Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          6hABkj+4yrmdY3xU2fs5GADEwV5wZtj/1g8EFjT+2vM=
Subject key identifier:   93:68:9D:2F:FE:16:90:4F:81:37:03:87:5F:BE:F5:B0:F8:75:7B:F6
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       0196D889813ED8D9233F94D0C2EC09C2C6BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          1540
Signing time:             Fri 16 May 2025 10:00:12 +0000
Manifest this update:     Fri 16 May 2025 10:00:12 +0000
Manifest next update:     Sat 17 May 2025 10:00:12 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: wSB/cNUqsNKrxu80Y5A6suMAFc53XmPGykGi2LXm6Vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d8:89:81:3e:d8:d9:23:3f:94:d0:c2:ec:09:c2:c6:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: May 16 10:00:12 2025 GMT
            Not After : May 17 10:00:12 2025 GMT
        Subject: CN=93689d2ffe16904f813703875fbef5b0f8757bf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:32:7b:84:7e:f0:c3:15:f7:58:2d:06:e0:58:
                    60:39:a5:de:39:78:1a:88:d1:c6:36:5f:c8:52:8b:
                    96:4c:23:8b:31:31:91:29:67:c3:44:0c:91:e1:7a:
                    37:d1:fa:4d:11:35:82:4e:39:6a:c6:38:e2:6c:c4:
                    1c:02:08:c2:60:c0:48:76:b2:3b:78:c5:51:d0:c3:
                    82:47:3a:be:70:07:ea:ba:32:f7:3e:ea:c9:76:bc:
                    0f:c5:0d:67:7e:96:b2:f6:bd:bd:67:ac:2f:1d:bc:
                    4d:e7:ae:91:33:3f:ec:47:75:96:66:93:5e:fe:f2:
                    88:8c:96:7b:26:f2:0f:20:b9:75:f8:8c:1a:e9:35:
                    45:e2:60:79:ae:3a:a5:6c:00:bc:db:3e:9e:2d:c6:
                    f3:1f:e2:e4:ac:0a:7a:1c:5b:5a:66:ea:d3:04:12:
                    6f:ae:f5:22:3d:b9:02:a7:2d:de:b1:9e:ad:58:38:
                    30:54:40:27:05:40:a2:6b:fe:0d:68:b1:87:9f:0e:
                    02:51:ff:77:bb:60:0f:e7:73:cf:bf:f2:a1:d9:3d:
                    40:c6:ea:c8:74:58:02:19:6a:23:7e:66:c5:42:21:
                    ef:33:a0:96:76:2f:a2:9c:d9:fd:66:1b:82:a5:1d:
                    fd:8f:1a:55:89:5f:e2:eb:18:8a:ef:3a:de:ff:07:
                    ae:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:68:9D:2F:FE:16:90:4F:81:37:03:87:5F:BE:F5:B0:F8:75:7B:F6
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:44:ce:36:e5:44:2c:4f:60:10:4b:11:c0:64:d7:18:e5:b7:
         3c:7f:41:8b:ec:38:34:a2:f1:04:a0:f1:4e:8a:48:d2:1b:00:
         30:3a:18:8f:8a:64:84:60:ef:b6:b0:f2:58:37:d5:9e:1c:9f:
         9c:a0:cc:e0:79:e0:aa:aa:49:34:f7:80:5b:c7:32:e8:62:99:
         2b:cc:00:f0:6a:a3:18:90:20:31:ba:9b:09:d6:72:00:f0:a0:
         61:f3:14:e2:2d:2f:69:10:38:a3:71:91:6a:ee:39:a9:c5:e0:
         17:fb:34:7c:1a:28:81:c9:6a:7b:79:8e:44:f8:91:c4:3e:10:
         6f:91:53:81:b6:51:67:e3:d5:42:75:f3:bc:60:53:6e:74:25:
         9d:8e:92:93:82:70:da:27:d8:cb:5a:6a:25:0b:3a:69:a8:6b:
         0b:f4:37:72:31:ba:d4:3c:3b:de:3d:72:01:2b:f5:0d:9a:ec:
         c7:89:ce:59:3b:8a:9f:26:52:86:fe:70:c6:00:15:8d:87:8f:
         27:2a:e9:ad:60:71:db:94:a0:1a:fc:0d:9f:1f:49:91:69:f4:
         d5:87:e7:7d:35:18:62:0b:a9:22:e3:45:f6:25:14:31:fb:87:
         91:f5:17:11:1e:6f:c0:2f:e1:00:ee:0e:c3:8d:ac:a5:b5:b3:
         bc:c5:3e:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbYiYE+2NkjP5TQwuwJwsa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwNTE2MTAwMDEyWhcNMjUwNTE3MTAwMDEyWjAzMTEwLwYDVQQD
Eyg5MzY4OWQyZmZlMTY5MDRmODEzNzAzODc1ZmJlZjViMGY4NzU3YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozJ7hH7wwxX3WC0G4FhgOaXeOXga
iNHGNl/IUouWTCOLMTGRKWfDRAyR4Xo30fpNETWCTjlqxjjibMQcAgjCYMBIdrI7
eMVR0MOCRzq+cAfqujL3PurJdrwPxQ1nfpay9r29Z6wvHbxN566RMz/sR3WWZpNe
/vKIjJZ7JvIPILl1+Iwa6TVF4mB5rjqlbAC82z6eLcbzH+LkrAp6HFtaZurTBBJv
rvUiPbkCpy3esZ6tWDgwVEAnBUCia/4NaLGHnw4CUf93u2AP53PPv/Kh2T1AxurI
dFgCGWojfmbFQiHvM6CWdi+inNn9ZhuCpR39jxpViV/i6xiK7zre/weu8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNonS/+FpBPgTcDh1++9bD4dXv2MB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUTONuVE
LE9gEEsRwGTXGOW3PH9Bi+w4NKLxBKDxTopI0hsAMDoYj4pkhGDvtrDyWDfVnhyf
nKDM4HngqqpJNPeAW8cy6GKZK8wA8GqjGJAgMbqbCdZyAPCgYfMU4i0vaRA4o3GR
au45qcXgF/s0fBoogclqe3mORPiRxD4Qb5FTgbZRZ+PVQnXzvGBTbnQlnY6Sk4Jw
2ifYy1pqJQs6aahrC/Q3cjG61Dw73j1yASv1DZrsx4nOWTuKnyZShv5wxgAVjYeP
JyrprWBx25SgGvwNnx9JkWn01YfnfTUYYgupIuNF9iUUMfuHkfUXER5vwC/hAO4O
w42spbWzvMU+Rg==
-----END CERTIFICATE-----