Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
File:                     BaQevhJyohyuDqGzXcCD-taKXX0.mft (raw, json)
Hash identifier:          I7VNQaxGLj0UtWpfFao4AbYwMEpvPzE//Ys/uagucPs=
Subject key identifier:   1E:33:CA:76:50:76:9D:AE:AC:3A:F8:D8:9F:68:80:C0:A1:AA:70:80
Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
Certificate issuer:       /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Certificate serial:       0196C729140C6DAA4822FB2D7D0A38F9E120
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
Manifest number:          1536
Signing time:             Tue 13 May 2025 01:01:20 +0000
Manifest this update:     Tue 13 May 2025 01:01:20 +0000
Manifest next update:     Wed 14 May 2025 01:01:20 +0000
Files and hashes:         1: BaQevhJyohyuDqGzXcCD-taKXX0.crl (hash: FLSyvKMkRlnYRtlTF4a0KT8WsNc0PQezQ2R56HVaDms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:29:14:0c:6d:aa:48:22:fb:2d:7d:0a:38:f9:e1:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
        Validity
            Not Before: May 13 01:01:20 2025 GMT
            Not After : May 14 01:01:20 2025 GMT
        Subject: CN=1e33ca7650769daeac3af8d89f6880c0a1aa7080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:01:f4:17:55:19:e2:13:e0:fb:b7:0c:a8:3a:
                    99:5e:19:c7:28:4e:50:56:86:64:6a:66:8b:aa:d4:
                    69:e4:69:98:32:86:5d:50:51:22:34:3c:12:4d:41:
                    55:56:ec:64:b5:80:ba:61:f3:d1:51:19:29:1b:05:
                    c8:c7:63:3d:32:91:50:08:f9:fa:0e:6d:51:a5:a2:
                    85:1a:d1:5e:cb:22:c2:67:37:a1:35:d0:af:82:9b:
                    5c:b0:79:f2:90:7a:71:ae:9d:16:72:3a:46:eb:10:
                    cc:86:05:a1:0a:f3:1b:dc:e1:d1:56:e5:90:2a:c7:
                    5e:ff:79:a2:fa:c0:a8:dd:4d:b8:05:51:c6:d3:bf:
                    c9:d2:32:f8:7a:81:04:a4:e9:29:50:d9:72:fe:7b:
                    44:b2:04:2f:66:b4:2c:0e:e4:3d:97:1c:d7:f8:f6:
                    d3:86:bc:8c:0a:0f:a3:da:46:62:b0:dd:39:c6:04:
                    6d:2c:d1:ad:5b:42:ae:84:fb:85:81:ec:e9:6f:be:
                    3c:54:25:bc:d2:85:7b:e6:71:1d:5b:08:de:c1:47:
                    71:a5:7b:b7:da:84:1b:33:46:74:43:ff:c9:bd:d8:
                    b9:9f:f1:bc:fb:dc:6d:94:d2:97:43:a2:03:e7:30:
                    29:61:6e:10:ea:88:55:95:25:b5:2e:6f:f4:21:bc:
                    d4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:33:CA:76:50:76:9D:AE:AC:3A:F8:D8:9F:68:80:C0:A1:AA:70:80
            X509v3 Authority Key Identifier:
                keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:3e:33:e7:d7:29:07:e1:86:9f:6d:ea:5e:03:f2:91:94:ee:
         26:6e:b8:32:f1:35:56:4e:e0:ec:9b:50:70:a5:fd:d3:13:e9:
         f9:89:21:44:20:4a:6b:d6:c3:a7:6d:19:a4:f0:15:5f:f6:5d:
         40:3a:9f:fc:fd:38:35:37:22:d5:bb:2a:a4:d0:6e:f6:f8:e6:
         b4:b3:44:c4:9a:18:da:a9:32:ca:1a:d0:09:24:35:0f:4e:d7:
         46:f3:77:3c:9a:27:b4:a4:c3:d2:82:fe:ec:85:07:4d:a9:92:
         6b:e0:0b:a1:21:09:7e:40:db:e7:0d:cb:ac:e5:60:bd:24:00:
         61:a4:34:82:b0:df:e5:55:62:6d:8a:5c:da:52:9a:fd:67:64:
         ca:59:4e:88:49:c5:bd:58:3f:d5:9d:df:06:5e:69:e9:ba:04:
         0c:c2:6f:85:27:f1:5b:41:10:db:4e:cf:25:eb:a3:f5:72:45:
         e4:2c:ea:18:e0:e9:71:99:0b:6b:8a:4c:26:7c:30:aa:7b:e7:
         cc:3a:2e:3c:bd:a2:25:9c:b2:1b:3e:c1:7c:98:b2:6b:54:bf:
         79:ef:48:2d:95:0b:c0:4f:a3:d2:99:9e:21:dd:d0:66:60:d7:
         47:ea:23:98:25:b4:07:ba:4c:14:e8:84:d9:a5:5d:8c:04:b1:
         25:0f:cb:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKRQMbapIIvstfQo4+eEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4
YTVkN2QwHhcNMjUwNTEzMDEwMTIwWhcNMjUwNTE0MDEwMTIwWjAzMTEwLwYDVQQD
EygxZTMzY2E3NjUwNzY5ZGFlYWMzYWY4ZDg5ZjY4ODBjMGExYWE3MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAH0F1UZ4hPg+7cMqDqZXhnHKE5Q
VoZkamaLqtRp5GmYMoZdUFEiNDwSTUFVVuxktYC6YfPRURkpGwXIx2M9MpFQCPn6
Dm1RpaKFGtFeyyLCZzehNdCvgptcsHnykHpxrp0WcjpG6xDMhgWhCvMb3OHRVuWQ
Ksde/3mi+sCo3U24BVHG07/J0jL4eoEEpOkpUNly/ntEsgQvZrQsDuQ9lxzX+PbT
hryMCg+j2kZisN05xgRtLNGtW0KuhPuFgezpb748VCW80oV75nEdWwjewUdxpXu3
2oQbM0Z0Q//Jvdi5n/G8+9xtlNKXQ6ID5zApYW4Q6ohVlSW1Lm/0IbzUowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4zynZQdp2urDr42J9ogMChqnCAMB8GA1UdIwQY
MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt
MTY3ODMxNjEzMTQ1LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1
LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADj4z59cp
B+GGn23qXgPykZTuJm64MvE1Vk7g7JtQcKX90xPp+YkhRCBKa9bDp20ZpPAVX/Zd
QDqf/P04NTci1bsqpNBu9vjmtLNExJoY2qkyyhrQCSQ1D07XRvN3PJontKTD0oL+
7IUHTamSa+ALoSEJfkDb5w3LrOVgvSQAYaQ0grDf5VVibYpc2lKa/WdkyllOiEnF
vVg/1Z3fBl5p6boEDMJvhSfxW0EQ207PJeuj9XJF5CzqGODpcZkLa4pMJnwwqnvn
zDouPL2iJZyyGz7BfJiya1S/ee9ILZULwE+j0pmeId3QZmDXR+ojmCW0B7pMFOiE
2aVdjASxJQ/LrA==
-----END CERTIFICATE-----