLZnzckPA1g0fjhwTby02a8CQJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGUAHkN6NYXqG0m4u6nwiwKJ3CDMB8GA1UdIwQY
MBaAFJjbUziLb6ex5aL0xoY6tx8c+1USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYt
Yzc0NjdkYTJkYjYwLzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYtYzc0NjdkYTJkYjYw
LzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB88Ss6hk
5X/T59QmaxKHX90f3hP54i1CaAoBuVOtz9TImNWKErd5ouNeuiKlmlxBfUpVBa8C
WSiKr/sGjuqGdjV+ANNwvW8hCA9Tq6Mzk5Xkh+nWmIFHk32XCfqb/M88WfpyO/fO
nziV9TiS1PaDUrUr2ujT4PT1JDkWuYn9ef+gQbUnv/ARoLzqvc4IycC0/gdJH/hO
hJIRn1OsNp1Ikv9IGIgaJmMI4aWgCS9spmN++++l0VUNKeItiHjrgVbEvaVf7x1j
GktNy2tSnxvPurRK4zrFxPrlFJZISi5J+y1BkY3Jh8Jk9m4q4CrTKDdKAa1QN9r/
TqV2yihVPuBnmg==
-----END CERTIFICATE-----