Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.mft
File:                     B9Ok5mL3EpVnzRij4ZvnuvKBpKM.mft (raw, json)
Hash identifier:          cHeSh//nBe/qJBNto+uJdWEkMoY9uaeDyJ1IQZaGt2Q=
Subject key identifier:   9F:52:E5:2E:37:D7:27:90:4A:4F:EB:2F:2B:DF:F0:22:B0:F6:C6:A5
Authority key identifier: 07:D3:A4:E6:62:F7:12:95:67:CD:18:A3:E1:9B:E7:BA:F2:81:A4:A3
Certificate issuer:       /CN=07d3a4e662f7129567cd18a3e19be7baf281a4a3
Certificate serial:       01969DF5ADA2A829A15F44C5B1FBA8E21C45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.mft
Manifest number:          022D
Signing time:             Mon 05 May 2025 01:00:45 +0000
Manifest this update:     Mon 05 May 2025 01:00:45 +0000
Manifest next update:     Tue 06 May 2025 01:00:45 +0000
Files and hashes:         1: B9Ok5mL3EpVnzRij4ZvnuvKBpKM.crl (hash: ZwAzRQROl5HDnQcfI7kOxW5wVqZcE9HQi1Mc/vHuA4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:f5:ad:a2:a8:29:a1:5f:44:c5:b1:fb:a8:e2:1c:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07d3a4e662f7129567cd18a3e19be7baf281a4a3
        Validity
            Not Before: May  5 01:00:45 2025 GMT
            Not After : May  6 01:00:45 2025 GMT
        Subject: CN=9f52e52e37d727904a4feb2f2bdff022b0f6c6a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:46:76:2b:5b:22:b9:be:b3:21:cf:4d:e6:62:
                    4a:6e:ca:f2:09:c6:54:67:96:42:de:c3:32:4e:0e:
                    8a:69:31:66:e4:60:87:95:7a:6e:15:78:77:5e:fb:
                    00:44:cc:b3:15:0d:a2:ec:c5:8e:fc:c1:ca:57:83:
                    5c:33:17:29:fe:bb:65:19:13:65:31:d1:60:d9:44:
                    19:64:d6:52:00:0a:8f:f6:5d:b3:03:ae:b7:97:ed:
                    be:e8:0d:bc:5d:b5:9e:50:40:4a:d0:59:d6:8f:22:
                    be:63:12:6b:75:24:d1:2c:2b:03:cd:47:f5:2a:03:
                    da:d9:9b:2f:87:31:7c:1d:20:9d:71:61:15:bb:e4:
                    78:fe:d1:00:02:d8:46:7c:f1:32:14:41:b7:29:06:
                    ad:0b:04:f5:11:08:20:5c:d4:63:8c:0c:29:7d:52:
                    8f:33:9c:74:99:c4:e5:7f:a5:80:d0:75:94:c1:aa:
                    85:cd:cb:a5:ba:02:9b:8d:b4:c3:d9:34:71:8d:58:
                    10:ac:92:ef:6d:48:a2:8a:30:17:e5:d5:d9:c2:3a:
                    1e:c3:fa:c8:1b:aa:8a:b3:3d:7f:2f:07:c9:78:14:
                    a7:db:b9:84:22:70:5a:0f:93:1b:46:e0:12:04:36:
                    5f:6a:54:0f:a7:c4:c7:c7:0b:ce:11:06:80:ab:a5:
                    9c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:52:E5:2E:37:D7:27:90:4A:4F:EB:2F:2B:DF:F0:22:B0:F6:C6:A5
            X509v3 Authority Key Identifier:
