Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.mft
File:                     b0dz8kDNYmnCUbZRcKp-KYroxB8.mft (raw, json)
Hash identifier:          hM4xYoNVI+UJJlE2vwwb5vBuptneT443eI+iFclHOpY=
Subject key identifier:   3A:DA:C8:26:22:A3:6D:5B:3B:D6:C0:B7:F3:FA:C8:68:B5:EE:AA:2D
Authority key identifier: 6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
Certificate issuer:       /CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Certificate serial:       0196C15D30CCB08E1462AB9BA856F63E9202
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.mft
Manifest number:          0A10
Signing time:             Sun 11 May 2025 22:00:31 +0000
Manifest this update:     Sun 11 May 2025 22:00:31 +0000
Manifest next update:     Mon 12 May 2025 22:00:31 +0000
Files and hashes:         1: b0dz8kDNYmnCUbZRcKp-KYroxB8.crl (hash: rA/domgf3MTJUTCJcvVn44u+JkA4imNcebHCzLzNgvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:30:cc:b0:8e:14:62:ab:9b:a8:56:f6:3e:92:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
        Validity
            Not Before: May 11 22:00:31 2025 GMT
            Not After : May 12 22:00:31 2025 GMT
        Subject: CN=3adac82622a36d5b3bd6c0b7f3fac868b5eeaa2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:36:63:2b:9f:df:03:4f:a6:3c:ab:2b:38:a5:
                    9a:39:18:8d:fd:e8:bc:6d:03:f5:f3:48:da:3d:8e:
                    39:8d:89:e5:3e:8d:7c:9b:f5:1a:26:91:d2:71:f4:
                    f5:56:d4:85:f2:d4:b2:89:24:dc:37:ae:39:24:1e:
                    a4:28:d9:bc:ef:0d:e3:1f:0d:0a:89:c9:36:cc:7d:
                    04:a0:e1:6d:2b:3b:01:ab:5d:d3:6f:23:96:81:89:
                    a3:06:c9:c9:6e:61:f4:a2:60:20:12:3f:c3:04:81:
                    82:d4:dc:8e:26:68:20:fe:78:c1:05:0f:78:7e:1e:
                    d0:96:a5:78:5c:b6:85:67:10:b1:39:83:e1:7b:90:
                    bf:5c:15:85:8a:b2:43:9b:27:8c:b9:d9:f1:ba:42:
                    db:55:ea:c3:b5:3b:c9:87:6a:76:3c:2d:75:a1:7b:
                    2a:e7:ba:2a:15:56:a7:a4:ba:48:7c:5b:c2:cb:15:
                    55:1d:94:31:e1:df:51:e1:02:94:a4:f7:68:38:58:
                    cb:9e:f4:75:14:5d:7c:f3:d3:b8:90:4c:da:62:01:
                    5a:1a:fe:4a:2e:79:3b:e2:64:37:d5:6b:e3:d8:85:
                    67:9c:fa:e7:27:d5:4f:47:c8:b8:ff:e2:0c:5b:38:
                    e1:51:7f:c1:86:76:09:a2:65:5d:44:42:a9:f8:ae:
                    c3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:DA:C8:26:22:A3:6D:5B:3B:D6:C0:B7:F3:FA:C8:68:B5:EE:AA:2D
            X509v3 Authority Key Identifier:
                keyid:6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:2b:5b:2d:30:51:6d:a4:fd:35:45:c7:21:18:1f:1f:d6:c4:
         26:3f:36:bc:07:9d:fc:16:81:ed:5a:ae:8b:72:98:23:63:43:
         a3:f8:0e:b0:57:6c:b1:b9:aa:c8:a9:65:f9:bf:08:83:ce:89:
         6d:59:36:3a:69:05:ae:82:3d:92:9f:e5:2a:94:ce:89:13:77:
         21:86:23:54:c2:8a:0e:c0:4b:4a:34:3e:2e:cc:f8:22:fb:3c:
         c3:d2:49:7e:db:5c:b4:46:0f:33:a2:92:0a:2f:5b:64:1b:33:
         90:45:7c:fb:e0:67:42:a4:8e:dd:e4:00:12:42:45:7d:89:f2:
         5a:8c:26:0b:1c:91:14:68:9e:bb:30:e2:07:f2:5a:f8:94:3c:
         fe:43:c6:da:f1:51:5e:c0:78:4d:f6:5b:d7:6d:3b:a2:8d:5c:
         28:7b:6c:9e:42:f2:b5:da:60:a0:7a:15:cd:54:8e:2f:5c:a9:
         f2:39:e3:73:fd:eb:92:9c:01:4a:bb:99:dc:87:07:ac:97:06:
         6d:65:ab:67:56:af:6f:43:e2:5c:e5:c2:7b:7f:35:15:00:d4:
         b3:4c:43:a6:d9:7e:22:a1:d8:4e:8a:0d:2c:6e:42:4d:62:c9:
         cf:4f:bf:e3:78:de:cb:bc:37:11:3a:da:5e:d1:2a:00:b1:ca:
         bb:eb:83:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXTDMsI4UYqubqFb2PpICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDc3M2YyNDBjZDYyNjljMjUxYjY1MTcwYWE3ZTI5OGFl
OGM0MWYwHhcNMjUwNTExMjIwMDMxWhcNMjUwNTEyMjIwMDMxWjAzMTEwLwYDVQQD
EygzYWRhYzgyNjIyYTM2ZDViM2JkNmMwYjdmM2ZhYzg2OGI1ZWVhYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjZjK5/fA0+mPKsrOKWaORiN/ei8
bQP180jaPY45jYnlPo18m/UaJpHScfT1VtSF8tSyiSTcN645JB6kKNm87w3jHw0K
ick2zH0EoOFtKzsBq13TbyOWgYmjBsnJbmH0omAgEj/DBIGC1NyOJmgg/njBBQ94
fh7QlqV4XLaFZxCxOYPhe5C/XBWFirJDmyeMudnxukLbVerDtTvJh2p2PC11oXsq
57oqFVanpLpIfFvCyxVVHZQx4d9R4QKUpPdoOFjLnvR1FF1889O4kEzaYgFaGv5K
Lnk74mQ31Wvj2IVnnPrnJ9VPR8i4/+IMWzjhUX/BhnYJomVdREKp+K7DXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrayCYio21bO9bAt/P6yGi17qotMB8GA1UdIwQY
MBaAFG9Hc/JAzWJpwlG2UXCqfimK6MQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMt
NzY5Y2Q3ZGNjOTM4LzEvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMtNzY5Y2Q3ZGNjOTM4
LzEvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgStbLTBR
baT9NUXHIRgfH9bEJj82vAed/BaB7Vqui3KYI2NDo/gOsFdssbmqyKll+b8Ig86J
bVk2OmkFroI9kp/lKpTOiRN3IYYjVMKKDsBLSjQ+Lsz4Ivs8w9JJfttctEYPM6KS
Ci9bZBszkEV8++BnQqSO3eQAEkJFfYnyWowmCxyRFGieuzDiB/Ja+JQ8/kPG2vFR
XsB4TfZb1207oo1cKHtsnkLytdpgoHoVzVSOL1yp8jnjc/3rkpwBSruZ3IcHrJcG
bWWrZ1avb0PiXOXCe381FQDUs0xDptl+IqHYTooNLG5CTWLJz0+/43jey7w3ETra
XtEqALHKu+uDng==
-----END CERTIFICATE-----