Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          o6D2yDR9r+FofBmc9Or/NeIShwxN4D8BCT9IS7QSySo=
Subject key identifier:   DB:98:4C:BD:2C:E1:97:5D:EB:23:9E:2F:EB:AF:BA:2D:38:9B:84:77
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       0196CE3CD60BCBE1A276F835573E49CDBEB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          1100
Signing time:             Wed 14 May 2025 10:00:15 +0000
Manifest this update:     Wed 14 May 2025 10:00:15 +0000
Manifest next update:     Thu 15 May 2025 10:00:15 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: SEAp6soE2LF69P2ChOijiK30XiT1NcTpA0ZcmFPnbGk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 10:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:3c:d6:0b:cb:e1:a2:76:f8:35:57:3e:49:cd:be:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: May 14 10:00:15 2025 GMT
            Not After : May 15 10:00:15 2025 GMT
        Subject: CN=db984cbd2ce1975deb239e2febafba2d389b8477
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:2c:fa:93:69:48:5f:f8:8b:5f:5c:f8:33:3d:
                    62:2a:d7:f7:07:f7:17:fc:fd:9f:95:5d:7c:e9:18:
                    66:3f:ab:98:2c:23:07:ae:ad:76:da:62:27:b4:ba:
                    e1:55:ab:e7:6c:a2:1c:19:f5:2b:b3:6d:64:1f:cc:
                    d6:ba:fe:be:c7:3a:12:8e:bb:fc:56:1c:75:86:6d:
                    ae:2f:7e:5e:96:8f:58:12:12:cc:b0:e8:63:39:bf:
                    2f:ae:05:54:c3:0e:4e:61:86:f1:8a:38:81:a2:74:
                    0f:6f:94:42:99:33:8c:b2:05:49:14:ea:9c:37:21:
                    b1:b7:20:4e:f3:9c:d5:e5:2b:49:4e:8d:12:0d:77:
                    30:a7:3b:56:48:fb:d5:12:2e:00:00:1a:e9:e9:e2:
                    3b:fc:f1:08:f1:de:67:b5:01:ec:7d:4e:c6:e0:24:
                    dc:e7:ec:b4:9e:b8:50:94:12:5f:80:33:57:24:f5:
                    4a:e3:b4:fc:83:f3:2d:34:04:27:6a:04:2c:3d:75:
                    34:c4:0f:bd:23:ae:a7:9b:cb:14:15:1d:da:34:ca:
                    cd:a0:95:73:5c:18:82:9a:2e:02:c7:c4:55:82:dc:
                    66:55:d8:40:01:46:25:ba:aa:b3:79:58:1d:a5:f2:
                    26:93:9a:ca:b8:c8:90:41:88:8f:75:bb:e7:a1:7e:
                    91:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:98:4C:BD:2C:E1:97:5D:EB:23:9E:2F:EB:AF:BA:2D:38:9B:84:77
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:71:16:ad:00:52:94:16:46:50:e0:f5:b1:8f:ed:ee:48:b1:
         db:0d:9a:71:19:92:a6:ec:aa:93:26:fa:7c:23:4b:87:94:04:
         6f:bb:8f:3e:a3:c3:ec:8c:4d:e5:4d:a3:68:d3:b1:74:87:2e:
         7b:23:33:02:d1:a2:ed:30:32:bd:b9:7a:75:fa:a2:2a:cd:3e:
         4e:a9:d7:ed:b9:4d:2e:ee:b4:b2:dc:ed:c8:f0:c5:bf:f8:6e:
         26:b3:cb:c6:33:8a:7b:60:7b:af:22:4a:f4:fd:0f:a6:1e:a8:
         d5:8a:9d:a2:76:3f:17:0b:ca:e9:fa:9c:ef:27:a8:90:4c:c9:
         66:96:47:72:99:59:99:b9:78:4a:9f:ab:f0:9b:98:ce:c4:64:
         a3:e8:59:93:e6:d7:fe:17:93:9f:c4:cb:b0:39:4d:23:1a:6a:
         65:fa:7d:88:9f:04:6f:97:ba:53:76:9f:b9:c4:4a:46:5b:59:
         28:ed:fa:9f:4b:1a:75:40:1f:79:a2:5e:36:e0:04:a5:54:e1:
         85:eb:df:4f:1c:e9:5a:a1:80:ef:58:2f:02:3e:d8:c0:26:82:
         f4:a7:dc:52:07:6b:ee:36:b0:5d:d9:4e:be:9c:87:09:9e:fe:
         aa:d5:0f:12:e3:08:37:53:47:d3:4b:e3:6a:8e:79:6b:c2:3e:
         91:02:ff:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbOPNYLy+Gidvg1Vz5Jzb64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUwNTE0MTAwMDE1WhcNMjUwNTE1MTAwMDE1WjAzMTEwLwYDVQQD
EyhkYjk4NGNiZDJjZTE5NzVkZWIyMzllMmZlYmFmYmEyZDM4OWI4NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiz6k2lIX/iLX1z4Mz1iKtf3B/cX
/P2flV186RhmP6uYLCMHrq122mIntLrhVavnbKIcGfUrs21kH8zWuv6+xzoSjrv8
Vhx1hm2uL35elo9YEhLMsOhjOb8vrgVUww5OYYbxijiBonQPb5RCmTOMsgVJFOqc
NyGxtyBO85zV5StJTo0SDXcwpztWSPvVEi4AABrp6eI7/PEI8d5ntQHsfU7G4CTc
5+y0nrhQlBJfgDNXJPVK47T8g/MtNAQnagQsPXU0xA+9I66nm8sUFR3aNMrNoJVz
XBiCmi4Cx8RVgtxmVdhAAUYluqqzeVgdpfImk5rKuMiQQYiPdbvnoX6R/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuYTL0s4Zdd6yOeL+uvui04m4R3MB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnEWrQBS
lBZGUOD1sY/t7kix2w2acRmSpuyqkyb6fCNLh5QEb7uPPqPD7IxN5U2jaNOxdIcu
eyMzAtGi7TAyvbl6dfqiKs0+TqnX7blNLu60stztyPDFv/huJrPLxjOKe2B7ryJK
9P0Pph6o1YqdonY/FwvK6fqc7yeokEzJZpZHcplZmbl4Sp+r8JuYzsRko+hZk+bX
/heTn8TLsDlNIxpqZfp9iJ8Eb5e6U3afucRKRltZKO36n0sadUAfeaJeNuAEpVTh
hevfTxzpWqGA71gvAj7YwCaC9KfcUgdr7jawXdlOvpyHCZ7+qtUPEuMIN1NH00vj
ao55a8I+kQL/kA==
-----END CERTIFICATE-----