Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
File:                     8DpbV31dnm0cX9O-1ADpacC-fDQ.mft (raw, json)
Hash identifier:          OLUai0plYcleHk8WF2Kf771UQp1sJDuQT2vq60e0pMw=
Subject key identifier:   0E:5A:C1:66:B2:9D:33:76:AC:D9:1A:CE:DE:A3:22:61:8E:6A:38:2E
Authority key identifier: F0:3A:5B:57:7D:5D:9E:6D:1C:5F:D3:BE:D4:00:E9:69:C0:BE:7C:34
Certificate issuer:       /CN=f03a5b577d5d9e6d1c5fd3bed400e969c0be7c34
Certificate serial:       019674F9BA12A36A685F92A511FB6D207E3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
Manifest number:          1509
Signing time:             Sun 27 Apr 2025 02:00:45 +0000
Manifest this update:     Sun 27 Apr 2025 02:00:45 +0000
Manifest next update:     Mon 28 Apr 2025 02:00:45 +0000
Files and hashes:         1: 8DpbV31dnm0cX9O-1ADpacC-fDQ.crl (hash: LSiEuNVwSTDaLQ57EZMDFbjuFoWeqKYsuNMHdojwPoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:f9:ba:12:a3:6a:68:5f:92:a5:11:fb:6d:20:7e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03a5b577d5d9e6d1c5fd3bed400e969c0be7c34
        Validity
            Not Before: Apr 27 02:00:45 2025 GMT
            Not After : Apr 28 02:00:45 2025 GMT
        Subject: CN=0e5ac166b29d3376acd91acedea322618e6a382e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:86:a3:41:a3:ab:d9:4d:90:15:49:67:a3:91:
                    12:28:c9:2f:16:61:5f:79:a7:ea:1d:73:ed:79:88:
                    94:0b:a5:a5:b5:48:41:2b:78:73:01:18:01:f7:00:
                    b2:76:32:4f:0f:85:b1:43:c6:42:33:9d:b8:7f:04:
                    ca:87:0a:fe:a7:18:26:1c:89:08:52:4e:17:3e:08:
                    e9:c6:df:aa:f6:6d:f0:91:f9:ff:dc:97:84:4d:f8:
                    e4:82:5c:86:2c:6c:a1:50:09:29:e6:f1:96:4a:4c:
                    47:13:df:ce:bf:2d:10:20:2b:49:5f:d2:5a:df:83:
                    eb:aa:15:94:90:5a:49:e7:82:70:fc:ac:ef:41:a1:
                    24:4d:f2:f1:c0:2f:82:4a:75:eb:7c:5a:f5:7b:e2:
                    66:11:c1:4d:30:1d:2c:f9:9b:3f:c1:1d:b5:37:1c:
                    21:a2:45:63:00:72:5c:d4:6f:9a:32:4c:de:78:e7:
                    a9:aa:e3:b4:4e:01:ef:9e:31:36:f1:eb:8e:de:21:
                    b2:02:09:bf:01:6e:1b:19:bf:37:98:a9:13:ed:99:
                    99:4a:b7:7e:6e:44:ea:1e:42:b0:78:ee:81:c7:75:
                    72:3d:46:c2:b6:6b:92:6a:e9:e9:de:3d:f6:04:ad:
                    3e:4c:65:86:88:69:49:c2:12:10:7d:5d:1b:22:3e:
                    70:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:5A:C1:66:B2:9D:33:76:AC:D9:1A:CE:DE:A3:22:61:8E:6A:38:2E
