Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          OR9DdIREBR14O4ATyVbU6s0m3Gg3eq9zCI8u258x1Lw=
Subject key identifier:   19:A6:15:68:48:5C:3E:F7:9E:E9:CB:2C:BD:68:B0:46:71:CA:53:70
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       0196BF6F7628AAFBE764BCA61C404AA6B9F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          072A
Signing time:             Sun 11 May 2025 13:01:15 +0000
Manifest this update:     Sun 11 May 2025 13:01:15 +0000
Manifest next update:     Mon 12 May 2025 13:01:15 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: kom76o377GychczIzOlXMBGMxVkWYnj7f8kKk9rWWvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6f:76:28:aa:fb:e7:64:bc:a6:1c:40:4a:a6:b9:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: May 11 13:01:15 2025 GMT
            Not After : May 12 13:01:15 2025 GMT
        Subject: CN=19a61568485c3ef79ee9cb2cbd68b04671ca5370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fc:d8:c2:2a:2f:5a:2c:fb:f8:07:56:c3:40:
                    ca:2f:22:2c:bd:17:05:d2:c3:70:6e:81:ea:c5:88:
                    64:83:d9:2a:6f:54:5d:b5:50:1d:9f:01:3d:51:04:
                    80:69:6d:6e:f0:78:20:6d:53:d5:f1:b6:28:47:bb:
                    5b:76:d7:d6:a0:86:5d:40:37:11:ac:eb:9d:e4:9b:
                    d6:c7:0c:e5:4a:25:1b:03:af:15:73:b4:0c:7e:dc:
                    e5:1f:9e:d9:fd:3b:51:b7:bd:25:7a:77:c2:e4:8f:
                    59:a5:fd:da:8a:d2:20:03:6d:2c:ef:ea:09:8f:4f:
                    be:b8:6e:bc:12:58:92:6c:80:4d:b2:5d:90:2d:0b:
                    8f:34:da:20:0a:35:d8:a3:a7:a0:96:59:17:95:cd:
                    a2:bc:43:93:15:1a:fe:43:7e:b0:58:04:de:ef:13:
                    2f:98:f4:71:a7:16:61:a5:30:e8:46:ba:d1:21:0b:
                    10:92:46:fc:50:e5:64:ff:8f:37:16:52:e5:03:74:
                    ed:02:c7:f0:ed:fc:82:d8:1e:53:0a:d6:fb:24:72:
                    04:f3:51:92:28:42:f2:94:da:08:d3:ec:38:26:4f:
                    5d:e7:71:3f:29:3f:6f:1a:cb:a0:9e:99:b8:fe:6b:
                    bf:ad:c8:34:4b:09:0f:dc:6f:a7:99:67:a9:e8:5c:
                    3a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A6:15:68:48:5C:3E:F7:9E:E9:CB:2C:BD:68:B0:46:71:CA:53:70
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:9e:4d:4d:aa:d6:16:d2:e0:57:4c:41:15:3e:7d:0e:66:88:
         ee:84:c5:12:0f:b5:b5:c9:77:a5:1e:44:a4:e9:52:f5:7c:ef:
         0c:40:e3:1a:1c:36:8a:f1:50:57:7c:9f:16:97:be:60:21:0e:
         f3:71:8c:b6:d5:66:0e:5f:f6:80:c0:d7:de:c2:d7:e9:3c:c5:
         14:2d:9f:bb:1f:fd:11:a5:00:23:71:d1:8e:83:c3:15:24:5f:
         16:b0:30:20:62:3e:47:1e:ce:de:81:99:c2:6b:9b:3c:8f:c2:
         16:b3:2a:c1:02:c5:ac:95:79:d1:35:53:56:cd:65:07:11:18:
         d0:dd:f1:57:b6:12:0e:46:67:a8:08:78:2d:bf:ed:ed:69:45:
         92:73:05:21:22:c5:0e:0d:3b:dc:12:78:d6:61:42:01:12:d7:
         d4:95:df:0a:b5:98:69:2f:b6:ff:f1:1f:14:fa:55:e8:84:59:
         0e:49:c0:4f:09:aa:8d:15:c6:da:10:d0:ed:20:a0:89:f5:29:
         d0:ca:61:0d:5c:63:12:a4:b2:98:06:8a:52:77:f5:c0:4b:d8:
         b4:c3:8e:7c:69:47:ac:1d:92:cd:25:69:b8:7e:98:1c:f2:01:
         b2:8f:77:0e:e1:fa:52:7f:e3:fb:f3:0f:40:84:5f:4b:5b:d4:
         14:6f:03:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/b3YoqvvnZLymHEBKprnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUwNTExMTMwMTE1WhcNMjUwNTEyMTMwMTE1WjAzMTEwLwYDVQQD
EygxOWE2MTU2ODQ4NWMzZWY3OWVlOWNiMmNiZDY4YjA0NjcxY2E1MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvzYwiovWiz7+AdWw0DKLyIsvRcF
0sNwboHqxYhkg9kqb1RdtVAdnwE9UQSAaW1u8HggbVPV8bYoR7tbdtfWoIZdQDcR
rOud5JvWxwzlSiUbA68Vc7QMftzlH57Z/TtRt70lenfC5I9Zpf3aitIgA20s7+oJ
j0++uG68EliSbIBNsl2QLQuPNNogCjXYo6egllkXlc2ivEOTFRr+Q36wWATe7xMv
mPRxpxZhpTDoRrrRIQsQkkb8UOVk/483FlLlA3TtAsfw7fyC2B5TCtb7JHIE81GS
KELylNoI0+w4Jk9d53E/KT9vGsugnpm4/mu/rcg0SwkP3G+nmWep6Fw6TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmmFWhIXD73nunLLL1osEZxylNwMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZ5NTarW
FtLgV0xBFT59DmaI7oTFEg+1tcl3pR5EpOlS9XzvDEDjGhw2ivFQV3yfFpe+YCEO
83GMttVmDl/2gMDX3sLX6TzFFC2fux/9EaUAI3HRjoPDFSRfFrAwIGI+Rx7O3oGZ
wmubPI/CFrMqwQLFrJV50TVTVs1lBxEY0N3xV7YSDkZnqAh4Lb/t7WlFknMFISLF
Dg073BJ41mFCARLX1JXfCrWYaS+2//EfFPpV6IRZDknATwmqjRXG2hDQ7SCgifUp
0MphDVxjEqSymAaKUnf1wEvYtMOOfGlHrB2SzSVpuH6YHPIBso93DuH6Un/j+/MP
QIRfS1vUFG8DPA==
-----END CERTIFICATE-----