Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          wKu3Ju4a8n1OdPKs5XrT6d8avxaXsFJi/vAZEXf5ryc=
Subject key identifier:   62:5B:0C:0E:3D:9A:D3:AF:A0:FC:B4:24:66:4E:68:F8:FA:62:4D:ED
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       0196C1CB89C1BE55F597990460D41A0FB19C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          1531
Signing time:             Mon 12 May 2025 00:01:03 +0000
Manifest this update:     Mon 12 May 2025 00:01:03 +0000
Manifest next update:     Tue 13 May 2025 00:01:03 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: HN8bpPUxdnjb+7yhP5EVGqQecRjc+vWiSjgQ1o7K1OQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:cb:89:c1:be:55:f5:97:99:04:60:d4:1a:0f:b1:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: May 12 00:01:03 2025 GMT
            Not After : May 13 00:01:03 2025 GMT
        Subject: CN=625b0c0e3d9ad3afa0fcb424664e68f8fa624ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:14:24:e0:81:2b:aa:39:e4:0c:12:70:40:95:
                    21:32:57:ae:1e:fd:5b:12:ad:b6:43:7b:a7:64:e1:
                    b8:44:0a:06:14:62:93:f8:8a:4a:5a:b8:55:1c:b5:
                    46:cc:15:17:a8:a5:68:dc:0f:e0:a9:c0:39:17:59:
                    46:d9:d5:92:d9:56:eb:4c:ae:db:2f:7f:1b:33:56:
                    87:be:64:38:32:a9:57:b2:e6:52:6d:5f:e1:27:03:
                    40:a2:7b:ea:e4:e5:83:28:4d:77:0b:ae:14:72:62:
                    8a:a1:56:c2:90:52:1c:33:e8:41:70:aa:49:51:1b:
                    a5:a4:5b:f5:8a:20:af:fa:e9:cf:4d:65:84:67:a6:
                    da:13:77:a0:42:4f:67:19:06:22:82:fb:6e:e7:47:
                    f6:ac:21:10:9e:5b:40:dd:dd:84:6b:22:8a:c2:62:
                    85:9f:35:b3:59:15:98:37:f7:85:b5:f7:8e:9b:a6:
                    c0:6d:aa:46:77:93:84:aa:81:a0:47:15:09:37:97:
                    63:d4:c2:d5:c6:81:1b:d1:17:51:cd:86:a4:c3:ee:
                    75:63:e7:c8:b8:0d:2a:62:ea:3c:9a:4b:f0:91:d6:
                    d1:15:9d:75:98:66:12:5f:90:3d:d3:85:92:5b:4e:
                    99:57:64:62:3f:da:26:08:87:1a:25:a9:75:45:c5:
                    25:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:5B:0C:0E:3D:9A:D3:AF:A0:FC:B4:24:66:4E:68:F8:FA:62:4D:ED
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:63:fe:fe:74:0e:92:0f:04:03:d3:85:f9:56:fb:e1:af:24:
         23:e7:09:83:e7:05:ad:2a:d2:dc:1a:bf:2c:e8:3c:4d:65:e4:
         16:21:c7:e7:80:bc:e6:b9:f5:b5:da:8b:0c:ed:cf:68:69:a5:
         af:9c:c9:bf:c3:ce:c1:fc:bb:2b:5a:84:4a:58:ff:33:30:e6:
         ac:6d:1f:82:5b:b4:28:76:d5:a9:52:62:40:ba:e8:00:74:fc:
         6b:fb:a6:b7:86:6d:a6:3c:27:d9:d2:61:fd:6f:a3:4a:95:03:
         b7:1e:ed:1e:19:1b:6f:76:d0:49:f1:88:25:f0:e4:03:c9:4c:
         91:5a:f0:57:75:0d:78:2c:fc:09:98:14:c2:c6:e4:d9:aa:27:
         60:51:4e:05:78:1a:06:66:aa:d4:46:70:ce:47:8f:aa:fc:6d:
         4d:a4:0c:6c:88:f8:7a:18:29:21:0e:a6:a8:59:79:03:5f:1e:
         62:6a:bc:f1:51:2d:22:aa:83:65:9a:c5:21:51:13:b4:26:86:
         52:2c:0a:ed:e7:50:56:e8:e3:9e:43:72:2c:df:d4:be:52:27:
         c5:3b:d0:9d:9f:b1:4d:da:a1:8e:97:97:e6:f0:72:05:9f:f1:
         ca:86:63:4d:83:f6:40:d6:a6:cd:a0:d2:9c:0b:9d:46:b9:fd:
         a0:6e:56:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBy4nBvlX1l5kEYNQaD7GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNTEyMDAwMTAzWhcNMjUwNTEzMDAwMTAzWjAzMTEwLwYDVQQD
Eyg2MjViMGMwZTNkOWFkM2FmYTBmY2I0MjQ2NjRlNjhmOGZhNjI0ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQk4IErqjnkDBJwQJUhMleuHv1b
Eq22Q3unZOG4RAoGFGKT+IpKWrhVHLVGzBUXqKVo3A/gqcA5F1lG2dWS2VbrTK7b
L38bM1aHvmQ4MqlXsuZSbV/hJwNAonvq5OWDKE13C64UcmKKoVbCkFIcM+hBcKpJ
URulpFv1iiCv+unPTWWEZ6baE3egQk9nGQYigvtu50f2rCEQnltA3d2EayKKwmKF
nzWzWRWYN/eFtfeOm6bAbapGd5OEqoGgRxUJN5dj1MLVxoEb0RdRzYakw+51Y+fI
uA0qYuo8mkvwkdbRFZ11mGYSX5A904WSW06ZV2RiP9omCIcaJal1RcUlEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJbDA49mtOvoPy0JGZOaPj6Yk3tMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGP+/nQO
kg8EA9OF+Vb74a8kI+cJg+cFrSrS3Bq/LOg8TWXkFiHH54C85rn1tdqLDO3PaGml
r5zJv8POwfy7K1qESlj/MzDmrG0fglu0KHbVqVJiQLroAHT8a/umt4Ztpjwn2dJh
/W+jSpUDtx7tHhkbb3bQSfGIJfDkA8lMkVrwV3UNeCz8CZgUwsbk2aonYFFOBXga
Bmaq1EZwzkePqvxtTaQMbIj4ehgpIQ6mqFl5A18eYmq88VEtIqqDZZrFIVETtCaG
UiwK7edQVujjnkNyLN/UvlInxTvQnZ+xTdqhjpeX5vByBZ/xyoZjTYP2QNamzaDS
nAudRrn9oG5WeQ==
-----END CERTIFICATE-----