Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          VEvHyE14ZzzKWl8PzDBXYI2BXdal8hoB2Ou++CKTks0=
Subject key identifier:   2D:92:67:55:38:7A:D1:E9:88:FF:B3:7A:79:EC:A8:7A:1E:FA:93:C4
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       0196B0D77C29B8C84CB738AC1F10358C83BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          026A
Signing time:             Thu 08 May 2025 17:00:34 +0000
Manifest this update:     Thu 08 May 2025 17:00:34 +0000
Manifest next update:     Fri 09 May 2025 17:00:34 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: T0Qm+O7KZvU/WCvHG8umWO7eWK1m/FN8tSNklKQlXwg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b0:d7:7c:29:b8:c8:4c:b7:38:ac:1f:10:35:8c:83:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: May  8 17:00:34 2025 GMT
            Not After : May  9 17:00:34 2025 GMT
        Subject: CN=2d926755387ad1e988ffb37a79eca87a1efa93c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:bd:e2:5e:18:34:5d:bf:9b:6b:e5:05:1d:7f:
                    27:b3:b6:29:fe:86:88:d4:86:1e:c4:56:8a:a1:9d:
                    40:75:6d:4f:a7:d3:1d:a0:0e:05:dd:be:81:26:a3:
                    a0:4d:10:92:05:01:88:e5:71:fe:43:97:53:8c:c8:
                    08:38:0d:2a:f8:76:16:59:89:2b:f4:56:26:a5:44:
                    12:2d:87:1c:87:ca:5f:6d:4e:5a:b4:d8:9a:c7:0e:
                    44:05:e6:5c:e5:f7:e5:5e:b8:b8:3f:01:f0:93:15:
                    df:49:a2:8d:8f:ef:b6:f2:d8:0e:a1:1c:bf:3c:6d:
                    6e:99:8e:0a:3b:00:83:37:ea:c5:77:f3:95:8d:fa:
                    0a:99:5c:c5:d7:96:13:09:88:2b:e1:f1:48:9b:e5:
                    8f:b9:ea:16:76:e4:7e:3b:8d:b9:3b:4f:bc:71:44:
                    44:4e:a8:21:51:7a:a4:2d:13:66:b1:76:41:ac:09:
                    aa:e3:a7:5a:99:52:dc:10:d8:a9:b4:63:e6:05:61:
                    72:cb:79:1b:f2:d0:41:55:8b:95:8d:f7:0b:1c:21:
                    e3:eb:c4:61:e3:24:a0:ed:0d:cb:a0:b4:89:42:6e:
                    d9:8f:1a:be:56:12:9c:79:05:84:d0:53:de:10:2d:
                    88:4d:11:1a:e9:ed:59:e7:b6:80:02:53:61:cd:26:
                    18:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:92:67:55:38:7A:D1:E9:88:FF:B3:7A:79:EC:A8:7A:1E:FA:93:C4
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:d7:0d:c3:c0:a9:e1:c0:d6:24:74:42:63:ae:1b:9c:32:e4:
         1e:ff:53:dc:05:fd:38:2a:d4:9a:a2:c8:8d:11:f8:a6:39:21:
         6c:24:d3:c8:0e:ec:6b:a4:70:a9:a6:e3:42:bd:60:93:a4:9d:
         84:f8:f0:ef:4c:03:0d:ca:d0:16:80:45:ee:6f:ea:e5:bf:da:
         40:1d:49:d7:cd:a4:25:9d:c2:20:fa:9c:65:40:eb:3a:aa:83:
         5c:1e:07:ef:16:fc:ad:01:71:26:4c:a7:b8:3b:31:63:21:4a:
         d4:1a:7c:b9:49:4b:dc:67:09:ec:9f:fd:d5:4c:45:cf:c2:22:
         f2:7a:35:c9:c8:00:bb:18:94:e5:d0:f9:e2:31:94:58:77:a4:
         7a:c1:cd:48:86:a9:9e:3e:21:7e:72:b6:8c:3d:85:96:d5:f8:
         7d:5a:e6:df:24:65:f7:5e:e0:b0:cc:57:17:95:31:13:30:ef:
         12:a1:b1:59:13:43:8e:96:78:5b:98:14:39:7e:b6:62:45:9a:
         dd:fb:8a:31:b4:f2:bf:cd:e1:8b:30:6b:80:8a:5b:48:c0:ab:
         28:8c:66:1d:67:fe:b4:dc:bb:13:d0:f5:0f:6a:db:65:7e:37:
         7f:f1:42:3e:22:92:39:37:f9:c6:57:8f:0c:25:1a:62:19:8d:
         07:00:88:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaw13wpuMhMtzisHxA1jIO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwNTA4MTcwMDM0WhcNMjUwNTA5MTcwMDM0WjAzMTEwLwYDVQQD
EygyZDkyNjc1NTM4N2FkMWU5ODhmZmIzN2E3OWVjYTg3YTFlZmE5M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0r3iXhg0Xb+ba+UFHX8ns7Yp/oaI
1IYexFaKoZ1AdW1Pp9MdoA4F3b6BJqOgTRCSBQGI5XH+Q5dTjMgIOA0q+HYWWYkr
9FYmpUQSLYcch8pfbU5atNiaxw5EBeZc5fflXri4PwHwkxXfSaKNj++28tgOoRy/
PG1umY4KOwCDN+rFd/OVjfoKmVzF15YTCYgr4fFIm+WPueoWduR+O425O0+8cURE
TqghUXqkLRNmsXZBrAmq46damVLcENiptGPmBWFyy3kb8tBBVYuVjfcLHCHj68Rh
4ySg7Q3LoLSJQm7Zjxq+VhKceQWE0FPeEC2ITREa6e1Z57aAAlNhzSYYSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2SZ1U4etHpiP+zennsqHoe+pPEMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtcNw8Cp
4cDWJHRCY64bnDLkHv9T3AX9OCrUmqLIjRH4pjkhbCTTyA7sa6RwqabjQr1gk6Sd
hPjw70wDDcrQFoBF7m/q5b/aQB1J182kJZ3CIPqcZUDrOqqDXB4H7xb8rQFxJkyn
uDsxYyFK1Bp8uUlL3GcJ7J/91UxFz8Ii8no1ycgAuxiU5dD54jGUWHekesHNSIap
nj4hfnK2jD2FltX4fVrm3yRl917gsMxXF5UxEzDvEqGxWRNDjpZ4W5gUOX62YkWa
3fuKMbTyv83hizBrgIpbSMCrKIxmHWf+tNy7E9D1D2rbZX43f/FCPiKSOTf5xleP
DCUaYhmNBwCIDw==
-----END CERTIFICATE-----