Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          5g9RoQedjbLFzDkodpiSgPysLfDafyWJr+Z0McE3x8g=
Subject key identifier:   9D:10:74:7C:95:FE:C1:1A:1B:33:94:6F:BC:56:52:D3:3C:7F:A6:B6
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       0196B9A4849CD964290150C243A046D2F92A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          14C1
Signing time:             Sat 10 May 2025 10:01:28 +0000
Manifest this update:     Sat 10 May 2025 10:01:28 +0000
Manifest next update:     Sun 11 May 2025 10:01:28 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: YX0ymbO0vBn7NgrmljKyYfNKUcOHsjA+9/i+syl1rLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a4:84:9c:d9:64:29:01:50:c2:43:a0:46:d2:f9:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: May 10 10:01:28 2025 GMT
            Not After : May 11 10:01:28 2025 GMT
        Subject: CN=9d10747c95fec11a1b33946fbc5652d33c7fa6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c5:8c:96:dc:3e:73:c0:eb:0b:f0:65:f0:68:
                    8a:a5:fc:1f:32:73:68:78:6b:0d:84:bb:bb:81:ef:
                    67:51:30:98:50:a2:02:f1:84:c6:05:49:d4:01:ac:
                    38:28:18:e8:ac:df:cc:2f:cd:3c:6a:fb:93:61:f8:
                    51:44:f5:16:8a:4b:b9:51:e1:28:01:61:3c:4f:a3:
                    9c:9f:75:78:3f:9f:75:5a:85:3d:95:82:6b:eb:90:
                    62:14:84:a0:7d:8e:2d:12:e5:2f:e4:c3:5d:55:ca:
                    0d:9e:a9:cf:ee:54:9f:55:53:8b:93:50:b5:a2:7c:
                    96:8a:06:c7:bb:da:21:41:61:9b:7f:95:b7:43:3a:
                    33:9f:11:4d:0f:72:1c:2e:cf:de:1b:5f:cf:16:11:
                    d2:83:4c:f6:07:44:ff:1e:ff:64:92:75:62:d5:2c:
                    8c:83:bc:67:43:09:c7:b7:e3:98:14:25:88:32:cd:
                    96:69:ed:6a:b8:8f:e6:c1:ac:85:1e:3a:93:0b:0f:
                    4f:b7:56:85:36:65:30:df:cc:c2:52:8b:e6:6d:4c:
                    f7:29:28:df:41:5b:7a:98:cf:b8:82:4c:60:da:6f:
                    ee:06:a1:87:0e:ca:26:80:43:78:d3:1c:e7:37:51:
                    91:33:b1:94:1c:8f:f1:90:17:52:c8:fc:2b:7d:b2:
                    24:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:10:74:7C:95:FE:C1:1A:1B:33:94:6F:BC:56:52:D3:3C:7F:A6:B6
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:0f:18:67:3c:87:80:f9:fd:54:e8:74:77:a6:76:a7:db:3e:
         e5:49:2d:f1:cd:4c:d5:24:ca:c1:59:79:36:57:85:25:f7:67:
         31:53:aa:f8:55:f2:fc:1c:ff:e3:f6:b4:a5:1b:2b:29:80:f8:
         7f:eb:23:94:91:74:91:00:08:5c:bd:9f:1c:4f:ab:6a:14:f6:
         59:42:d8:9e:b0:51:78:3b:be:10:14:14:2c:ee:f1:95:b4:58:
         ba:5b:e6:44:8f:97:37:8d:4e:5b:93:bd:84:6f:6a:e5:02:65:
         65:f7:b9:12:b9:1d:d5:2b:19:a9:d4:99:44:de:48:4c:12:4d:
         1f:f2:36:c6:88:02:1d:f2:8d:84:75:c8:c9:eb:c1:fa:9b:71:
         3b:bb:e8:70:22:5b:3b:93:e2:58:b3:96:d7:6a:de:5e:31:fa:
         51:91:d5:1a:26:b3:af:69:8a:f6:94:9f:86:34:ca:7c:a9:0d:
         bb:c3:cc:6d:49:8d:ea:b4:8e:fb:6e:85:c3:40:a6:81:9a:ab:
         b0:35:ba:40:27:c3:d1:dd:34:6f:63:e9:2e:58:b9:0b:0f:13:
         aa:24:5b:c2:01:42:a5:2b:66:8a:48:8c:fc:c2:3e:e6:dd:9f:
         da:f1:aa:8c:5d:66:c7:51:cc:44:1c:68:31:62:86:54:c5:1c:
         c5:3f:ee:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5pISc2WQpAVDCQ6BG0vkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwNTEwMTAwMTI4WhcNMjUwNTExMTAwMTI4WjAzMTEwLwYDVQQD
Eyg5ZDEwNzQ3Yzk1ZmVjMTFhMWIzMzk0NmZiYzU2NTJkMzNjN2ZhNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsWMltw+c8DrC/Bl8GiKpfwfMnNo
eGsNhLu7ge9nUTCYUKIC8YTGBUnUAaw4KBjorN/ML808avuTYfhRRPUWiku5UeEo
AWE8T6Ocn3V4P591WoU9lYJr65BiFISgfY4tEuUv5MNdVcoNnqnP7lSfVVOLk1C1
onyWigbHu9ohQWGbf5W3QzoznxFND3IcLs/eG1/PFhHSg0z2B0T/Hv9kknVi1SyM
g7xnQwnHt+OYFCWIMs2Wae1quI/mwayFHjqTCw9Pt1aFNmUw38zCUovmbUz3KSjf
QVt6mM+4gkxg2m/uBqGHDsomgEN40xznN1GRM7GUHI/xkBdSyPwrfbIkxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0QdHyV/sEaGzOUb7xWUtM8f6a2MB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQ8YZzyH
gPn9VOh0d6Z2p9s+5Ukt8c1M1STKwVl5NleFJfdnMVOq+FXy/Bz/4/a0pRsrKYD4
f+sjlJF0kQAIXL2fHE+rahT2WULYnrBReDu+EBQULO7xlbRYulvmRI+XN41OW5O9
hG9q5QJlZfe5Erkd1SsZqdSZRN5ITBJNH/I2xogCHfKNhHXIyevB+ptxO7vocCJb
O5PiWLOW12reXjH6UZHVGiazr2mK9pSfhjTKfKkNu8PMbUmN6rSO+26Fw0CmgZqr
sDW6QCfD0d00b2PpLli5Cw8TqiRbwgFCpStmikiM/MI+5t2f2vGqjF1mx1HMRBxo
MWKGVMUcxT/uIA==
-----END CERTIFICATE-----