Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
File:                     G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json)
Hash identifier:          E883oU90S8gRGvAsLy70c0UtfXLSCkZuKERQP2E/RMk=
Subject key identifier:   34:22:AA:C5:CD:A9:91:A2:D6:20:E4:62:F2:DB:5A:4D:64:8F:38:DF
Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6
Certificate issuer:       /CN=1b934577cb49d8d231b74c550726f3387e026cf6
Certificate serial:       0196C15DE17AA2EE1A5CCD045342003D84C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
Manifest number:          1532
Signing time:             Sun 11 May 2025 22:01:17 +0000
Manifest this update:     Sun 11 May 2025 22:01:17 +0000
Manifest next update:     Mon 12 May 2025 22:01:17 +0000
Files and hashes:         1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: Hk/nNvHnDDy4Ztkbb7dn8l8hjjuid0szecGH6HoJme0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:e1:7a:a2:ee:1a:5c:cd:04:53:42:00:3d:84:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6
        Validity
            Not Before: May 11 22:01:17 2025 GMT
            Not After : May 12 22:01:17 2025 GMT
        Subject: CN=3422aac5cda991a2d620e462f2db5a4d648f38df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cf:c3:81:1a:7b:a9:da:d9:75:a1:3e:52:d9:
                    6e:39:74:9b:fd:1e:11:4a:f1:48:fc:2c:ab:5c:a6:
                    f4:4d:48:8b:19:9b:ad:7b:fc:ab:b2:62:11:1e:98:
                    4a:71:88:82:3b:43:15:80:c0:85:9d:bc:95:d9:29:
                    39:0b:7a:38:91:88:87:b6:24:07:8c:5f:33:b7:7f:
                    c3:44:d6:ed:4c:69:c7:12:ae:af:7b:e1:08:7d:c1:
                    b0:42:97:0e:29:f6:f5:8b:67:33:fe:85:c0:b4:84:
                    5e:e5:86:d8:5b:4b:7f:ba:9b:cd:62:d1:50:99:76:
                    09:32:02:53:3e:dc:cd:90:b0:d4:b9:da:2c:e7:3f:
                    ad:cf:95:63:6a:a4:a8:0e:e8:69:5a:47:9b:bc:cd:
                    e1:65:ea:62:10:0a:c7:2e:10:4d:9d:99:f1:9e:62:
                    88:f4:88:94:01:5c:57:42:5c:0e:f0:d5:18:93:01:
                    f3:79:91:5f:cc:39:53:40:a9:83:b7:2d:f8:b4:a0:
                    6f:63:7f:ca:3e:5e:65:81:00:34:7a:6a:56:9d:84:
                    71:1f:94:4a:19:97:d3:98:93:d1:8c:8e:61:71:1f:
                    13:64:68:8f:35:ef:b1:87:9f:9d:9d:df:69:45:82:
                    f0:5c:09:94:06:30:a0:33:42:45:37:86:8b:02:74:
                    b5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:22:AA:C5:CD:A9:91:A2:D6:20:E4:62:F2:DB:5A:4D:64:8F:38:DF
            X509v3 Authority Key Identifier:
                keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:1c:ca:8c:fd:00:5a:24:1d:97:30:42:2e:19:f2:63:73:c7:
         e8:cc:51:29:1a:70:f7:f3:7d:e4:43:a6:5d:bb:23:6e:54:d7:
         04:95:25:a9:42:c6:e8:3f:7b:05:25:da:28:cc:e7:5f:31:f7:
         e3:b9:c4:13:c0:df:5d:5c:a3:bf:45:55:5b:ca:d2:cd:93:3c:
         83:51:e6:56:60:7b:ac:29:36:28:e5:2c:47:11:99:74:78:49:
         a1:ef:eb:ed:45:1c:92:af:27:91:32:95:ba:f7:39:8f:8d:f1:
         85:2b:87:26:63:4e:be:e6:fb:5f:ba:a6:3b:1f:94:5e:86:bd:
         d3:d1:d7:de:61:ab:95:1c:f0:4d:68:c5:08:a4:1e:af:2f:6e:
         8d:52:e0:88:33:7c:22:dd:a2:e8:69:76:35:5a:82:8b:a4:8d:
         56:ee:10:b7:f3:35:51:38:55:28:50:80:ca:d5:0a:56:92:59:
         68:4c:3b:ce:a0:df:99:d4:9c:2b:50:cd:09:0e:0d:6b:8e:cd:
         bf:19:7f:d3:00:a1:6d:7e:76:dc:5c:7e:6f:3a:30:e1:83:4e:
         7e:c0:de:01:0d:8a:43:af:94:64:bc:a3:f6:b2:bf:73:65:c2:
         7e:c5:44:57:be:78:9e:5c:d9:4d:ad:c2:69:b7:31:a5:c0:ff:
         5d:55:c9:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXeF6ou4aXM0EU0IAPYTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw
MjZjZjYwHhcNMjUwNTExMjIwMTE3WhcNMjUwNTEyMjIwMTE3WjAzMTEwLwYDVQQD
EygzNDIyYWFjNWNkYTk5MWEyZDYyMGU0NjJmMmRiNWE0ZDY0OGYzOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs/DgRp7qdrZdaE+UtluOXSb/R4R
SvFI/CyrXKb0TUiLGZute/yrsmIRHphKcYiCO0MVgMCFnbyV2Sk5C3o4kYiHtiQH
jF8zt3/DRNbtTGnHEq6ve+EIfcGwQpcOKfb1i2cz/oXAtIRe5YbYW0t/upvNYtFQ
mXYJMgJTPtzNkLDUudos5z+tz5VjaqSoDuhpWkebvM3hZepiEArHLhBNnZnxnmKI
9IiUAVxXQlwO8NUYkwHzeZFfzDlTQKmDty34tKBvY3/KPl5lgQA0empWnYRxH5RK
GZfTmJPRjI5hcR8TZGiPNe+xh5+dnd9pRYLwXAmUBjCgM0JFN4aLAnS1nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQiqsXNqZGi1iDkYvLbWk1kjzjfMB8GA1UdIwQY
MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt
MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh
LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxzKjP0A
WiQdlzBCLhnyY3PH6MxRKRpw9/N95EOmXbsjblTXBJUlqULG6D97BSXaKMznXzH3
47nEE8DfXVyjv0VVW8rSzZM8g1HmVmB7rCk2KOUsRxGZdHhJoe/r7UUckq8nkTKV
uvc5j43xhSuHJmNOvub7X7qmOx+UXoa909HX3mGrlRzwTWjFCKQery9ujVLgiDN8
It2i6Gl2NVqCi6SNVu4Qt/M1UThVKFCAytUKVpJZaEw7zqDfmdScK1DNCQ4Na47N
vxl/0wChbX523Fx+bzow4YNOfsDeAQ2KQ6+UZLyj9rK/c2XCfsVEV754nlzZTa3C
abcxpcD/XVXJcg==
-----END CERTIFICATE-----