Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          uixs4PlwocPe+cu5EG9CxAnaaRtzjFIxOMjABqS+fT8=
Subject key identifier:   D8:FB:A1:0A:55:9B:AE:CE:EE:03:5A:CC:7C:2C:D4:61:0F:69:B0:D1
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019678682E2D63BEAE38410E7C74C68C5B1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 18:00:15 +0000
Manifest this update:     Sun 27 Apr 2025 18:00:15 +0000
Manifest next update:     Mon 28 Apr 2025 18:00:15 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: dBCSXSKeEQSrRstoCJKQ4dOKgZXkc8jBTy3OyTljyEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 18:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:68:2e:2d:63:be:ae:38:41:0e:7c:74:c6:8c:5b:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Apr 27 18:00:15 2025 GMT
            Not After : Apr 28 18:00:15 2025 GMT
        Subject: CN=d8fba10a559baeceee035acc7c2cd4610f69b0d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:45:3a:96:23:96:5d:02:b2:49:b1:4c:ed:d4:
                    a1:bb:48:49:59:c1:ef:41:7b:54:22:2c:ca:b3:39:
                    02:e7:1e:aa:15:ca:58:ae:01:0b:37:f7:36:4b:07:
                    da:52:fe:40:f1:93:ed:31:19:6f:f8:93:d7:df:73:
                    be:41:04:49:bd:ad:43:c9:4b:8a:cd:02:ec:3f:1b:
                    83:fd:7e:be:88:69:a6:62:f2:49:1e:24:d8:0a:97:
                    ba:29:5e:b0:9d:a0:79:9d:af:9b:59:f6:b1:83:ff:
                    ef:d9:51:03:22:c4:65:91:96:7e:aa:62:9e:f0:51:
                    88:05:47:5c:ca:60:93:90:0f:e1:89:ff:4a:07:47:
                    fd:97:17:0c:80:d3:89:66:ad:d4:45:95:65:a2:ad:
                    71:24:89:e7:22:c5:eb:de:37:32:68:fe:cf:39:25:
                    b7:2d:61:eb:6d:2a:fa:79:db:50:8f:3d:cc:0f:2a:
                    37:1a:39:8e:f3:b5:8e:c0:b8:eb:2e:39:b3:50:5f:
                    b6:49:53:fe:34:f0:22:e0:b3:1b:5a:24:96:7d:e8:
                    28:8e:b3:13:e1:0c:27:98:5c:43:2c:8d:1a:36:1a:
                    f1:fd:1b:7d:eb:57:dd:a7:85:28:c6:7a:eb:29:83:
                    0f:ea:a1:1e:e6:28:f5:53:2a:3a:eb:c0:a7:c6:56:
                    29:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:FB:A1:0A:55:9B:AE:CE:EE:03:5A:CC:7C:2C:D4:61:0F:69:B0:D1
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:7f:98:b3:f7:87:d2:e9:e6:70:04:a2:a4:6c:74:c4:46:d8:
         b5:12:d4:90:c5:bc:ab:ab:36:66:c6:b7:33:83:02:13:82:33:
         51:d3:5c:9f:dc:01:b3:37:59:75:18:71:1b:12:b6:ab:0d:78:
         76:3f:b1:16:bf:af:bb:fe:16:33:59:72:fd:3b:1c:19:80:09:
         4d:26:d0:13:e1:09:7d:be:c1:50:56:03:56:ee:dc:41:f8:db:
         58:48:cd:22:e4:26:58:30:18:d3:d0:b1:f9:12:4f:4b:bd:9c:
         dd:e1:e1:7d:ff:64:3f:b4:ad:d9:73:10:26:31:36:09:cd:ad:
         fa:55:fa:52:73:1a:b3:50:f7:2f:05:f7:3d:b1:e2:50:42:15:
         b2:55:42:41:a0:d9:c6:b3:66:02:86:10:44:ce:ad:14:46:aa:
         d6:96:d1:62:bc:21:40:97:18:5c:6a:23:3d:14:4c:2a:e4:7a:
         28:f2:d6:77:15:a7:b7:9f:41:c3:71:9c:5d:cc:30:0e:83:be:
         19:a6:3d:7a:32:71:77:eb:07:7b:5e:30:a3:4c:3f:60:ba:ee:
         7e:f6:64:8f:e6:35:8e:20:a5:47:d6:8a:76:70:d7:dc:19:ec:
         08:4f:6d:ab:0e:45:3d:54:71:5f:fd:58:1e:5a:12:c2:f5:67:
         f2:55:aa:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aC4tY76uOEEOfHTGjFsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUwNDI3MTgwMDE1WhcNMjUwNDI4MTgwMDE1WjAzMTEwLwYDVQQD
EyhkOGZiYTEwYTU1OWJhZWNlZWUwMzVhY2M3YzJjZDQ2MTBmNjliMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UU6liOWXQKySbFM7dShu0hJWcHv
QXtUIizKszkC5x6qFcpYrgELN/c2SwfaUv5A8ZPtMRlv+JPX33O+QQRJva1DyUuK
zQLsPxuD/X6+iGmmYvJJHiTYCpe6KV6wnaB5na+bWfaxg//v2VEDIsRlkZZ+qmKe
8FGIBUdcymCTkA/hif9KB0f9lxcMgNOJZq3URZVloq1xJInnIsXr3jcyaP7POSW3
LWHrbSr6edtQjz3MDyo3GjmO87WOwLjrLjmzUF+2SVP+NPAi4LMbWiSWfegojrMT
4QwnmFxDLI0aNhrx/Rt961fdp4UoxnrrKYMP6qEe5ij1Uyo668CnxlYpDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNj7oQpVm67O7gNazHws1GEPabDRMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACH+Ys/eH
0unmcASipGx0xEbYtRLUkMW8q6s2Zsa3M4MCE4IzUdNcn9wBszdZdRhxGxK2qw14
dj+xFr+vu/4WM1ly/TscGYAJTSbQE+EJfb7BUFYDVu7cQfjbWEjNIuQmWDAY09Cx
+RJPS72c3eHhff9kP7St2XMQJjE2Cc2t+lX6UnMas1D3LwX3PbHiUEIVslVCQaDZ
xrNmAoYQRM6tFEaq1pbRYrwhQJcYXGojPRRMKuR6KPLWdxWnt59Bw3GcXcwwDoO+
GaY9ejJxd+sHe14wo0w/YLrufvZkj+Y1jiClR9aKdnDX3BnsCE9tqw5FPVRxX/1Y
HloSwvVn8lWqWA==
-----END CERTIFICATE-----