Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
File:                     _hEX6Xaz4zlTuTYbtLseui9Ane0.mft (raw, json)
Hash identifier:          cwYJcMLGoCJSRkVoJ2HKuhJabjUNchSN5F38z5MZguI=
Subject key identifier:   EA:5E:C1:49:39:EC:21:4A:E8:1C:F9:47:F3:17:37:99:7C:F5:E6:D3
Authority key identifier: FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED
Certificate issuer:       /CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
Certificate serial:       019674F9A29A041421A63FE5D826D9763ACF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
Manifest number:          062B
Signing time:             Sun 27 Apr 2025 02:00:39 +0000
Manifest this update:     Sun 27 Apr 2025 02:00:39 +0000
Manifest next update:     Mon 28 Apr 2025 02:00:39 +0000
Files and hashes:         1: _hEX6Xaz4zlTuTYbtLseui9Ane0.crl (hash: jDN+KZwZC8JZU0OKTnkCs1e61fX9OlZ1ueqpW8B8Eqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:f9:a2:9a:04:14:21:a6:3f:e5:d8:26:d9:76:3a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
        Validity
            Not Before: Apr 27 02:00:39 2025 GMT
            Not After : Apr 28 02:00:39 2025 GMT
        Subject: CN=ea5ec14939ec214ae81cf947f31737997cf5e6d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:bf:d9:1c:09:a3:ac:71:db:95:fb:41:8b:ec:
                    6e:f8:5e:88:e7:9f:9d:5f:10:cb:55:53:52:48:30:
                    00:ea:0a:90:91:26:45:5a:a4:9e:a5:d5:cb:80:77:
                    ed:3d:f8:75:c9:ce:c2:81:3b:44:f5:e5:76:e5:23:
                    a9:84:36:a9:e4:0d:d9:8a:7a:2d:1e:83:db:05:66:
                    ec:95:12:e6:47:3a:bb:0a:b6:4f:1a:68:e7:1f:26:
                    9b:0e:2e:f1:6f:39:54:ea:ea:58:67:a6:46:6a:60:
                    12:26:12:70:7f:68:1c:cd:90:9b:a1:d5:eb:fe:9e:
                    cb:85:e1:6c:18:d5:8e:00:d0:a7:4a:3d:31:36:0b:
                    eb:e0:0e:c9:ee:fc:6a:48:b2:f8:73:26:de:b4:65:
                    19:d9:c5:e4:b8:74:11:ca:a1:71:08:6b:a7:8b:9e:
                    6e:c0:3c:9e:b8:90:fa:8d:14:8c:e6:52:de:2d:d7:
                    05:03:ca:ce:52:c2:99:24:47:a8:19:72:ec:29:04:
                    ab:5b:d5:bc:92:8e:6e:4d:75:73:0a:13:bb:10:22:
                    78:56:2a:db:9e:d1:07:7b:86:4a:b7:82:56:89:65:
                    b0:07:3a:22:2e:4c:cf:d8:b4:ec:ef:eb:e4:a1:6c:
                    9c:33:32:9f:42:e3:3d:ef:a2:7f:53:3f:9a:49:c0:
                    cb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:5E:C1:49:39:EC:21:4A:E8:1C:F9:47:F3:17:37:99:7C:F5:E6:D3
            X509v3 Authority Key Identifier:
                keyid:FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:0a:68:dd:e8:1d:5f:c0:e2:32:fb:4e:21:f0:68:dc:d3:3c:
         05:f4:db:b4:37:3b:ef:59:7c:19:d1:e1:54:2b:9b:4d:c3:d9:
         63:2c:fd:df:9e:1a:28:2d:86:fe:ed:6b:af:f2:a0:16:95:81:
         a7:22:78:ba:cc:c9:65:d2:5f:d1:a1:6d:42:62:33:c6:93:80:
         7f:10:ac:8b:53:ba:5e:3d:99:3f:c2:de:3f:63:3c:91:c7:f6:
         29:77:54:d4:df:71:24:7f:31:37:ab:d7:b5:2d:85:ae:0c:b1:
         d9:c6:6f:a7:1e:f9:8b:2a:91:2c:72:db:80:01:ee:9f:b1:4b:
         8e:f2:f8:0c:1f:00:31:31:52:d6:a7:88:d8:b1:ec:38:e3:e6:
         03:df:c9:ea:13:60:4e:08:83:4a:b8:db:c3:9e:a8:71:0a:7c:
         84:6b:05:b2:96:71:78:67:4c:bc:7d:37:93:4a:01:60:82:81:
         72:9a:f6:7f:3e:db:a2:2e:fe:be:d6:5b:13:01:3f:4c:ae:3c:
         54:e0:d0:d6:34:e1:c9:d0:1a:b2:e8:db:a9:f6:03:62:e3:fb:
         9c:9f:c6:f1:00:b0:4e:35:d8:aa:06:d4:e8:9a:6c:71:7b:a3:
         6a:4d:9d:3f:8d:e4:c5:46:8b:43:33:f7:e9:ca:63:f8:82:be:
         88:5e:aa:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0+aKaBBQhpj/l2CbZdjrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMTExN2U5NzZiM2UzMzk1M2I5MzYxYmI0YmIxZWJhMmY0
MDlkZWQwHhcNMjUwNDI3MDIwMDM5WhcNMjUwNDI4MDIwMDM5WjAzMTEwLwYDVQQD
EyhlYTVlYzE0OTM5ZWMyMTRhZTgxY2Y5NDdmMzE3Mzc5OTdjZjVlNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL/ZHAmjrHHblftBi+xu+F6I55+d
XxDLVVNSSDAA6gqQkSZFWqSepdXLgHftPfh1yc7CgTtE9eV25SOphDap5A3Zinot
HoPbBWbslRLmRzq7CrZPGmjnHyabDi7xbzlU6upYZ6ZGamASJhJwf2gczZCbodXr
/p7LheFsGNWOANCnSj0xNgvr4A7J7vxqSLL4cybetGUZ2cXkuHQRyqFxCGuni55u
wDyeuJD6jRSM5lLeLdcFA8rOUsKZJEeoGXLsKQSrW9W8ko5uTXVzChO7ECJ4Virb
ntEHe4ZKt4JWiWWwBzoiLkzP2LTs7+vkoWycMzKfQuM976J/Uz+aScDLswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpewUk57CFK6Bz5R/MXN5l89ebTMB8GA1UdIwQY
MBaAFP4RF+l2s+M5U7k2G7S7HrovQJ3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2Ut
ODQ2ZTFmNDFmYzYyLzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2UtODQ2ZTFmNDFmYzYy
LzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkApo3egd
X8DiMvtOIfBo3NM8BfTbtDc771l8GdHhVCubTcPZYyz9354aKC2G/u1rr/KgFpWB
pyJ4uszJZdJf0aFtQmIzxpOAfxCsi1O6Xj2ZP8LeP2M8kcf2KXdU1N9xJH8xN6vX
tS2Frgyx2cZvpx75iyqRLHLbgAHun7FLjvL4DB8AMTFS1qeI2LHsOOPmA9/J6hNg
TgiDSrjbw56ocQp8hGsFspZxeGdMvH03k0oBYIKBcpr2fz7boi7+vtZbEwE/TK48
VODQ1jThydAasujbqfYDYuP7nJ/G8QCwTjXYqgbU6JpscXujak2dP43kxUaLQzP3
6cpj+IK+iF6qiw==
-----END CERTIFICATE-----