Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          A9nX4fpEl4hVhohLB7INXIw6dFh7gMWL4G2SOFb7nM8=
Subject key identifier:   A6:3B:DD:4D:84:D6:E0:76:C0:00:4F:2E:51:AA:2D:56:52:3E:EF:C5
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       019679E8FF1F07BC6BA6A595DACDB4A29343
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          0843
Signing time:             Mon 28 Apr 2025 01:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 01:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 01:00:34 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: HFK3utL7sPOrHwz2qOXXwZ76r4kWIs+MLD3N8IhGj4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 01:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e8:ff:1f:07:bc:6b:a6:a5:95:da:cd:b4:a2:93:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Apr 28 01:00:34 2025 GMT
            Not After : Apr 29 01:00:34 2025 GMT
        Subject: CN=a63bdd4d84d6e076c0004f2e51aa2d56523eefc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:52:be:3c:0a:77:f1:62:b4:55:27:76:8e:87:
                    4e:d4:98:5f:09:bb:32:00:1e:a0:2e:28:1d:b3:e0:
                    00:06:e0:9a:88:1d:7e:8a:58:fa:86:d1:32:f0:f4:
                    b6:18:52:77:b3:98:b8:c5:62:fc:53:d1:da:4b:07:
                    d6:cd:79:26:38:5b:9f:5f:fb:df:c3:25:d4:52:dd:
                    98:50:c5:ee:fb:92:ab:33:d1:2e:62:a0:d0:a7:e8:
                    f0:ec:f1:51:78:d7:94:13:39:6d:49:14:c3:5a:32:
                    d7:68:1b:66:17:92:5d:0b:43:87:16:98:32:db:df:
                    dd:88:33:59:fb:94:1f:e5:aa:86:df:a3:5c:f3:49:
                    3f:09:c1:62:c7:95:90:13:62:fb:0c:cd:69:c9:c9:
                    76:c7:43:c3:40:5d:8b:a1:c1:e2:5f:5a:d4:96:c1:
                    8e:86:31:59:0d:c6:8c:47:3c:45:70:86:3b:29:16:
                    0e:55:90:4d:1b:f4:f8:e6:8e:17:7e:61:43:0f:ec:
                    d5:c1:f5:21:f3:62:74:3d:b0:39:9f:5f:e9:34:c9:
                    88:a0:5f:fa:2e:3b:b6:1c:fa:02:9d:98:95:f5:5e:
                    ba:b3:d3:eb:59:30:b2:a5:90:dc:41:66:02:f4:cf:
                    b2:66:73:0b:f6:39:b9:a7:61:31:4d:d0:5d:6a:e5:
                    a2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:3B:DD:4D:84:D6:E0:76:C0:00:4F:2E:51:AA:2D:56:52:3E:EF:C5
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:d5:63:6b:15:b8:f4:42:bd:e6:a4:7c:eb:6e:82:57:99:88:
         f6:09:68:9e:ee:64:68:da:01:02:47:38:02:af:51:39:b4:d8:
         0f:bb:f9:26:c3:d7:55:46:b2:3d:ab:b8:e1:c3:88:f2:90:49:
         11:3e:81:b3:cb:fb:a1:c1:7b:3f:6e:da:a7:b3:11:fe:84:67:
         65:44:7b:f7:51:0f:0d:49:5a:a2:ad:e0:54:65:59:eb:b7:c2:
         e1:d9:92:00:02:6e:e3:91:94:6a:c8:ac:f2:59:1d:84:18:85:
         e6:d1:88:8b:e3:16:a7:cf:79:2a:95:f8:e9:b3:b1:00:b2:66:
         f3:34:9c:b1:51:b4:bc:58:cf:e5:23:1f:ca:a6:fe:83:d6:e9:
         98:23:1b:46:08:ed:4c:e1:ca:75:b2:e7:38:9a:db:c6:ce:20:
         b7:51:01:33:df:fb:81:16:f0:fb:59:9a:43:bf:8f:29:55:7d:
         1e:45:b4:e9:c7:76:20:d2:fc:20:d3:ee:8b:a1:f4:de:5b:cf:
         6f:17:ab:f7:c2:73:3c:2c:d7:aa:bb:d4:de:4d:e8:21:e2:f4:
         8f:58:2d:2c:97:36:33:33:5d:47:60:37:07:95:9e:3f:bf:16:
         2c:8b:58:fa:a7:01:32:bc:5e:66:a8:f0:45:b6:63:d7:20:10:
         a9:cc:33:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56P8fB7xrpqWV2s20opNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjUwNDI4MDEwMDM0WhcNMjUwNDI5MDEwMDM0WjAzMTEwLwYDVQQD
EyhhNjNiZGQ0ZDg0ZDZlMDc2YzAwMDRmMmU1MWFhMmQ1NjUyM2VlZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lK+PAp38WK0VSd2jodO1JhfCbsy
AB6gLigds+AABuCaiB1+ilj6htEy8PS2GFJ3s5i4xWL8U9HaSwfWzXkmOFufX/vf
wyXUUt2YUMXu+5KrM9EuYqDQp+jw7PFReNeUEzltSRTDWjLXaBtmF5JdC0OHFpgy
29/diDNZ+5Qf5aqG36Nc80k/CcFix5WQE2L7DM1pycl2x0PDQF2LocHiX1rUlsGO
hjFZDcaMRzxFcIY7KRYOVZBNG/T45o4XfmFDD+zVwfUh82J0PbA5n1/pNMmIoF/6
Lju2HPoCnZiV9V66s9PrWTCypZDcQWYC9M+yZnML9jm5p2ExTdBdauWifQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKY73U2E1uB2wABPLlGqLVZSPu/FMB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI9VjaxW4
9EK95qR8626CV5mI9glonu5kaNoBAkc4Aq9RObTYD7v5JsPXVUayPau44cOI8pBJ
ET6Bs8v7ocF7P27ap7MR/oRnZUR791EPDUlaoq3gVGVZ67fC4dmSAAJu45GUasis
8lkdhBiF5tGIi+MWp895KpX46bOxALJm8zScsVG0vFjP5SMfyqb+g9bpmCMbRgjt
TOHKdbLnOJrbxs4gt1EBM9/7gRbw+1maQ7+PKVV9HkW06cd2INL8INPui6H03lvP
bxer98JzPCzXqrvU3k3oIeL0j1gtLJc2MzNdR2A3B5WeP78WLItY+qcBMrxeZqjw
RbZj1yAQqcwzjw==
-----END CERTIFICATE-----