Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          7w8AF9LRIVabrlGpVQnvIv6vIJeCO3uXLRC9BeF3aw0=
Subject key identifier:   04:24:3D:A0:99:D7:67:E8:74:27:8D:49:A5:AE:2B:31:7F:CC:37:94
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       0196BF6EBE836CAE4A2B69F1807F2E552226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0DEA
Signing time:             Sun 11 May 2025 13:00:28 +0000
Manifest this update:     Sun 11 May 2025 13:00:28 +0000
Manifest next update:     Mon 12 May 2025 13:00:28 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: QKLlL3jcMI24wIFcUcjG/7ReoIMA1d7bz1Rc9E3n+7g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:be:83:6c:ae:4a:2b:69:f1:80:7f:2e:55:22:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: May 11 13:00:28 2025 GMT
            Not After : May 12 13:00:28 2025 GMT
        Subject: CN=04243da099d767e874278d49a5ae2b317fcc3794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fb:b0:0e:68:ef:92:57:98:3c:29:9e:c8:1b:
                    6b:63:62:7a:ef:5b:3f:d8:6b:c0:8e:ae:61:8d:1a:
                    c3:9a:7c:ba:bd:c1:66:a2:a9:69:16:81:67:b9:e1:
                    17:d2:25:c8:4a:6e:31:c0:cd:50:46:4b:78:42:a2:
                    78:6a:4a:74:de:e3:42:2e:07:70:84:be:ec:98:7e:
                    08:03:82:6a:44:3e:5f:f6:f5:6d:fb:3e:f9:78:51:
                    d6:38:cd:12:6c:90:99:66:e3:c0:83:8b:70:25:a9:
                    06:a1:7b:12:06:95:22:f4:cc:66:ee:2b:b6:14:75:
                    ea:44:93:be:4c:24:8e:53:f5:09:95:31:17:5f:e2:
                    0f:ef:73:78:40:2c:5d:e5:41:cc:9f:94:2e:d2:c1:
                    d0:1f:c1:7b:6d:10:0c:a7:54:88:82:77:01:b1:0b:
                    ba:7a:87:f2:15:f2:43:7c:c7:f7:49:ff:63:6d:07:
                    15:cd:5e:e3:6f:ad:4a:66:60:c5:58:25:bd:b1:e9:
                    c7:ab:0d:cf:54:65:77:86:47:61:59:72:d0:5d:70:
                    8f:3d:6a:6a:53:18:44:93:22:b3:25:50:36:26:c1:
                    23:e2:31:5c:ad:2d:aa:01:0f:61:62:b5:c1:84:39:
                    72:14:25:a5:4b:fd:34:03:2f:60:fb:a6:4a:d6:7b:
                    bc:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:24:3D:A0:99:D7:67:E8:74:27:8D:49:A5:AE:2B:31:7F:CC:37:94
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:f9:97:78:72:e0:88:73:d5:dc:ee:cc:46:f9:ac:89:6a:62:
         75:09:df:ac:d2:8e:83:a4:0e:a7:42:59:4f:19:97:46:5f:4c:
         88:8b:7b:c0:21:a0:b9:35:de:b8:33:4d:eb:cd:ff:76:e3:5d:
         0d:c2:cf:4f:38:3d:e1:3a:71:37:2d:7c:0d:fa:89:5c:97:5c:
         17:14:d2:39:62:c8:23:00:58:99:d2:a9:0c:49:47:a4:88:4d:
         f5:d7:65:24:19:e8:2d:22:e8:20:c7:3a:99:a9:6a:0a:5b:ee:
         de:b5:d5:33:5f:7e:58:63:a0:ca:32:96:e3:1b:81:44:7b:dd:
         1a:83:b0:d3:40:89:55:24:95:9c:cc:66:fe:69:a0:8c:33:98:
         06:4c:18:66:1d:c1:92:a1:b7:d9:e7:a8:09:ac:b0:2f:a0:af:
         05:f8:99:ef:ed:de:5a:e6:fc:2e:28:94:26:00:7d:63:01:81:
         ed:cf:a5:f7:3a:dc:1f:06:a3:8d:f0:95:51:2f:88:94:12:a8:
         d4:49:a9:d2:de:d8:66:0b:78:42:be:04:98:eb:db:64:53:7e:
         f7:c8:11:08:d4:8e:f2:0d:eb:f8:8e:34:86:4b:63:49:b5:58:
         eb:16:95:5d:20:21:9f:f6:6f:06:15:91:bb:62:41:1b:10:a9:
         99:15:e7:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/br6DbK5KK2nxgH8uVSImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUwNTExMTMwMDI4WhcNMjUwNTEyMTMwMDI4WjAzMTEwLwYDVQQD
EygwNDI0M2RhMDk5ZDc2N2U4NzQyNzhkNDlhNWFlMmIzMTdmY2MzNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/uwDmjvkleYPCmeyBtrY2J671s/
2GvAjq5hjRrDmny6vcFmoqlpFoFnueEX0iXISm4xwM1QRkt4QqJ4akp03uNCLgdw
hL7smH4IA4JqRD5f9vVt+z75eFHWOM0SbJCZZuPAg4twJakGoXsSBpUi9Mxm7iu2
FHXqRJO+TCSOU/UJlTEXX+IP73N4QCxd5UHMn5Qu0sHQH8F7bRAMp1SIgncBsQu6
eofyFfJDfMf3Sf9jbQcVzV7jb61KZmDFWCW9senHqw3PVGV3hkdhWXLQXXCPPWpq
UxhEkyKzJVA2JsEj4jFcrS2qAQ9hYrXBhDlyFCWlS/00Ay9g+6ZK1nu8gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQkPaCZ12fodCeNSaWuKzF/zDeUMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfmXeHLg
iHPV3O7MRvmsiWpidQnfrNKOg6QOp0JZTxmXRl9MiIt7wCGguTXeuDNN683/duNd
DcLPTzg94TpxNy18DfqJXJdcFxTSOWLIIwBYmdKpDElHpIhN9ddlJBnoLSLoIMc6
malqClvu3rXVM19+WGOgyjKW4xuBRHvdGoOw00CJVSSVnMxm/mmgjDOYBkwYZh3B
kqG32eeoCaywL6CvBfiZ7+3eWub8LiiUJgB9YwGB7c+l9zrcHwajjfCVUS+IlBKo
1Emp0t7YZgt4Qr4EmOvbZFN+98gRCNSO8g3r+I40hktjSbVY6xaVXSAhn/ZvBhWR
u2JBGxCpmRXnug==
-----END CERTIFICATE-----