            X509v3 Authority Key Identifier:
                keyid:F0:3A:5B:57:7D:5D:9E:6D:1C:5F:D3:BE:D4:00:E9:69:C0:BE:7C:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ae:87:8d:3f:9c:48:01:ed:d2:03:bb:92:82:68:70:67:48:
         17:9d:42:ef:b8:0b:96:e0:dd:4f:5a:c7:55:3e:25:a8:8d:a4:
         8f:48:c4:76:7f:6b:3d:5f:a4:57:1a:3a:00:51:98:bc:74:a7:
         e3:da:12:a8:e7:59:69:70:b3:03:3b:b8:48:97:77:1b:39:40:
         0c:bf:78:5b:34:a7:05:05:9a:7a:b0:88:58:a7:df:44:7a:07:
         97:1e:78:f4:b0:ec:a8:73:1f:31:19:db:3e:b5:b0:5f:f1:ec:
         c7:52:48:27:71:20:36:bc:18:20:67:96:4b:08:f6:46:fd:46:
         d0:17:d6:a5:34:f8:9f:20:33:06:d1:4d:f2:dc:dc:7b:e4:95:
         9b:2b:15:1e:a8:91:f1:e8:75:c9:d6:60:35:33:cf:c3:20:44:
         ec:e5:6a:45:22:5c:69:44:d5:cc:71:0b:f6:df:77:47:30:02:
         eb:c8:c5:7c:bc:8f:4a:2c:de:e3:a2:9e:3c:c9:77:dc:69:34:
         50:3d:99:ea:c1:b1:e0:20:2d:8a:e4:df:76:71:14:68:17:16:
         aa:e4:8d:db:9e:91:5b:4a:c7:c4:f3:11:5b:ee:66:59:0e:47:
         1b:78:2c:28:72:b6:98:db:36:df:76:2a:e9:ee:d5:0e:e6:c6:
         49:b3:35:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0+boSo2poX5KlEfttIH49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwM2E1YjU3N2Q1ZDllNmQxYzVmZDNiZWQ0MDBlOTY5YzBi
ZTdjMzQwHhcNMjUwNDI3MDIwMDQ1WhcNMjUwNDI4MDIwMDQ1WjAzMTEwLwYDVQQD
EygwZTVhYzE2NmIyOWQzMzc2YWNkOTFhY2VkZWEzMjI2MThlNmEzODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoajQaOr2U2QFUlno5ESKMkvFmFf
eafqHXPteYiUC6WltUhBK3hzARgB9wCydjJPD4WxQ8ZCM524fwTKhwr+pxgmHIkI
Uk4XPgjpxt+q9m3wkfn/3JeETfjkglyGLGyhUAkp5vGWSkxHE9/Ovy0QICtJX9Ja
34PrqhWUkFpJ54Jw/KzvQaEkTfLxwC+CSnXrfFr1e+JmEcFNMB0s+Zs/wR21Nxwh
okVjAHJc1G+aMkzeeOepquO0TgHvnjE28euO3iGyAgm/AW4bGb83mKkT7ZmZSrd+
bkTqHkKweO6Bx3VyPUbCtmuSaunp3j32BK0+TGWGiGlJwhIQfV0bIj5wwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5awWaynTN2rNkazt6jImGOajguMB8GA1UdIwQY
MBaAFPA6W1d9XZ5tHF/TvtQA6WnAvnw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ODg5NDMtNzEzZC00OTFlLWE3MjEt
ZWNhNTlmODIwMThhLzEvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ODg5NDMtNzEzZC00OTFlLWE3MjEtZWNhNTlmODIwMThh
LzEvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhq6HjT+c
SAHt0gO7koJocGdIF51C77gLluDdT1rHVT4lqI2kj0jEdn9rPV+kVxo6AFGYvHSn
49oSqOdZaXCzAzu4SJd3GzlADL94WzSnBQWaerCIWKffRHoHlx549LDsqHMfMRnb
PrWwX/Hsx1JIJ3EgNrwYIGeWSwj2Rv1G0BfWpTT4nyAzBtFN8tzce+SVmysVHqiR
8eh1ydZgNTPPwyBE7OVqRSJcaUTVzHEL9t93RzAC68jFfLyPSize46KePMl33Gk0
UD2Z6sGx4CAtiuTfdnEUaBcWquSN256RW0rHxPMRW+5mWQ5HG3gsKHK2mNs233Yq
6e7VDubGSbM1EA==
-----END CERTIFICATE-----