Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          7w6PMH7WKJmP/YV6JEx+WcZwvXm+Kv7qZoEg+Skij2E=
Subject key identifier:   BB:95:81:2A:BB:A5:A4:9E:14:54:C0:93:B8:8F:EF:EE:27:FB:DD:74
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       0196C8720ACE0E5A577898C53A9D0C8DC677
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0C17
Signing time:             Tue 13 May 2025 07:00:39 +0000
Manifest this update:     Tue 13 May 2025 07:00:39 +0000
Manifest next update:     Wed 14 May 2025 07:00:39 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: EI1QZ0jlH8BMSXmQHr2P8XG88vmn42sc/Kvxx6EOZSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:72:0a:ce:0e:5a:57:78:98:c5:3a:9d:0c:8d:c6:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: May 13 07:00:39 2025 GMT
            Not After : May 14 07:00:39 2025 GMT
        Subject: CN=bb95812abba5a49e1454c093b88fefee27fbdd74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3a:0c:88:f1:70:f7:66:67:e2:50:97:fc:07:
                    26:84:f5:91:a5:85:5c:b2:f8:c5:e4:b3:7e:0f:a7:
                    d4:da:dc:fa:34:1e:44:58:7e:33:5b:21:d4:2b:88:
                    c5:5a:0e:5c:ad:35:5b:99:e0:74:2c:ca:93:e7:2c:
                    8c:54:23:20:0c:2e:19:8b:18:c9:8e:b7:aa:f1:ba:
                    c5:1d:e3:45:8a:f6:ea:cd:2a:36:c4:f7:cc:bd:09:
                    11:a5:1f:50:24:31:ec:c1:8e:b2:c8:a6:cb:5d:09:
                    0a:74:b0:bd:f4:a1:41:60:09:33:05:6a:5c:c1:01:
                    e9:8e:c9:fe:77:56:f1:20:b0:8c:94:9c:39:5a:77:
                    46:a9:71:2f:b1:c9:6c:44:02:f7:d9:32:54:ec:6f:
                    34:50:6e:6e:4a:fe:26:c0:df:b5:c9:a8:19:68:1f:
                    f0:e0:71:2f:0d:38:f6:c9:c1:61:a0:a2:e6:66:c3:
                    16:e1:49:75:0e:35:6c:47:d6:17:8b:08:6d:9d:1e:
                    5b:75:76:36:63:29:fa:8e:62:8c:c8:68:45:56:e8:
                    2f:7d:ed:63:58:6b:cd:88:5e:a3:d8:4e:21:df:f1:
                    30:3f:5e:ba:0f:2d:44:95:50:07:2b:71:64:24:0b:
                    03:1e:86:db:88:14:dc:eb:2e:8f:ba:39:5a:68:75:
                    c2:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:95:81:2A:BB:A5:A4:9E:14:54:C0:93:B8:8F:EF:EE:27:FB:DD:74
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:df:09:ca:a9:2d:08:ec:48:2a:9a:e2:3d:73:f7:00:ea:f3:
         21:92:7f:3b:3b:37:c6:ce:24:25:03:04:c4:b3:e8:c2:d5:95:
         e4:b8:4d:8f:f5:5e:58:0a:52:66:40:73:1d:db:88:40:b1:5a:
         37:cc:10:a7:f9:bf:2a:da:63:3d:9d:bd:ca:74:e8:10:9b:c5:
         b8:7f:d5:27:29:dc:cf:05:b8:7f:4a:8d:f0:94:43:68:e5:4b:
         81:c0:44:0b:06:69:ba:98:2d:f2:d0:ea:ab:5e:da:0b:dd:6c:
         3f:f0:aa:a7:52:31:e8:0f:7c:63:7e:4b:ff:af:1c:c7:69:c5:
         36:7a:da:d1:3f:00:35:b7:a2:f6:af:bd:af:46:f0:b1:c6:41:
         db:04:c8:d1:05:58:4a:27:70:e8:28:0c:b2:aa:56:a8:26:c7:
         e7:43:bc:59:b8:14:23:d5:eb:ff:4d:04:4c:3c:fe:a1:77:3c:
         83:f8:77:32:8b:cd:60:7a:13:0d:79:61:65:78:69:95:f1:e8:
         fb:bb:f5:e5:79:ce:d5:43:7c:24:83:4a:68:a9:7f:d0:eb:2b:
         f8:4b:8a:53:fe:1b:6f:31:f4:1d:2d:8f:c8:a7:ba:41:e1:d3:
         cf:5d:7c:9b:2a:67:1b:4e:92:8f:c4:b9:66:04:a2:b3:d2:4c:
         3e:38:97:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIcgrODlpXeJjFOp0MjcZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjUwNTEzMDcwMDM5WhcNMjUwNTE0MDcwMDM5WjAzMTEwLwYDVQQD
EyhiYjk1ODEyYWJiYTVhNDllMTQ1NGMwOTNiODhmZWZlZTI3ZmJkZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjoMiPFw92Zn4lCX/AcmhPWRpYVc
svjF5LN+D6fU2tz6NB5EWH4zWyHUK4jFWg5crTVbmeB0LMqT5yyMVCMgDC4ZixjJ
jreq8brFHeNFivbqzSo2xPfMvQkRpR9QJDHswY6yyKbLXQkKdLC99KFBYAkzBWpc
wQHpjsn+d1bxILCMlJw5WndGqXEvsclsRAL32TJU7G80UG5uSv4mwN+1yagZaB/w
4HEvDTj2ycFhoKLmZsMW4Ul1DjVsR9YXiwhtnR5bdXY2Yyn6jmKMyGhFVugvfe1j
WGvNiF6j2E4h3/EwP166Dy1ElVAHK3FkJAsDHobbiBTc6y6PujlaaHXClwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuVgSq7paSeFFTAk7iP7+4n+910MB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqt8Jyqkt
COxIKpriPXP3AOrzIZJ/Ozs3xs4kJQMExLPowtWV5LhNj/VeWApSZkBzHduIQLFa
N8wQp/m/KtpjPZ29ynToEJvFuH/VJynczwW4f0qN8JRDaOVLgcBECwZpupgt8tDq
q17aC91sP/Cqp1Ix6A98Y35L/68cx2nFNnra0T8ANbei9q+9r0bwscZB2wTI0QVY
Sidw6CgMsqpWqCbH50O8WbgUI9Xr/00ETDz+oXc8g/h3MovNYHoTDXlhZXhplfHo
+7v15XnO1UN8JINKaKl/0Osr+EuKU/4bbzH0HS2PyKe6QeHTz118mypnG06Sj8S5
ZgSis9JMPjiX5w==
-----END CERTIFICATE-----