Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          v7xbeNOusvrgqObGzSXRjaSZSmlU6M1mBF924rxgDpo=
Subject key identifier:   9B:94:46:FA:E1:9F:5D:1C:77:B7:5B:41:4E:E6:D4:D5:6B:4E:3D:CF
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       0196B4B4608C757A243A5D5CC6DDD8504577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          0F27
Signing time:             Fri 09 May 2025 11:00:42 +0000
Manifest this update:     Fri 09 May 2025 11:00:42 +0000
Manifest next update:     Sat 10 May 2025 11:00:42 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: dGyWupPyUbEikJiGIwfRuE9vjHHvVEXGjXsw3HN7jnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:b4:60:8c:75:7a:24:3a:5d:5c:c6:dd:d8:50:45:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: May  9 11:00:42 2025 GMT
            Not After : May 10 11:00:42 2025 GMT
        Subject: CN=9b9446fae19f5d1c77b75b414ee6d4d56b4e3dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:3f:9b:76:f4:64:99:c5:84:0b:78:f2:cc:58:
                    d3:74:71:d0:82:24:db:7f:e1:85:87:ca:72:9d:ae:
                    5e:48:6d:8f:a8:d6:8b:b9:38:6f:45:9f:9d:c7:09:
                    00:53:83:8b:89:72:66:62:97:0a:5a:89:b4:91:1d:
                    2a:16:51:70:6d:91:51:8e:c1:98:2f:7c:5a:39:47:
                    d8:c4:35:97:91:b9:a2:e0:61:a3:46:d9:43:a4:5c:
                    f1:3a:aa:d0:9f:38:22:5c:85:fd:de:7f:f5:7d:cf:
                    69:3a:d1:c2:71:c1:a3:10:38:e9:2c:36:7d:bb:92:
                    5e:b9:4c:96:50:0d:7f:9e:94:18:91:b0:73:38:ba:
                    00:2f:e5:53:82:ac:29:46:2a:51:89:fb:74:f4:0a:
                    85:b5:23:bd:b5:9b:b8:6c:42:ac:49:01:4a:54:fd:
                    5b:2c:e2:95:ad:68:d0:7b:92:96:2f:95:58:55:66:
                    2d:26:8e:a8:c4:f8:9c:77:90:a1:cb:e2:66:c9:ff:
                    4a:e6:6a:8b:b6:a4:2e:fa:c4:b0:fd:4a:fb:8b:59:
                    25:5e:92:94:7f:96:ba:61:7c:bc:e0:6c:38:da:6c:
                    9b:d7:ce:53:7a:e2:1e:52:7f:73:30:a0:fa:ba:20:
                    f9:5a:2a:3a:a0:77:4f:ac:e0:dd:ab:a6:0e:e5:1d:
                    61:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:94:46:FA:E1:9F:5D:1C:77:B7:5B:41:4E:E6:D4:D5:6B:4E:3D:CF
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:02:a0:f5:36:ef:54:7b:45:37:c2:62:df:7b:5d:02:05:ed:
         9e:a8:6a:f2:ef:fb:c7:b1:1d:18:0a:6e:d3:31:84:21:e4:e9:
         25:d7:f7:ff:d9:8c:b8:f8:c2:e5:21:f6:99:d2:6b:7d:01:e5:
         86:40:0e:8c:a2:69:83:34:6c:b1:c1:6a:21:ae:cf:b1:f4:01:
         14:15:8a:4c:91:8b:30:1b:a6:03:a7:32:ae:93:5a:65:ab:82:
         ba:3d:6c:44:20:b2:1e:db:11:bc:e7:ad:59:b0:48:de:08:81:
         3e:db:29:be:98:ba:64:39:c0:4b:1d:24:92:d5:9c:96:a1:51:
         af:ea:48:a6:f5:60:bc:c2:91:38:a1:e1:42:74:cd:27:17:e8:
         0f:99:44:56:b2:4a:85:8a:83:f7:bd:a7:b0:8c:2d:25:b8:2b:
         3a:3e:c0:c3:af:39:b6:40:ad:c0:57:ed:7a:00:b8:fe:6c:94:
         f9:cf:4c:f8:8c:c5:ab:cd:2d:3f:b2:09:f7:41:8c:f4:83:ad:
         f3:2d:82:59:83:8e:7a:37:6d:e0:e4:50:57:70:07:3b:e6:a1:
         b7:34:d3:28:03:f0:1e:d8:70:c6:ae:70:14:0a:96:fa:c6:08:
         1c:29:97:c3:17:d9:b0:7e:86:95:34:28:15:4a:68:6d:12:33:
         22:00:f8:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa0tGCMdXokOl1cxt3YUEV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUwNTA5MTEwMDQyWhcNMjUwNTEwMTEwMDQyWjAzMTEwLwYDVQQD
Eyg5Yjk0NDZmYWUxOWY1ZDFjNzdiNzViNDE0ZWU2ZDRkNTZiNGUzZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z+bdvRkmcWEC3jyzFjTdHHQgiTb
f+GFh8pyna5eSG2PqNaLuThvRZ+dxwkAU4OLiXJmYpcKWom0kR0qFlFwbZFRjsGY
L3xaOUfYxDWXkbmi4GGjRtlDpFzxOqrQnzgiXIX93n/1fc9pOtHCccGjEDjpLDZ9
u5JeuUyWUA1/npQYkbBzOLoAL+VTgqwpRipRift09AqFtSO9tZu4bEKsSQFKVP1b
LOKVrWjQe5KWL5VYVWYtJo6oxPicd5Chy+Jmyf9K5mqLtqQu+sSw/Ur7i1klXpKU
f5a6YXy84Gw42myb185TeuIeUn9zMKD6uiD5Wio6oHdPrODdq6YO5R1hNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuURvrhn10cd7dbQU7m1NVrTj3PMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQKg9Tbv
VHtFN8Ji33tdAgXtnqhq8u/7x7EdGApu0zGEIeTpJdf3/9mMuPjC5SH2mdJrfQHl
hkAOjKJpgzRsscFqIa7PsfQBFBWKTJGLMBumA6cyrpNaZauCuj1sRCCyHtsRvOet
WbBI3giBPtspvpi6ZDnASx0kktWclqFRr+pIpvVgvMKROKHhQnTNJxfoD5lEVrJK
hYqD972nsIwtJbgrOj7Aw685tkCtwFftegC4/myU+c9M+IzFq80tP7IJ90GM9IOt
8y2CWYOOejdt4ORQV3AHO+ahtzTTKAPwHthwxq5wFAqW+sYIHCmXwxfZsH6GlTQo
FUpobRIzIgD4Yw==
-----END CERTIFICATE-----