Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          LYcbDBS279nW1DQtGj4xp047diNJE1h4tMq8efXUHo8=
Subject key identifier:   50:0F:37:81:6C:6D:BB:0A:69:37:74:20:2C:43:63:6B:14:23:E4:54
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       0196B8234B7C605BE0649F2A229AEF0942A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          02F8
Signing time:             Sat 10 May 2025 03:00:42 +0000
Manifest this update:     Sat 10 May 2025 03:00:42 +0000
Manifest next update:     Sun 11 May 2025 03:00:42 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: WJ6QXeOhchZz722e+67eW+SBiS81Ohc4ws8oRATRK7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 03:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:23:4b:7c:60:5b:e0:64:9f:2a:22:9a:ef:09:42:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: May 10 03:00:42 2025 GMT
            Not After : May 11 03:00:42 2025 GMT
        Subject: CN=500f37816c6dbb0a693774202c43636b1423e454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ba:d1:bc:36:19:da:03:33:ae:46:d7:bf:9d:
                    66:6d:b4:4f:96:cd:05:1e:48:fc:67:d2:ec:ad:f9:
                    79:73:d2:5b:91:79:26:e3:2e:9a:e5:b2:93:d3:54:
                    32:eb:a5:9e:e1:29:26:94:2d:ff:ce:75:4f:6f:5f:
                    67:fd:e0:cd:5f:2f:cf:e2:d4:b2:59:c5:f8:56:3d:
                    78:1e:aa:0f:db:3d:5e:51:18:d5:d5:55:77:c7:0c:
                    15:32:d5:1e:70:95:f6:ff:eb:95:c1:77:ac:fd:e7:
                    4c:21:80:b6:ea:02:ac:4b:38:20:be:3c:f8:ce:e3:
                    da:ad:8d:5a:65:d0:59:1e:17:c7:ae:4f:80:0b:a7:
                    5c:5f:d3:57:e1:31:78:3e:55:0e:c6:8b:bb:b2:9a:
                    6f:95:ea:2a:1e:ef:b3:22:bd:d7:39:71:e8:d9:db:
                    e1:13:7d:66:00:77:e1:56:02:38:88:4a:ff:5c:8d:
                    ad:8a:58:2e:c6:86:ab:f8:81:cf:5d:9d:4c:c3:cb:
                    c2:89:1e:b7:c2:32:90:84:ae:ea:09:a6:ed:2e:64:
                    de:3d:96:d7:b8:8e:79:5a:cb:a9:74:59:ef:4c:79:
                    1e:fc:23:1f:01:71:25:44:38:3b:e8:b1:71:9f:b3:
                    5a:a5:7b:fb:c5:05:eb:1d:de:c6:cb:20:d2:a2:69:
                    05:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:0F:37:81:6C:6D:BB:0A:69:37:74:20:2C:43:63:6B:14:23:E4:54
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:75:db:9a:58:ac:65:92:51:e2:21:52:16:bb:f3:be:9d:c5:
         fa:a9:90:89:aa:f5:c5:af:3c:d2:9f:5a:2f:23:04:2f:9e:21:
         cc:27:41:1b:60:25:dd:e3:69:6c:85:30:9a:3c:9a:ac:1d:10:
         18:c1:70:c9:8e:37:a7:d2:7a:e2:28:57:d4:6c:a4:9c:c9:d7:
         cb:6d:9a:b5:3d:8d:fc:ed:42:e9:79:6b:e1:1e:7d:e5:e9:c1:
         e0:10:1f:f9:c9:9d:68:92:86:74:b5:1a:d4:87:c9:9f:e6:e9:
         72:34:85:bb:6a:ec:26:ee:cf:76:3c:71:4b:55:f6:df:b9:6f:
         8e:02:4e:56:d3:3d:7c:ba:86:ca:01:52:35:3e:80:86:01:ed:
         a6:81:c4:79:83:ec:52:7e:a9:78:a5:0f:0a:78:b1:a3:17:98:
         37:ae:c5:ce:1a:89:6c:40:c6:46:6d:6b:48:8a:7a:8a:2d:61:
         fc:f2:8d:1d:0f:ee:82:bd:a1:92:56:b7:4d:c6:7a:02:20:8a:
         1a:85:ba:8a:20:d2:7b:02:47:09:50:1e:42:1b:d7:0b:52:24:
         b4:e4:ae:6b:7a:4a:c5:69:f7:2e:ac:9a:b1:71:5b:0a:5b:d2:
         03:71:37:64:ec:4e:dc:aa:cc:9c:a9:0a:80:fd:e7:cf:a4:d3:
         dc:7a:14:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4I0t8YFvgZJ8qIprvCUKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUwNTEwMDMwMDQyWhcNMjUwNTExMDMwMDQyWjAzMTEwLwYDVQQD
Eyg1MDBmMzc4MTZjNmRiYjBhNjkzNzc0MjAyYzQzNjM2YjE0MjNlNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbrRvDYZ2gMzrkbXv51mbbRPls0F
Hkj8Z9Lsrfl5c9JbkXkm4y6a5bKT01Qy66We4SkmlC3/znVPb19n/eDNXy/P4tSy
WcX4Vj14HqoP2z1eURjV1VV3xwwVMtUecJX2/+uVwXes/edMIYC26gKsSzggvjz4
zuParY1aZdBZHhfHrk+AC6dcX9NX4TF4PlUOxou7sppvleoqHu+zIr3XOXHo2dvh
E31mAHfhVgI4iEr/XI2tilguxoar+IHPXZ1Mw8vCiR63wjKQhK7qCabtLmTePZbX
uI55WsupdFnvTHke/CMfAXElRDg76LFxn7NapXv7xQXrHd7GyyDSomkFwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAPN4FsbbsKaTd0ICxDY2sUI+RUMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU3Xbmlis
ZZJR4iFSFrvzvp3F+qmQiar1xa880p9aLyMEL54hzCdBG2Al3eNpbIUwmjyarB0Q
GMFwyY43p9J64ihX1GyknMnXy22atT2N/O1C6Xlr4R595enB4BAf+cmdaJKGdLUa
1IfJn+bpcjSFu2rsJu7PdjxxS1X237lvjgJOVtM9fLqGygFSNT6AhgHtpoHEeYPs
Un6peKUPCnixoxeYN67FzhqJbEDGRm1rSIp6ii1h/PKNHQ/ugr2hkla3TcZ6AiCK
GoW6iiDSewJHCVAeQhvXC1IktOSua3pKxWn3LqyasXFbClvSA3E3ZOxO3KrMnKkK
gP3nz6TT3HoUVQ==
-----END CERTIFICATE-----