Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          HFNOeTAxlS6LSAjeWEKUcC77wt0wO7e4AYPM2r2xsvg=
Subject key identifier:   AE:1C:F9:A2:7C:98:A1:8B:58:9C:FC:3B:73:39:2E:BD:DE:A8:32:BD
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0196BB92F28F01392060C1781BA59357D6E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          02B7
Signing time:             Sat 10 May 2025 19:01:31 +0000
Manifest this update:     Sat 10 May 2025 19:01:31 +0000
Manifest next update:     Sun 11 May 2025 19:01:31 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: 9+uhi3QaOB96KTvWVmMm7aFnlhaoqzfDdff2Fal8kfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:f2:8f:01:39:20:60:c1:78:1b:a5:93:57:d6:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: May 10 19:01:31 2025 GMT
            Not After : May 11 19:01:31 2025 GMT
        Subject: CN=ae1cf9a27c98a18b589cfc3b73392ebddea832bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:01:f1:ff:89:71:4b:27:72:88:9c:29:2f:28:
                    4c:85:ae:e9:84:4a:8b:68:e2:90:c4:b1:4d:79:d4:
                    ae:9d:bc:de:81:ad:c5:5f:7d:4d:8d:0f:56:c1:3c:
                    a9:4e:94:0f:b3:1b:8e:f1:4a:18:58:ba:0c:63:7c:
                    66:66:49:be:04:0d:c3:6f:1b:b3:56:64:f7:89:db:
                    60:90:f4:ca:8d:38:4d:22:59:84:58:38:d5:57:ce:
                    10:e2:4d:34:60:81:6e:de:d5:c8:ca:23:d5:35:2f:
                    81:09:f1:e6:a6:a7:9f:00:f4:9a:2c:86:cc:3a:e0:
                    c0:1a:aa:ea:23:4e:7c:0b:1f:39:7c:f1:a6:59:d7:
                    cb:e1:d7:fc:cc:36:0d:c3:1a:54:39:2a:43:4a:13:
                    7e:4f:e0:4a:6f:8b:aa:2a:01:47:6f:1c:ce:de:1f:
                    51:95:63:a8:48:e6:38:f5:08:4a:01:ad:9a:84:1c:
                    08:55:74:e7:b3:db:f7:ce:e5:e9:53:c2:0d:63:2e:
                    77:7a:c2:b4:54:13:31:de:b4:81:44:95:95:43:33:
                    26:8e:94:a0:b5:23:e1:73:a3:4e:a1:a5:e2:5c:9e:
                    6f:94:c5:c5:46:b1:d6:20:6a:af:65:ab:05:93:b7:
                    de:7c:bb:91:85:9c:86:f9:64:cb:09:9c:fa:ea:9c:
                    03:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:1C:F9:A2:7C:98:A1:8B:58:9C:FC:3B:73:39:2E:BD:DE:A8:32:BD
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:3b:9f:9d:e3:01:ff:5a:46:71:9d:2b:41:e2:de:19:4a:1f:
         1f:f0:4d:03:57:d2:53:67:60:72:d8:2d:6a:f1:03:79:c6:e0:
         34:f0:c4:48:75:5a:48:93:fd:2b:dd:15:80:6a:0a:e6:27:94:
         27:d0:8a:9f:1c:85:8a:ea:2e:97:85:b4:d4:cb:38:08:e3:1a:
         5f:d5:34:16:0b:6c:20:a8:19:7c:9a:f6:66:03:6b:95:91:92:
         0e:49:4e:c0:50:2b:96:69:dc:89:ed:e8:67:52:b9:26:ee:bb:
         d2:32:a1:95:14:a3:00:b3:6f:92:f7:e6:c0:1b:dc:26:79:97:
         70:a1:22:31:d0:1e:46:47:28:71:93:21:9c:ca:d2:26:8a:f4:
         06:6c:a0:28:ee:d0:69:47:9c:1b:e1:72:8f:75:f6:49:05:64:
         cd:ef:da:ea:6b:fe:ba:81:06:bc:86:c8:22:66:7b:0b:b6:35:
         eb:bc:37:51:0c:75:9b:dc:c4:94:91:36:b4:d5:cf:58:cc:b0:
         0e:d9:ba:71:b2:ab:23:de:d7:46:ff:28:01:ab:a7:12:1c:20:
         15:16:15:9d:cc:2f:42:91:02:6b:5c:e1:53:0f:f2:f6:03:79:
         07:32:ce:a7:14:2a:8a:0b:85:81:ac:a3:6f:8b:38:ff:52:fa:
         8e:48:29:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kvKPATkgYMF4G6WTV9bgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUwNTEwMTkwMTMxWhcNMjUwNTExMTkwMTMxWjAzMTEwLwYDVQQD
EyhhZTFjZjlhMjdjOThhMThiNTg5Y2ZjM2I3MzM5MmViZGRlYTgzMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AHx/4lxSydyiJwpLyhMha7phEqL
aOKQxLFNedSunbzega3FX31NjQ9WwTypTpQPsxuO8UoYWLoMY3xmZkm+BA3Dbxuz
VmT3idtgkPTKjThNIlmEWDjVV84Q4k00YIFu3tXIyiPVNS+BCfHmpqefAPSaLIbM
OuDAGqrqI058Cx85fPGmWdfL4df8zDYNwxpUOSpDShN+T+BKb4uqKgFHbxzO3h9R
lWOoSOY49QhKAa2ahBwIVXTns9v3zuXpU8INYy53esK0VBMx3rSBRJWVQzMmjpSg
tSPhc6NOoaXiXJ5vlMXFRrHWIGqvZasFk7fefLuRhZyG+WTLCZz66pwD0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4c+aJ8mKGLWJz8O3M5Lr3eqDK9MB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATDufneMB
/1pGcZ0rQeLeGUofH/BNA1fSU2dgctgtavEDecbgNPDESHVaSJP9K90VgGoK5ieU
J9CKnxyFiuoul4W01Ms4COMaX9U0FgtsIKgZfJr2ZgNrlZGSDklOwFArlmncie3o
Z1K5Ju670jKhlRSjALNvkvfmwBvcJnmXcKEiMdAeRkcocZMhnMrSJor0BmygKO7Q
aUecG+Fyj3X2SQVkze/a6mv+uoEGvIbIImZ7C7Y167w3UQx1m9zElJE2tNXPWMyw
Dtm6cbKrI97XRv8oAaunEhwgFRYVncwvQpECa1zhUw/y9gN5BzLOpxQqiguFgayj
b4s4/1L6jkgp2Q==
-----END CERTIFICATE-----