Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
File:                     ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft (raw, json)
Hash identifier:          sb3VxlngfyL4chwW8jfmdPSJsZF+acy+T3Pymb3CTQs=
Subject key identifier:   7E:EC:C9:31:0F:36:36:0C:B0:F6:6D:4B:4B:B9:15:A6:00:CB:55:52
Authority key identifier: 6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C
Certificate issuer:       /CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
Certificate serial:       0196BD8132B1562A634B423C252C4EB83AAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
Manifest number:          10F3
Signing time:             Sun 11 May 2025 04:01:23 +0000
Manifest this update:     Sun 11 May 2025 04:01:23 +0000
Manifest next update:     Mon 12 May 2025 04:01:23 +0000
Files and hashes:         1: ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl (hash: LAtZoXRk90qB3BvnO3qO4KYR1cF2RV5q3IzeOrrUU30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:81:32:b1:56:2a:63:4b:42:3c:25:2c:4e:b8:3a:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
        Validity
            Not Before: May 11 04:01:23 2025 GMT
            Not After : May 12 04:01:23 2025 GMT
        Subject: CN=7eecc9310f36360cb0f66d4b4bb915a600cb5552
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d8:37:3b:41:52:b2:22:76:1a:1a:d1:1a:10:
                    dd:8e:b8:0f:2c:e8:88:f4:d3:46:3b:15:d5:31:f9:
                    02:6a:c5:e8:91:88:f3:5b:15:61:a2:82:e8:7e:64:
                    90:45:68:c3:fd:7e:10:15:d1:a0:50:27:72:35:7d:
                    e4:e5:e1:ed:c8:87:16:be:79:ff:a5:76:c4:ba:10:
                    00:ff:18:61:8a:a0:c1:f3:93:c0:30:60:fb:d0:56:
                    eb:db:0d:6e:67:9b:ac:62:1f:48:a7:b7:69:b4:40:
                    2b:f4:03:2b:3f:ed:d7:22:d3:7a:f4:48:72:03:d1:
                    cd:de:b6:c2:8b:c1:82:e5:d1:07:d5:f2:fe:f0:2e:
                    df:24:37:f3:96:07:a3:28:a5:37:aa:f1:0c:92:17:
                    2b:2d:d0:03:79:41:aa:c9:ec:60:a1:3e:d8:7c:35:
                    f6:c2:7c:2f:d2:96:e7:2a:54:d7:d1:6c:72:bc:f0:
                    1f:38:e4:52:ea:99:85:90:2e:60:5f:29:81:3a:8b:
                    ca:41:fd:5f:a6:ac:08:1f:32:f9:39:10:7d:36:ad:
                    05:06:eb:d2:32:c1:42:94:27:bc:1b:60:12:b4:8d:
                    f7:57:04:2d:4d:2e:b4:dc:ca:ef:07:d4:91:d5:a7:
                    41:bc:10:ca:5d:08:63:88:74:15:78:11:d4:6b:1d:
                    68:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EC:C9:31:0F:36:36:0C:B0:F6:6D:4B:4B:B9:15:A6:00:CB:55:52
            X509v3 Authority Key Identifier:
                keyid:6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:9c:08:33:56:c6:42:24:d5:82:e1:54:a8:b2:78:57:ac:71:
         af:23:4e:9d:b1:50:c0:e3:b1:64:6a:2f:03:e9:70:93:32:d1:
         ce:33:cc:a2:df:94:ec:ce:63:82:10:01:ed:28:92:bb:a9:cf:
         f6:5a:5e:c9:f1:63:a4:48:ec:d8:82:42:50:25:33:17:66:04:
         5d:85:4c:63:dc:30:d3:bf:74:d9:b7:12:31:74:09:a8:ac:27:
         94:9b:1d:3e:6f:77:cc:bc:c2:6c:ce:db:97:37:66:24:ae:5e:
         8a:d7:28:14:c0:c5:fd:2c:4d:05:75:cb:fa:f0:61:83:79:a5:
         32:5d:a5:ad:16:41:e9:07:21:0c:47:38:d5:85:4d:1f:5c:03:
         dc:5c:4e:0f:a0:d0:4b:b9:03:81:83:7b:0a:1f:46:74:b7:51:
         56:e0:23:1d:0d:38:9f:2f:87:73:ba:95:ca:d3:8a:70:06:c5:
         e7:d8:d5:40:10:1c:ab:69:6e:57:4f:a6:2b:b6:71:7e:0a:e9:
         ad:c7:c0:22:67:ae:0b:f7:ea:8c:f2:85:99:1f:8a:67:72:01:
         6a:f6:2b:65:56:56:d7:5e:e8:01:bb:ab:b1:5d:f2:28:5c:d3:
         f6:ed:08:38:c7:1c:f7:ec:7c:d7:1b:63:fa:2b:de:29:bf:07:
         28:0a:17:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gTKxVipjS0I8JSxOuDqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTBiN2M1NGU2Zjk1YjFkOWI4NGFhYzNkOWRhNzQyYTBl
MDJhNmMwHhcNMjUwNTExMDQwMTIzWhcNMjUwNTEyMDQwMTIzWjAzMTEwLwYDVQQD
Eyg3ZWVjYzkzMTBmMzYzNjBjYjBmNjZkNGI0YmI5MTVhNjAwY2I1NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNg3O0FSsiJ2GhrRGhDdjrgPLOiI
9NNGOxXVMfkCasXokYjzWxVhooLofmSQRWjD/X4QFdGgUCdyNX3k5eHtyIcWvnn/
pXbEuhAA/xhhiqDB85PAMGD70Fbr2w1uZ5usYh9Ip7dptEAr9AMrP+3XItN69Ehy
A9HN3rbCi8GC5dEH1fL+8C7fJDfzlgejKKU3qvEMkhcrLdADeUGqyexgoT7YfDX2
wnwv0pbnKlTX0WxyvPAfOORS6pmFkC5gXymBOovKQf1fpqwIHzL5ORB9Nq0FBuvS
MsFClCe8G2AStI33VwQtTS603MrvB9SR1adBvBDKXQhjiHQVeBHUax1oiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7syTEPNjYMsPZtS0u5FaYAy1VSMB8GA1UdIwQY
MBaAFGoQt8VOb5Wx2bhKrD2dp0Kg4CpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUt
MmRjYWQ2ZWU3MWZiLzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUtMmRjYWQ2ZWU3MWZi
LzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOJwIM1bG
QiTVguFUqLJ4V6xxryNOnbFQwOOxZGovA+lwkzLRzjPMot+U7M5jghAB7SiSu6nP
9lpeyfFjpEjs2IJCUCUzF2YEXYVMY9ww07902bcSMXQJqKwnlJsdPm93zLzCbM7b
lzdmJK5eitcoFMDF/SxNBXXL+vBhg3mlMl2lrRZB6QchDEc41YVNH1wD3FxOD6DQ
S7kDgYN7Ch9GdLdRVuAjHQ04ny+Hc7qVytOKcAbF59jVQBAcq2luV0+mK7Zxfgrp
rcfAImeuC/fqjPKFmR+KZ3IBavYrZVZW117oAbursV3yKFzT9u0IOMcc9+x81xtj
+iveKb8HKAoXuQ==
-----END CERTIFICATE-----