Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
File:                     6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft (raw, json)
Hash identifier:          8GK/1Uf0sh4yfADJTHfGPuFZkKVxqkoUxZE3V51Wihk=
Subject key identifier:   82:98:AA:72:B3:F5:7D:C2:FF:2E:8D:F3:F0:3A:DC:F5:53:51:16:0F
Authority key identifier: E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2
Certificate issuer:       /CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
Certificate serial:       0196C4279080B973409E8D7C93C23779589A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
Manifest number:          05F6
Signing time:             Mon 12 May 2025 11:00:49 +0000
Manifest this update:     Mon 12 May 2025 11:00:49 +0000
Manifest next update:     Tue 13 May 2025 11:00:49 +0000
Files and hashes:         1: 6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl (hash: cW3HdlnmbxHS2gjUQNU4O+yeWiBWvi1phdJSjRtkcPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 11:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:27:90:80:b9:73:40:9e:8d:7c:93:c2:37:79:58:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
        Validity
            Not Before: May 12 11:00:49 2025 GMT
            Not After : May 13 11:00:49 2025 GMT
        Subject: CN=8298aa72b3f57dc2ff2e8df3f03adcf55351160f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b1:52:2e:33:25:5e:4b:2c:3d:09:5b:02:7d:
                    4c:98:f7:70:eb:d5:c5:db:fa:a7:a3:a2:37:5b:ba:
                    7a:9b:9d:e5:a1:31:3a:a1:23:16:75:1e:e8:66:77:
                    2c:52:47:0c:42:b3:c4:b2:33:46:85:61:79:d9:90:
                    b1:f3:dd:48:20:e3:0b:6e:ea:02:fb:4d:c8:09:9a:
                    49:a0:67:18:43:54:20:08:6d:00:8c:22:60:2c:43:
                    e3:23:81:c0:32:a5:08:62:0f:aa:c7:95:ca:1d:ed:
                    35:67:3a:28:f5:d9:b3:43:73:45:a6:95:39:0c:0a:
                    0f:16:99:fe:cd:6a:80:cb:2f:c2:18:11:db:0b:47:
                    54:de:a7:66:36:38:79:71:24:b7:1e:4d:8f:30:fe:
                    da:b1:b9:7a:22:b6:26:f6:75:b4:6a:42:73:39:43:
                    4a:a7:35:d5:c5:45:9b:ae:ec:d2:ca:47:26:ea:b6:
                    07:9e:41:e3:1a:c0:4a:97:d6:ad:45:61:5e:1d:5c:
                    a6:78:08:cf:d3:3f:2e:30:59:c7:32:c1:08:de:97:
                    76:92:12:21:f7:75:2d:5f:cb:3d:1a:3a:33:6c:21:
                    2d:76:2f:b3:3e:84:0d:be:7a:5a:f1:9c:56:cc:e3:
                    f1:e1:f2:0a:ad:79:26:c5:01:30:6f:93:cf:91:a9:
                    58:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:98:AA:72:B3:F5:7D:C2:FF:2E:8D:F3:F0:3A:DC:F5:53:51:16:0F
            X509v3 Authority Key Identifier:
                keyid:E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:33:c8:6e:9f:d9:e7:0e:b6:08:f0:71:9d:3d:36:ad:e9:f0:
         b5:18:00:59:a6:35:5d:6d:60:47:44:5f:0b:69:de:df:7d:c2:
         93:5d:6c:a9:a2:97:fa:47:dd:cd:d5:4a:66:68:5b:99:36:28:
         83:6b:4a:8e:72:b4:20:98:90:57:4f:22:7f:ea:93:0e:49:8d:
         9a:00:3d:3a:67:79:2e:67:5b:d8:e2:2d:84:22:90:e1:95:b1:
         50:2d:00:39:5b:bb:44:27:00:ba:d9:a4:30:44:d0:8a:cf:b4:
         de:8e:2a:a9:12:aa:be:b4:8d:a4:ad:09:04:7e:82:e0:24:30:
         29:ce:93:2c:1f:cd:39:d4:c5:34:9c:d5:a4:32:58:fa:b5:fd:
         ec:51:4a:66:1e:04:26:d5:84:56:9d:fc:c0:3c:c1:58:89:55:
         57:45:e4:5c:84:80:2d:67:dc:81:4f:6d:18:a5:b6:3c:06:2c:
         2a:17:bc:d0:a2:d4:31:84:cc:0b:b6:74:61:dd:75:78:30:60:
         74:31:82:9e:6a:b8:67:7d:f1:17:fc:9d:b5:d2:0e:52:8b:75:
         78:3d:5b:8c:d5:aa:52:e5:64:30:6f:04:73:8f:14:86:91:33:
         9c:82:31:f1:41:57:d5:98:48:79:65:d2:14:58:6f:4f:ef:94:
         a6:09:db:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJ5CAuXNAno18k8I3eViaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzJhNmMyZWJlYTQ2NDEzMDcyZjkwZGQ1MjZkNzhmMTEw
MmY0ZjIwHhcNMjUwNTEyMTEwMDQ5WhcNMjUwNTEzMTEwMDQ5WjAzMTEwLwYDVQQD
Eyg4Mjk4YWE3MmIzZjU3ZGMyZmYyZThkZjNmMDNhZGNmNTUzNTExNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLFSLjMlXkssPQlbAn1MmPdw69XF
2/qno6I3W7p6m53loTE6oSMWdR7oZncsUkcMQrPEsjNGhWF52ZCx891IIOMLbuoC
+03ICZpJoGcYQ1QgCG0AjCJgLEPjI4HAMqUIYg+qx5XKHe01Zzoo9dmzQ3NFppU5
DAoPFpn+zWqAyy/CGBHbC0dU3qdmNjh5cSS3Hk2PMP7asbl6IrYm9nW0akJzOUNK
pzXVxUWbruzSykcm6rYHnkHjGsBKl9atRWFeHVymeAjP0z8uMFnHMsEI3pd2khIh
93UtX8s9GjozbCEtdi+zPoQNvnpa8ZxWzOPx4fIKrXkmxQEwb5PPkalY8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKYqnKz9X3C/y6N8/A63PVTURYPMB8GA1UdIwQY
MBaAFOlypsLr6kZBMHL5DdUm148RAvTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMt
NGY5NzRjOTc3OTQ1LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMtNGY5NzRjOTc3OTQ1
LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgjPIbp/Z
5w62CPBxnT02renwtRgAWaY1XW1gR0RfC2ne333Ck11sqaKX+kfdzdVKZmhbmTYo
g2tKjnK0IJiQV08if+qTDkmNmgA9Omd5Lmdb2OIthCKQ4ZWxUC0AOVu7RCcAutmk
METQis+03o4qqRKqvrSNpK0JBH6C4CQwKc6TLB/NOdTFNJzVpDJY+rX97FFKZh4E
JtWEVp38wDzBWIlVV0XkXISALWfcgU9tGKW2PAYsKhe80KLUMYTMC7Z0Yd11eDBg
dDGCnmq4Z33xF/ydtdIOUot1eD1bjNWqUuVkMG8Ec48UhpEznIIx8UFX1ZhIeWXS
FFhvT++UpgnbPw==
-----END CERTIFICATE-----