Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          U23tTV7zDUgJbUYRTCeczXJJ+3WMZyTommpdbY+hTPM=
Subject key identifier:   07:A1:2E:E4:3C:1B:21:B3:23:95:D5:25:A6:76:F3:99:AC:2E:B9:F5
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       0196741DAA98994822A78668081BC79C228A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          120A
Signing time:             Sat 26 Apr 2025 22:00:23 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:23 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:23 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: BjQ+EkKrDqND6GTGMeZZCivZQGZBPaNF8oOHTP8wWaw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1d:aa:98:99:48:22:a7:86:68:08:1b:c7:9c:22:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Apr 26 22:00:23 2025 GMT
            Not After : Apr 27 22:00:23 2025 GMT
        Subject: CN=07a12ee43c1b21b32395d525a676f399ac2eb9f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:90:50:93:fa:56:91:5b:ef:e6:b9:12:be:bd:
                    4d:80:2a:97:90:89:81:03:a7:7b:28:45:76:04:0a:
                    53:3b:24:3e:26:25:73:10:0d:53:12:d1:5e:05:2c:
                    84:43:9c:7f:b5:eb:a7:38:69:44:e9:e3:13:85:34:
                    cc:39:7c:9c:fb:4d:1a:e9:20:b2:aa:d7:1f:96:d6:
                    71:e0:13:f1:c0:aa:9f:20:3b:00:c5:db:e3:92:ab:
                    39:b4:ea:20:e3:78:a0:3d:27:bd:5c:e2:56:93:3b:
                    9b:bd:ed:d6:2d:50:71:27:9d:7c:33:8d:33:5d:aa:
                    b2:e7:09:d7:ca:e5:2f:4f:e1:5a:d6:9f:4f:06:fe:
                    c2:b4:31:5a:11:91:b0:0c:cb:37:ba:49:2d:42:f1:
                    b9:ac:19:28:d6:65:1a:10:44:49:65:6c:3c:e9:83:
                    aa:18:08:3e:0f:a7:05:95:59:95:6f:f7:43:96:d1:
                    11:3e:0c:37:d0:0b:3d:00:a3:e6:f1:b2:00:1d:05:
                    18:58:2f:04:e6:cd:be:c4:9f:91:65:ec:8e:9b:3e:
                    15:22:43:37:68:cf:4d:82:05:ba:06:fa:fb:c0:34:
                    77:ab:76:92:10:bf:f3:1e:76:22:19:50:cd:93:92:
                    e3:8d:c5:b8:46:ad:b7:b0:65:a5:cb:cf:09:9b:e1:
                    1a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A1:2E:E4:3C:1B:21:B3:23:95:D5:25:A6:76:F3:99:AC:2E:B9:F5
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:4e:3e:4d:3a:f0:2f:b6:39:ef:2f:da:2d:56:08:1f:80:36:
         64:23:4a:e0:55:54:71:79:96:80:e6:f0:3c:cc:bb:42:0f:35:
         7e:f7:8f:9b:74:c4:3a:76:50:19:aa:6c:af:79:f9:c1:5c:1e:
         b2:de:7d:0f:f5:d9:cc:11:cc:74:7c:9f:1e:08:18:ca:73:7e:
         13:3f:4c:6f:56:ff:ab:c2:1a:3a:be:ea:6f:5e:d2:4b:c5:91:
         76:89:54:62:3e:50:8a:5e:f3:d3:be:d2:06:30:9b:9f:6b:22:
         a7:80:5e:55:9e:ca:25:f7:49:d1:82:d9:93:b1:6c:e2:73:7f:
         3c:35:b8:de:86:de:5a:8e:09:e2:0b:17:f0:96:8e:36:6b:53:
         05:0e:d1:f6:24:e2:1a:f2:ef:e6:80:2c:6b:b3:25:f9:4a:c0:
         31:8c:5b:8f:cd:9b:c6:68:b5:51:ed:7e:dc:8c:e8:e0:f8:65:
         c6:fc:20:6c:1f:4e:5e:5a:19:dc:c7:d6:c2:2c:b4:bb:ce:49:
         c5:f0:16:b8:fa:18:b5:f2:30:01:68:55:ef:d3:40:41:6b:38:
         6e:ab:39:d0:3c:94:4e:45:90:f3:ed:49:e7:f2:5b:46:3b:b6:
         22:73:e1:7d:bb:ca:8a:22:25:47:65:7e:78:d5:bd:63:88:97:
         e3:65:c4:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HaqYmUgip4ZoCBvHnCKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjUwNDI2MjIwMDIzWhcNMjUwNDI3MjIwMDIzWjAzMTEwLwYDVQQD
EygwN2ExMmVlNDNjMWIyMWIzMjM5NWQ1MjVhNjc2ZjM5OWFjMmViOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZBQk/pWkVvv5rkSvr1NgCqXkImB
A6d7KEV2BApTOyQ+JiVzEA1TEtFeBSyEQ5x/teunOGlE6eMThTTMOXyc+00a6SCy
qtcfltZx4BPxwKqfIDsAxdvjkqs5tOog43igPSe9XOJWkzubve3WLVBxJ518M40z
Xaqy5wnXyuUvT+Fa1p9PBv7CtDFaEZGwDMs3ukktQvG5rBko1mUaEERJZWw86YOq
GAg+D6cFlVmVb/dDltERPgw30As9AKPm8bIAHQUYWC8E5s2+xJ+RZeyOmz4VIkM3
aM9NggW6Bvr7wDR3q3aSEL/zHnYiGVDNk5LjjcW4Rq23sGWly88Jm+EaowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAehLuQ8GyGzI5XVJaZ285msLrn1MB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZE4+TTrw
L7Y57y/aLVYIH4A2ZCNK4FVUcXmWgObwPMy7Qg81fvePm3TEOnZQGapsr3n5wVwe
st59D/XZzBHMdHyfHggYynN+Ez9Mb1b/q8IaOr7qb17SS8WRdolUYj5Qil7z077S
BjCbn2sip4BeVZ7KJfdJ0YLZk7Fs4nN/PDW43obeWo4J4gsX8JaONmtTBQ7R9iTi
GvLv5oAsa7Ml+UrAMYxbj82bxmi1Ue1+3Izo4PhlxvwgbB9OXloZ3MfWwiy0u85J
xfAWuPoYtfIwAWhV79NAQWs4bqs50DyUTkWQ8+1J5/JbRju2InPhfbvKiiIlR2V+
eNW9Y4iX42XETA==
-----END CERTIFICATE-----