Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          CER72BFkP/6BLkOsFkXT/jBrHTJAmWT5b53xsFtPD5g=
Subject key identifier:   CD:BE:4B:56:63:D7:9E:50:17:BE:87:5C:EE:34:97:C7:08:C7:2F:CF
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       0196B82338EAB36F9DF8CC922DA9C96DCD94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          045B
Signing time:             Sat 10 May 2025 03:00:38 +0000
Manifest this update:     Sat 10 May 2025 03:00:38 +0000
Manifest next update:     Sun 11 May 2025 03:00:38 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: KMyJkgs4KlIOBrhDb7BANqnAyZqIxCIeXCjxdKL0+CA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:23:38:ea:b3:6f:9d:f8:cc:92:2d:a9:c9:6d:cd:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: May 10 03:00:38 2025 GMT
            Not After : May 11 03:00:38 2025 GMT
        Subject: CN=cdbe4b5663d79e5017be875cee3497c708c72fcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:54:96:19:e7:9c:cf:44:43:d5:ba:53:65:58:
                    f8:cc:5f:d8:89:2b:1d:65:14:09:62:0a:6b:5c:ab:
                    e7:7c:4a:c9:9d:60:76:d7:a0:e2:82:74:34:2a:c6:
                    7a:65:2c:4b:c2:87:7c:9d:bf:8c:f7:1d:47:09:8c:
                    3c:00:24:08:fa:6e:33:49:98:7a:af:c0:5c:54:dc:
                    92:46:71:6e:1c:cb:0f:20:86:27:d8:e5:b7:6d:87:
                    ee:0b:88:b9:e8:6e:8e:64:c3:b8:58:d0:fd:4b:fc:
                    01:1b:1b:dd:b5:fc:b1:7b:86:f3:1c:73:a1:52:49:
                    c9:b9:e8:ab:54:1e:bf:b7:e4:08:b9:2a:c8:0e:05:
                    53:af:ba:7c:bf:0b:43:fd:ad:b1:4d:e1:2f:99:c8:
                    e4:36:31:f1:76:5e:8d:a8:f6:7c:ce:17:47:73:64:
                    ab:7b:07:4e:8c:57:0d:c8:44:ec:e0:db:8d:bf:03:
                    5c:8f:53:27:a1:7d:97:9e:27:96:11:a6:3f:7a:7c:
                    b0:c6:c5:8c:76:44:f1:f2:0f:fa:c4:8f:83:dc:51:
                    09:31:c4:16:80:a1:27:63:1b:2f:3e:77:9b:4b:c7:
                    a4:99:1d:60:ed:cc:5c:5a:c5:5b:b6:77:4f:e3:c2:
                    92:fc:38:78:bb:7e:28:c8:1c:4b:62:1c:44:ad:15:
                    95:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:BE:4B:56:63:D7:9E:50:17:BE:87:5C:EE:34:97:C7:08:C7:2F:CF
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:11:a8:9f:49:54:62:ad:f9:ec:55:64:6c:40:63:4f:67:12:
         5d:d0:ef:4e:5b:9b:ad:8e:36:52:5e:75:20:c7:f7:69:b2:16:
         56:cc:45:6b:81:21:e1:9c:5e:b4:22:40:18:09:3c:dd:c5:40:
         b8:ed:62:f6:1a:43:38:e3:bb:68:09:46:f6:7f:68:11:6c:ba:
         fe:02:b1:9f:2d:ac:67:66:79:70:8b:43:6c:16:0f:46:c6:11:
         24:3c:a7:c1:3e:3e:8e:22:4c:8e:11:bf:8f:48:8f:88:2b:fb:
         d3:c9:b1:fc:15:2c:53:82:08:77:38:ee:45:36:9c:ec:2e:b5:
         6f:3c:93:b8:68:9b:9c:38:bd:25:eb:49:81:3f:15:84:5f:4d:
         42:8e:13:a3:73:47:c1:30:df:9d:3b:32:0a:a9:55:38:60:32:
         69:16:39:34:d6:58:04:c6:c7:9a:0c:51:ab:29:9c:5b:4b:d4:
         e7:95:74:58:9d:ed:4c:35:aa:c7:e2:a5:94:06:0f:9a:39:af:
         8e:40:d6:12:57:3e:32:26:94:62:45:18:e2:f7:b3:df:9d:bf:
         71:9f:7a:68:a2:26:7e:18:6d:5c:a5:b8:53:e3:aa:68:e6:7f:
         ac:00:93:75:74:99:b1:2b:18:07:11:e3:58:27:09:ac:86:f0:
         8e:ef:3b:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4Izjqs2+d+MySLanJbc2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwNTEwMDMwMDM4WhcNMjUwNTExMDMwMDM4WjAzMTEwLwYDVQQD
EyhjZGJlNGI1NjYzZDc5ZTUwMTdiZTg3NWNlZTM0OTdjNzA4YzcyZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVSWGeecz0RD1bpTZVj4zF/YiSsd
ZRQJYgprXKvnfErJnWB216DignQ0KsZ6ZSxLwod8nb+M9x1HCYw8ACQI+m4zSZh6
r8BcVNySRnFuHMsPIIYn2OW3bYfuC4i56G6OZMO4WND9S/wBGxvdtfyxe4bzHHOh
UknJueirVB6/t+QIuSrIDgVTr7p8vwtD/a2xTeEvmcjkNjHxdl6NqPZ8zhdHc2Sr
ewdOjFcNyETs4NuNvwNcj1MnoX2XnieWEaY/enywxsWMdkTx8g/6xI+D3FEJMcQW
gKEnYxsvPnebS8ekmR1g7cxcWsVbtndP48KS/Dh4u34oyBxLYhxErRWVnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2+S1Zj155QF76HXO40l8cIxy/PMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIBGon0lU
Yq357FVkbEBjT2cSXdDvTlubrY42Ul51IMf3abIWVsxFa4Eh4ZxetCJAGAk83cVA
uO1i9hpDOOO7aAlG9n9oEWy6/gKxny2sZ2Z5cItDbBYPRsYRJDynwT4+jiJMjhG/
j0iPiCv708mx/BUsU4IIdzjuRTac7C61bzyTuGibnDi9JetJgT8VhF9NQo4To3NH
wTDfnTsyCqlVOGAyaRY5NNZYBMbHmgxRqymcW0vU55V0WJ3tTDWqx+KllAYPmjmv
jkDWElc+MiaUYkUY4vez352/cZ96aKImfhhtXKW4U+OqaOZ/rACTdXSZsSsYBxHj
WCcJrIbwju87Pw==
-----END CERTIFICATE-----