Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          rjB2Zj1mUJTjgxhZq/B4mtl9fx1YLQywWLgHJUhXmmE=
Subject key identifier:   07:65:36:0C:08:54:D5:57:90:DD:26:83:DA:0E:DE:B1:60:60:57:2B
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       0196B47DA6EA1084DF174B9C2F96E35F5893
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          02DE
Signing time:             Fri 09 May 2025 10:00:55 +0000
Manifest this update:     Fri 09 May 2025 10:00:55 +0000
Manifest next update:     Sat 10 May 2025 10:00:55 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: N2SWg2/2qXajihR68srOSUetq0TW/QPZtyOzEm/uPaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:7d:a6:ea:10:84:df:17:4b:9c:2f:96:e3:5f:58:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: May  9 10:00:55 2025 GMT
            Not After : May 10 10:00:55 2025 GMT
        Subject: CN=0765360c0854d55790dd2683da0edeb16060572b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:65:06:bc:02:9d:99:78:69:43:42:66:0c:d5:
                    51:38:0a:89:29:0d:f7:b6:b5:fd:40:a1:73:3e:59:
                    50:61:77:1f:28:01:af:dc:d5:63:7c:72:2f:38:a5:
                    98:a3:01:e6:b2:fc:0b:13:af:62:0f:df:21:7e:c2:
                    28:27:93:bf:75:53:c8:84:d8:7d:03:8c:a6:e4:fd:
                    dc:49:6c:92:45:90:33:73:01:9e:b9:f8:0c:0a:21:
                    71:3c:0b:f1:a7:30:bd:7e:65:32:9a:bb:98:f7:5f:
                    0b:1a:56:25:82:13:7d:f1:df:c1:12:65:6e:3b:56:
                    38:94:02:9a:cb:cd:39:9d:b5:28:54:1a:67:59:f2:
                    25:97:a9:f0:99:0a:fc:20:8e:13:b8:16:ed:95:dd:
                    19:81:2c:0d:61:eb:e9:8a:57:e4:e7:6e:fc:a8:f0:
                    21:ad:da:b3:1a:3c:e2:2e:d8:44:a0:14:77:3a:21:
                    d5:d8:d2:06:f5:cd:35:4c:bd:c4:a5:78:f7:55:3b:
                    29:22:30:be:c8:41:b6:7e:e7:f0:dd:cc:21:77:b3:
                    45:ac:84:ae:f0:9f:3b:2f:d3:06:05:16:88:12:cc:
                    d0:4f:f1:25:36:60:ff:ec:1e:ac:1f:30:d2:2a:d8:
                    10:26:44:a4:af:eb:62:96:46:56:a0:e2:92:01:70:
                    98:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:65:36:0C:08:54:D5:57:90:DD:26:83:DA:0E:DE:B1:60:60:57:2B
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:40:d9:99:39:ef:f3:ac:00:d9:1e:13:a5:ab:99:44:a7:60:
         d5:ed:95:1d:8e:9b:30:9d:26:a9:60:31:7b:3f:6a:99:60:9c:
         53:7b:ca:6c:a0:09:a5:1f:e8:9e:c5:c7:3d:df:84:78:72:92:
         e0:41:c8:fb:d8:a3:d0:10:df:c1:3e:44:67:5d:a3:97:d6:09:
         36:f4:e1:0e:15:16:cf:a2:3c:a0:95:20:f2:c2:5e:58:f8:d3:
         02:9f:ed:0a:0f:a4:d5:3b:fc:c5:a0:9d:3d:de:88:5f:33:23:
         0b:1a:09:aa:b9:fd:ae:f8:ef:e6:98:a1:c5:b8:7d:34:38:ad:
         69:bb:ac:02:8f:30:09:a4:21:43:50:7f:e1:42:32:24:06:79:
         80:c8:db:03:fb:56:0c:74:2e:db:a1:e8:98:a6:43:28:55:1f:
         d5:b6:d0:32:87:28:26:dc:b2:8f:f8:7e:35:f3:69:e3:ea:2c:
         12:9a:fb:87:96:c1:c5:69:30:58:7a:cb:37:91:38:64:78:af:
         f5:b7:c4:13:93:21:ca:eb:67:04:1a:05:92:89:92:f5:0f:fd:
         5d:3d:90:8c:c4:90:b3:ad:f9:bb:a5:85:81:b2:fd:fe:77:44:
         4c:6d:da:0d:d2:55:5d:08:67:6c:ba:f9:56:8d:2f:b8:b0:8d:
         85:84:1f:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa0fabqEITfF0ucL5bjX1iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwNTA5MTAwMDU1WhcNMjUwNTEwMTAwMDU1WjAzMTEwLwYDVQQD
EygwNzY1MzYwYzA4NTRkNTU3OTBkZDI2ODNkYTBlZGViMTYwNjA1NzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWUGvAKdmXhpQ0JmDNVROAqJKQ33
trX9QKFzPllQYXcfKAGv3NVjfHIvOKWYowHmsvwLE69iD98hfsIoJ5O/dVPIhNh9
A4ym5P3cSWySRZAzcwGeufgMCiFxPAvxpzC9fmUymruY918LGlYlghN98d/BEmVu
O1Y4lAKay805nbUoVBpnWfIll6nwmQr8II4TuBbtld0ZgSwNYevpilfk5278qPAh
rdqzGjziLthEoBR3OiHV2NIG9c01TL3EpXj3VTspIjC+yEG2fufw3cwhd7NFrISu
8J87L9MGBRaIEszQT/ElNmD/7B6sHzDSKtgQJkSkr+tilkZWoOKSAXCYnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdlNgwIVNVXkN0mg9oO3rFgYFcrMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEkDZmTnv
86wA2R4TpauZRKdg1e2VHY6bMJ0mqWAxez9qmWCcU3vKbKAJpR/onsXHPd+EeHKS
4EHI+9ij0BDfwT5EZ12jl9YJNvThDhUWz6I8oJUg8sJeWPjTAp/tCg+k1Tv8xaCd
Pd6IXzMjCxoJqrn9rvjv5pihxbh9NDitabusAo8wCaQhQ1B/4UIyJAZ5gMjbA/tW
DHQu26HomKZDKFUf1bbQMocoJtyyj/h+NfNp4+osEpr7h5bBxWkwWHrLN5E4ZHiv
9bfEE5MhyutnBBoFkomS9Q/9XT2QjMSQs635u6WFgbL9/ndETG3aDdJVXQhnbLr5
Vo0vuLCNhYQfdw==
-----END CERTIFICATE-----