Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
File:                     a_CO0PpuGTufOlC_cmtB0MMpspc.mft (raw, json)
Hash identifier:          gX3d1oxOgCuO7pcKDF53d99SetzKKp1w6m5col+PpCc=
Subject key identifier:   5E:F0:21:DB:2A:B5:F5:F9:1B:54:24:C7:F5:41:E4:96:F1:F4:05:8C
Authority key identifier: 6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97
Certificate issuer:       /CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
Certificate serial:       0196B935A0C4B739A9C2FD8E37645A47F1AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
Manifest number:          0121
Signing time:             Sat 10 May 2025 08:00:21 +0000
Manifest this update:     Sat 10 May 2025 08:00:21 +0000
Manifest next update:     Sun 11 May 2025 08:00:21 +0000
Files and hashes:         1: a_CO0PpuGTufOlC_cmtB0MMpspc.crl (hash: ZMU2yy5rvpLrVQFC7bBzly6ncJoUDFvqNRXsfy98M/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:35:a0:c4:b7:39:a9:c2:fd:8e:37:64:5a:47:f1:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
        Validity
            Not Before: May 10 08:00:21 2025 GMT
            Not After : May 11 08:00:21 2025 GMT
        Subject: CN=5ef021db2ab5f5f91b5424c7f541e496f1f4058c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:6e:dc:6f:81:19:e6:9a:5f:38:e5:85:b7:d9:
                    bb:ee:c7:03:0b:66:bd:fe:3c:d6:16:a8:ed:d4:3c:
                    a4:24:26:4d:69:41:70:e3:a0:58:14:4e:48:62:1e:
                    bc:b6:c7:77:d9:fa:34:5b:ad:05:cf:29:37:8c:32:
                    1f:7f:81:35:a9:27:93:2e:74:32:8e:01:c6:29:6c:
                    da:80:21:a6:59:6e:20:34:51:ac:24:35:2c:5a:d6:
                    5e:04:1e:63:61:22:da:f0:06:53:f0:02:83:64:6c:
                    ab:48:77:32:23:18:da:b0:35:7a:f0:c2:e2:05:40:
                    f3:60:24:b8:16:9e:31:05:5e:5e:1d:ce:c1:2e:c5:
                    13:4c:07:b0:f2:49:cd:56:a4:9f:3c:0f:0e:cc:3b:
                    78:fe:f0:f2:0a:28:72:b7:7f:cb:27:0a:d5:07:21:
                    cd:20:94:af:23:8a:ae:51:e9:c9:f0:2c:aa:f2:bb:
                    b7:a5:c8:13:66:ba:2f:1d:31:33:95:24:5f:3f:88:
                    48:c9:16:06:08:76:8f:df:6c:a8:11:7b:d0:07:3f:
                    ab:0c:0e:93:bd:fe:91:c8:da:49:c3:e0:a4:69:3d:
                    40:28:a9:77:0f:1b:3c:01:a3:15:6b:9f:f1:57:ad:
                    3e:ff:95:80:4c:3a:94:3c:35:2b:a2:aa:51:7b:e3:
                    bb:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F0:21:DB:2A:B5:F5:F9:1B:54:24:C7:F5:41:E4:96:F1:F4:05:8C
            X509v3 Authority Key Identifier:
                keyid:6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:bb:4b:73:09:9d:8f:c6:ed:12:3b:63:54:07:f7:92:71:b1:
         fa:5f:e2:35:cb:8e:4b:07:e3:5a:7b:dc:f9:3a:47:37:89:89:
         ef:29:b1:f3:ec:d5:80:34:d5:38:1a:74:26:9b:fa:87:54:94:
         76:94:46:a5:e8:52:88:88:1b:d1:a5:03:05:58:4e:43:59:f0:
         f0:6c:24:1e:75:1d:b4:d1:3f:09:8b:86:80:1d:cb:21:84:71:
         82:af:55:0a:fe:5d:7a:6a:fa:b6:8b:83:d6:7f:cf:c5:a5:fa:
         df:77:77:e0:d9:34:da:1b:85:01:f1:69:22:b3:ee:80:82:51:
         d0:b5:cf:22:95:e0:5a:59:b0:3a:95:87:b0:92:de:1d:2c:3b:
         34:be:7c:17:ba:ff:3d:3b:71:c7:62:9a:97:ec:2a:59:0e:20:
         5c:ec:73:d1:20:e5:25:b0:16:3b:cc:1c:99:c1:e6:3d:90:24:
         c8:a8:41:6f:4f:29:8a:13:dd:7a:c7:c7:7b:fd:b7:30:a2:61:
         14:8b:c0:19:ec:6b:88:be:94:5e:40:c0:fd:78:f6:4d:f6:15:
         36:e3:9b:bd:0e:26:61:4e:17:fb:03:43:00:b5:e3:55:ec:ae:
         ef:c3:2d:cb:23:fa:27:6e:13:7a:4c:81:a1:be:e8:9a:e9:9b:
         ca:3b:75:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5NaDEtzmpwv2ON2RaR/GrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZjA4ZWQwZmE2ZTE5M2I5ZjNhNTBiZjcyNmI0MWQwYzMy
OWIyOTcwHhcNMjUwNTEwMDgwMDIxWhcNMjUwNTExMDgwMDIxWjAzMTEwLwYDVQQD
Eyg1ZWYwMjFkYjJhYjVmNWY5MWI1NDI0YzdmNTQxZTQ5NmYxZjQwNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+W7cb4EZ5ppfOOWFt9m77scDC2a9
/jzWFqjt1DykJCZNaUFw46BYFE5IYh68tsd32fo0W60Fzyk3jDIff4E1qSeTLnQy
jgHGKWzagCGmWW4gNFGsJDUsWtZeBB5jYSLa8AZT8AKDZGyrSHcyIxjasDV68MLi
BUDzYCS4Fp4xBV5eHc7BLsUTTAew8knNVqSfPA8OzDt4/vDyCihyt3/LJwrVByHN
IJSvI4quUenJ8Cyq8ru3pcgTZrovHTEzlSRfP4hIyRYGCHaP32yoEXvQBz+rDA6T
vf6RyNpJw+CkaT1AKKl3Dxs8AaMVa5/xV60+/5WATDqUPDUroqpRe+O7KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7wIdsqtfX5G1Qkx/VB5Jbx9AWMMB8GA1UdIwQY
MBaAFGvwjtD6bhk7nzpQv3JrQdDDKbKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUt
M2Q0MjA1ZjVlMmQzLzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUtM2Q0MjA1ZjVlMmQz
LzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrtLcwmd
j8btEjtjVAf3knGx+l/iNcuOSwfjWnvc+TpHN4mJ7ymx8+zVgDTVOBp0Jpv6h1SU
dpRGpehSiIgb0aUDBVhOQ1nw8GwkHnUdtNE/CYuGgB3LIYRxgq9VCv5demr6touD
1n/PxaX633d34Nk02huFAfFpIrPugIJR0LXPIpXgWlmwOpWHsJLeHSw7NL58F7r/
PTtxx2Kal+wqWQ4gXOxz0SDlJbAWO8wcmcHmPZAkyKhBb08pihPdesfHe/23MKJh
FIvAGexriL6UXkDA/Xj2TfYVNuObvQ4mYU4X+wNDALXjVeyu78MtyyP6J24TekyB
ob7omumbyjt1Ew==
-----END CERTIFICATE-----