Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
File:                     ICsQHBBwOrYDIfxj3NZpClJNuxA.mft (raw, json)
Hash identifier:          FF1REd0xSxOS8WOU4bKR9zm+lIQpqas6FSr5+3FfKM8=
Subject key identifier:   35:98:A5:DF:BC:4E:77:4A:B7:BA:F1:40:D8:77:B3:74:88:EF:16:31
Authority key identifier: 20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
Certificate issuer:       /CN=202b101c10703ab60321fc63dcd6690a524dbb10
Certificate serial:       0196A4652F4EBE95D1709622BBEEDB48B4AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
Manifest number:          089A
Signing time:             Tue 06 May 2025 07:00:16 +0000
Manifest this update:     Tue 06 May 2025 07:00:16 +0000
Manifest next update:     Wed 07 May 2025 07:00:16 +0000
Files and hashes:         1: ICsQHBBwOrYDIfxj3NZpClJNuxA.crl (hash: Vmki6EQgfLutHD97OI1JED7XmAytE1pQyFaYdDflLBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:65:2f:4e:be:95:d1:70:96:22:bb:ee:db:48:b4:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202b101c10703ab60321fc63dcd6690a524dbb10
        Validity
            Not Before: May  6 07:00:16 2025 GMT
            Not After : May  7 07:00:16 2025 GMT
        Subject: CN=3598a5dfbc4e774ab7baf140d877b37488ef1631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8e:ed:88:c5:cc:9f:b2:47:75:65:52:10:cc:
                    71:8d:da:4d:ea:9d:69:70:92:6a:63:14:17:7a:e4:
                    b2:c9:d1:7d:ad:2b:36:44:2c:a4:ce:13:46:8a:cf:
                    a6:5c:91:9d:66:b6:a7:4a:2e:23:9f:46:b3:e4:99:
                    a1:8f:9d:50:15:dc:d3:52:d2:82:07:8b:59:fc:f8:
                    1b:fe:0e:b4:64:04:eb:dc:28:94:2b:60:56:72:27:
                    b6:b2:3d:00:af:86:82:af:85:ce:93:5d:b3:6d:0f:
                    a2:89:58:5f:39:68:a5:38:43:d2:ef:3e:a2:dc:54:
                    c9:d9:cf:8e:dc:8c:8b:14:2b:45:2d:24:e3:25:0f:
                    01:da:87:92:24:74:e6:5f:ac:90:09:22:cf:01:68:
                    f7:bd:75:ea:63:28:ba:fc:47:a4:d7:e5:4f:12:52:
                    42:6c:f7:b9:98:c2:89:c6:0b:1a:96:7d:a0:70:97:
                    49:35:53:27:03:ee:83:5b:46:82:a1:ee:fd:ca:3d:
                    75:4a:73:e4:fd:34:f9:25:bd:16:3a:ef:50:7c:1a:
                    d6:0b:d0:76:5c:c5:f9:30:b6:06:af:ac:8f:71:95:
                    b3:81:31:65:37:2c:65:9a:43:51:8a:d8:61:e4:fa:
                    5f:b1:a2:ef:cb:d2:be:04:da:44:21:f1:3b:5e:4b:
                    17:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:98:A5:DF:BC:4E:77:4A:B7:BA:F1:40:D8:77:B3:74:88:EF:16:31
            X509v3 Authority Key Identifier:
                keyid:20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:6a:f4:39:95:88:ba:64:70:d2:a4:ab:fb:03:00:ae:c8:2e:
         24:43:8f:a9:62:a7:a5:38:f1:88:4e:fa:cf:96:f9:b4:7c:d1:
         ff:24:50:1c:e6:24:a2:27:f7:b6:5e:51:42:91:49:cc:cb:05:
         f8:b6:5a:ee:ee:c7:e4:ff:eb:cb:88:84:44:b2:b5:35:91:e8:
         5b:65:a1:7d:27:4b:3b:55:3f:89:d9:29:ca:ec:f1:88:d1:3f:
         37:1a:d1:d5:be:ea:32:a7:97:a2:11:9b:b8:be:b6:3a:7c:6c:
         f1:34:3d:dd:ed:cb:14:30:9c:73:6b:68:cb:13:63:0d:28:4e:
         7e:fa:2c:c8:e5:82:ab:76:3b:44:94:3b:4e:c3:00:8c:c2:52:
         0b:fe:d8:a3:6a:fb:1c:c1:00:d2:0a:c0:d9:f5:d3:2f:32:51:
         50:23:14:19:65:d2:ea:07:83:f9:54:77:72:1f:c3:71:2d:d0:
         05:d6:e6:54:6e:e9:d8:20:d3:b2:a0:20:b2:aa:30:c2:8a:5d:
         bf:7b:b3:7c:8e:02:17:40:31:f2:a6:d8:b1:17:bc:10:c4:72:
         6f:93:01:99:21:e2:c2:32:83:f4:f1:b6:d8:93:10:e2:94:e9:
         78:d7:71:e5:48:35:52:4d:46:95:76:90:3a:48:2f:19:86:09:
         bb:bf:86:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZS9OvpXRcJYiu+7bSLSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmIxMDFjMTA3MDNhYjYwMzIxZmM2M2RjZDY2OTBhNTI0
ZGJiMTAwHhcNMjUwNTA2MDcwMDE2WhcNMjUwNTA3MDcwMDE2WjAzMTEwLwYDVQQD
EygzNTk4YTVkZmJjNGU3NzRhYjdiYWYxNDBkODc3YjM3NDg4ZWYxNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY7tiMXMn7JHdWVSEMxxjdpN6p1p
cJJqYxQXeuSyydF9rSs2RCykzhNGis+mXJGdZranSi4jn0az5Jmhj51QFdzTUtKC
B4tZ/Pgb/g60ZATr3CiUK2BWcie2sj0Ar4aCr4XOk12zbQ+iiVhfOWilOEPS7z6i
3FTJ2c+O3IyLFCtFLSTjJQ8B2oeSJHTmX6yQCSLPAWj3vXXqYyi6/Eek1+VPElJC
bPe5mMKJxgsaln2gcJdJNVMnA+6DW0aCoe79yj11SnPk/TT5Jb0WOu9QfBrWC9B2
XMX5MLYGr6yPcZWzgTFlNyxlmkNRithh5PpfsaLvy9K+BNpEIfE7XksXHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWYpd+8TndKt7rxQNh3s3SI7xYxMB8GA1UdIwQY
MBaAFCArEBwQcDq2AyH8Y9zWaQpSTbsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYt
YTQ0YzhlNjU0ZGY2LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYtYTQ0YzhlNjU0ZGY2
LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2r0OZWI
umRw0qSr+wMArsguJEOPqWKnpTjxiE76z5b5tHzR/yRQHOYkoif3tl5RQpFJzMsF
+LZa7u7H5P/ry4iERLK1NZHoW2WhfSdLO1U/idkpyuzxiNE/NxrR1b7qMqeXohGb
uL62Onxs8TQ93e3LFDCcc2toyxNjDShOfvosyOWCq3Y7RJQ7TsMAjMJSC/7Yo2r7
HMEA0grA2fXTLzJRUCMUGWXS6geD+VR3ch/DcS3QBdbmVG7p2CDTsqAgsqowwopd
v3uzfI4CF0Ax8qbYsRe8EMRyb5MBmSHiwjKD9PG22JMQ4pTpeNdx5Ug1Uk1GlXaQ
OkgvGYYJu7+GmQ==
-----END CERTIFICATE-----