                keyid:07:D3:A4:E6:62:F7:12:95:67:CD:18:A3:E1:9B:E7:BA:F2:81:A4:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40d57a-44d3-41d5-8b41-69705b37698e/1/B9Ok5mL3EpVnzRij4ZvnuvKBpKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:2a:f4:bc:ff:8f:4a:b3:21:ad:72:ea:9e:b1:4b:47:7f:d3:
         64:12:48:01:c9:4b:d7:e3:bc:d8:d6:2f:9a:83:da:36:f7:0c:
         70:34:ab:d8:e7:60:5a:10:fb:2b:18:0d:f6:ae:4b:58:36:a3:
         58:95:d8:fc:6d:73:0d:2c:6b:22:dc:c9:f8:0c:ca:98:fd:57:
         7c:00:19:58:60:64:05:d9:73:4f:4a:1b:7d:cb:44:dd:95:83:
         3c:93:c6:fb:ee:ad:a8:18:d5:c3:61:89:54:e9:25:1a:15:c9:
         17:70:19:f3:1e:58:a1:07:64:f9:5a:91:88:fc:bc:84:eb:88:
         35:92:d9:5b:eb:19:3a:d4:86:70:c9:26:af:5c:a1:35:51:fb:
         c6:34:86:11:7f:27:59:a6:27:5a:c1:58:90:3b:d4:5c:f7:c4:
         3a:a9:43:18:49:1f:7b:b0:f0:90:96:54:56:42:af:4c:be:1c:
         25:e8:06:58:6a:20:57:8d:e9:49:2f:a5:17:f1:e1:86:c2:7a:
         7e:bd:53:ec:77:67:06:6d:2f:e4:f2:08:32:91:1c:58:b8:75:
         69:f6:f9:19:fe:2a:b9:f7:c0:6d:ed:cf:23:ed:35:3f:0a:72:
         b0:53:3b:9a:e1:34:a9:bb:6c:05:fd:4b:f1:ce:29:fe:79:44:
         f7:15:52:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZad9a2iqCmhX0TFsfuo4hxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDNhNGU2NjJmNzEyOTU2N2NkMThhM2UxOWJlN2JhZjI4
MWE0YTMwHhcNMjUwNTA1MDEwMDQ1WhcNMjUwNTA2MDEwMDQ1WjAzMTEwLwYDVQQD
Eyg5ZjUyZTUyZTM3ZDcyNzkwNGE0ZmViMmYyYmRmZjAyMmIwZjZjNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukZ2K1siub6zIc9N5mJKbsryCcZU
Z5ZC3sMyTg6KaTFm5GCHlXpuFXh3XvsARMyzFQ2i7MWO/MHKV4NcMxcp/rtlGRNl
MdFg2UQZZNZSAAqP9l2zA663l+2+6A28XbWeUEBK0FnWjyK+YxJrdSTRLCsDzUf1
KgPa2ZsvhzF8HSCdcWEVu+R4/tEAAthGfPEyFEG3KQatCwT1EQggXNRjjAwpfVKP
M5x0mcTlf6WA0HWUwaqFzculugKbjbTD2TRxjVgQrJLvbUiiijAX5dXZwjoew/rI
G6qKsz1/LwfJeBSn27mEInBaD5MbRuASBDZfalQPp8THxwvOEQaAq6WccwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9S5S431yeQSk/rLyvf8CKw9salMB8GA1UdIwQY
MBaAFAfTpOZi9xKVZ80Yo+Gb57rygaSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlPazVtTDNFcFZuelJpajRadm51dktCcEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGQ1N2EtNDRkMy00MWQ1LThiNDEt
Njk3MDViMzc2OThlLzEvQjlPazVtTDNFcFZuelJpajRadm51dktCcEtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGQ1N2EtNDRkMy00MWQ1LThiNDEtNjk3MDViMzc2OThl
LzEvQjlPazVtTDNFcFZuelJpajRadm51dktCcEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIyr0vP+P
SrMhrXLqnrFLR3/TZBJIAclL1+O82NYvmoPaNvcMcDSr2OdgWhD7KxgN9q5LWDaj
WJXY/G1zDSxrItzJ+AzKmP1XfAAZWGBkBdlzT0obfctE3ZWDPJPG++6tqBjVw2GJ
VOklGhXJF3AZ8x5YoQdk+VqRiPy8hOuINZLZW+sZOtSGcMkmr1yhNVH7xjSGEX8n
WaYnWsFYkDvUXPfEOqlDGEkfe7DwkJZUVkKvTL4cJegGWGogV43pSS+lF/HhhsJ6
fr1T7HdnBm0v5PIIMpEcWLh1afb5Gf4quffAbe3PI+01PwpysFM7muE0qbtsBf1L
8c4p/nlE9xVSxA==
-----END CERTIFICATE-----