Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          DHc8ug4nj9UL09XpyMJ2U4+mJiFsuxi4FaKrBitM5xQ=
Subject key identifier:   1A:AE:38:30:6E:5C:BF:EB:C4:F4:65:7D:54:ED:0B:62:05:D4:31:0F
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       01976BF43CE7A42E2B95BDE59579A113AD5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 01:00:57 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:57 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:57 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: qo5w2GMIyN7zholR61Zq6oyHU+8UwPfBfvlgEFKHK0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:3c:e7:a4:2e:2b:95:bd:e5:95:79:a1:13:ad:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Jun 14 01:00:57 2025 GMT
            Not After : Jun 15 01:00:57 2025 GMT
        Subject: CN=1aae38306e5cbfebc4f4657d54ed0b6205d4310f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fc:eb:4f:3b:a9:ed:f1:ae:f1:80:1c:ad:91:
                    ee:65:c9:f5:91:ec:88:1c:11:64:42:2b:3e:4a:03:
                    3b:48:94:64:61:89:58:b0:a0:68:9a:28:a2:cb:32:
                    03:4e:5a:a4:1b:12:09:3c:da:9e:c0:52:00:42:a7:
                    ec:e5:98:c9:54:31:cd:fa:a2:7d:c9:9e:8d:43:99:
                    06:44:bc:9c:4b:4c:78:6d:39:44:f5:e8:84:db:c7:
                    34:06:e2:ea:2b:24:d2:c7:56:62:a1:15:34:9f:c4:
                    cb:a2:fa:6a:f2:3e:b4:51:a8:91:e4:a3:b8:15:9f:
                    a9:ee:fa:ee:fc:b1:01:e7:92:65:cf:a5:52:39:86:
                    26:30:64:ed:11:91:20:f5:b8:46:0b:9b:3e:17:53:
                    1d:73:f3:98:a5:71:3a:cc:8d:77:02:fc:aa:c8:7f:
                    e7:31:ec:61:1a:a2:69:cf:ea:e6:ce:ee:3d:82:f7:
                    c5:e5:2a:82:e1:3f:58:04:9e:1c:c6:b4:b6:f1:5d:
                    65:57:a0:3d:09:8d:a0:15:76:dd:39:af:48:84:2b:
                    84:de:bd:18:ae:f7:2d:57:ac:5a:30:db:42:0a:37:
                    73:14:f2:98:d7:a1:8c:b4:ea:b3:69:1d:25:51:57:
                    06:47:a3:ca:39:45:55:d2:db:49:f1:a5:ca:bf:89:
                    f3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:AE:38:30:6E:5C:BF:EB:C4:F4:65:7D:54:ED:0B:62:05:D4:31:0F
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:95:55:21:0a:62:25:21:9c:60:97:1d:6b:d7:61:76:f6:de:
         10:1c:29:e5:f9:de:8f:0b:f8:f0:24:08:cd:45:5c:57:44:20:
         44:60:0d:1e:43:9c:9d:82:54:01:27:db:35:84:c5:db:3b:d5:
         8a:a9:cf:a4:1a:a0:91:19:16:dd:5a:87:6f:44:d7:b1:7d:ac:
         7b:75:00:92:21:0d:ce:76:77:de:a4:d8:b1:a0:44:8a:d8:42:
         83:f2:ab:7a:3a:33:e6:90:e0:9e:07:8c:80:73:bd:c8:96:b0:
         1f:91:72:cc:42:ee:2a:69:6a:41:01:c1:30:fe:fe:9e:88:e1:
         b4:90:34:78:0b:d8:68:53:90:89:60:12:d9:97:11:ec:3a:5b:
         92:3c:36:92:e9:13:17:b0:50:e6:f1:9d:0d:f8:5b:20:7e:ad:
         32:3c:46:18:3e:a5:63:e7:cb:ba:c2:70:63:35:0d:2b:61:cc:
         30:96:2c:77:d1:d7:0e:1d:e2:3d:2d:4d:1a:92:2c:a0:cb:32:
         7f:35:ef:9e:99:bd:e6:bc:41:32:88:32:d7:90:fe:f5:60:f7:
         64:d8:9a:ca:c3:b5:cc:ec:92:b7:e8:29:8a:15:30:aa:20:68:
         cb:0b:34:2f:ff:5a:a0:ea:b4:9f:b8:7f:18:fb:7b:56:84:76:
         2f:c6:fd:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9DznpC4rlb3llXmhE61fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUwNjE0MDEwMDU3WhcNMjUwNjE1MDEwMDU3WjAzMTEwLwYDVQQD
EygxYWFlMzgzMDZlNWNiZmViYzRmNDY1N2Q1NGVkMGI2MjA1ZDQzMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufzrTzup7fGu8YAcrZHuZcn1keyI
HBFkQis+SgM7SJRkYYlYsKBomiiiyzIDTlqkGxIJPNqewFIAQqfs5ZjJVDHN+qJ9
yZ6NQ5kGRLycS0x4bTlE9eiE28c0BuLqKyTSx1ZioRU0n8TLovpq8j60UaiR5KO4
FZ+p7vru/LEB55Jlz6VSOYYmMGTtEZEg9bhGC5s+F1Mdc/OYpXE6zI13AvyqyH/n
MexhGqJpz+rmzu49gvfF5SqC4T9YBJ4cxrS28V1lV6A9CY2gFXbdOa9IhCuE3r0Y
rvctV6xaMNtCCjdzFPKY16GMtOqzaR0lUVcGR6PKOUVV0ttJ8aXKv4nz7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBquODBuXL/rxPRlfVTtC2IF1DEPMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5VVIQpi
JSGcYJcda9dhdvbeEBwp5fnejwv48CQIzUVcV0QgRGANHkOcnYJUASfbNYTF2zvV
iqnPpBqgkRkW3VqHb0TXsX2se3UAkiENznZ33qTYsaBEithCg/Krejoz5pDgngeM
gHO9yJawH5FyzELuKmlqQQHBMP7+nojhtJA0eAvYaFOQiWAS2ZcR7Dpbkjw2kukT
F7BQ5vGdDfhbIH6tMjxGGD6lY+fLusJwYzUNK2HMMJYsd9HXDh3iPS1NGpIsoMsy
fzXvnpm95rxBMogy15D+9WD3ZNiaysO1zOySt+gpihUwqiBoyws0L/9aoOq0n7h/
GPt7VoR2L8b9hw==
-----END CERTIFICATE-----