Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          xu21j42nzFDMW+YIhDT3dyuB19ZAE2fkiWJhvBoaePE=
Subject key identifier:   9C:29:43:9A:3D:94:10:FA:76:E1:D2:38:01:80:9F:98:FB:07:4D:92
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       01976DABA3451512C21EAF68FA5CD7BD0A09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 09:00:54 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:54 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:54 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: pPA0Tk5yPKGC0J4CfFTAd9iu2GDFGUZ5ct1FSIuC/KM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:a3:45:15:12:c2:1e:af:68:fa:5c:d7:bd:0a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Jun 14 09:00:54 2025 GMT
            Not After : Jun 15 09:00:54 2025 GMT
        Subject: CN=9c29439a3d9410fa76e1d23801809f98fb074d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c3:d8:a4:21:77:71:f2:3d:10:ba:7a:51:bf:
                    a5:65:4b:43:25:0b:39:f5:2c:85:da:73:32:c7:78:
                    04:f8:4f:e7:94:54:52:7b:35:aa:eb:7f:77:80:78:
                    ae:1e:41:6a:9e:22:2d:ac:7f:65:69:4b:dd:bc:23:
                    c2:bb:df:60:bb:e8:46:ed:75:75:c4:37:f4:bc:64:
                    26:80:6b:61:7c:cd:d0:2f:b8:09:31:0c:ce:0f:1c:
                    fa:8d:b6:60:51:a2:28:55:3f:64:7a:bf:f6:9d:ae:
                    cf:71:45:ef:83:ad:4f:ff:43:84:6d:ec:e5:19:05:
                    04:7f:c6:10:4c:ef:db:0e:0a:d2:69:04:0c:57:4a:
                    db:16:e2:8a:d6:54:d1:1a:f4:6b:c0:2e:0d:4a:67:
                    b4:ae:0d:4c:f9:bf:2f:c1:cb:34:09:30:fd:31:5c:
                    c3:35:63:cc:aa:05:47:2b:f8:da:60:9c:26:67:02:
                    6f:52:93:53:f0:9b:ad:6f:4f:fd:ef:a2:5b:76:df:
                    77:56:e3:24:39:b4:ba:2e:9f:a9:8a:a3:42:e1:59:
                    cb:b8:e1:58:25:4a:ae:fe:80:39:82:3b:f2:f0:d0:
                    14:11:a0:06:b5:95:68:46:20:0c:44:4b:bc:bb:2b:
                    93:59:33:de:24:de:b9:f1:c2:30:75:04:b2:6e:98:
                    3a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:29:43:9A:3D:94:10:FA:76:E1:D2:38:01:80:9F:98:FB:07:4D:92
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:34:40:2e:15:57:e8:93:7d:5f:d6:de:ef:01:a1:e0:2a:a3:
         25:89:9b:05:d2:ed:c4:f6:91:49:bd:72:e7:b1:bd:41:de:1e:
         a2:d0:0b:18:89:f8:29:55:bb:92:9b:cb:86:d6:ec:b2:ad:02:
         4e:34:ec:71:d9:6a:b3:f7:c6:b9:a8:83:a7:b9:b7:4c:df:14:
         16:2d:b6:89:47:65:9d:96:bc:12:fe:00:4e:dc:b5:a0:2b:f2:
         78:40:29:5e:ed:97:86:47:a9:c0:3b:85:a6:0b:35:08:34:8b:
         0a:88:43:ad:e4:30:17:f2:e2:c3:e0:f2:39:4e:39:9f:b3:e7:
         38:7d:c4:36:c2:d4:0b:ad:cb:02:8a:b8:da:50:90:eb:ef:2c:
         12:bb:44:7f:e6:57:6f:c7:8d:88:18:25:e5:cd:c9:fe:c8:46:
         83:e6:ad:46:ba:76:a3:55:87:21:41:ef:0d:08:47:85:5c:63:
         7f:e6:4a:b1:ed:8f:f3:cb:48:c7:e4:4e:85:e9:b2:bc:77:86:
         3c:de:dd:a1:5f:b9:61:20:61:36:35:8a:7e:bf:eb:67:6b:e8:
         5d:45:d0:9f:ac:c6:85:2b:54:6a:2b:d0:72:af:49:d5:3a:89:
         04:bf:7f:cd:e1:54:dc:7d:a2:e8:3f:86:ca:02:d6:e4:e3:99:
         9e:d1:28:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq6NFFRLCHq9o+lzXvQoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwNjE0MDkwMDU0WhcNMjUwNjE1MDkwMDU0WjAzMTEwLwYDVQQD
Eyg5YzI5NDM5YTNkOTQxMGZhNzZlMWQyMzgwMTgwOWY5OGZiMDc0ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsPYpCF3cfI9ELp6Ub+lZUtDJQs5
9SyF2nMyx3gE+E/nlFRSezWq6393gHiuHkFqniItrH9laUvdvCPCu99gu+hG7XV1
xDf0vGQmgGthfM3QL7gJMQzODxz6jbZgUaIoVT9ker/2na7PcUXvg61P/0OEbezl
GQUEf8YQTO/bDgrSaQQMV0rbFuKK1lTRGvRrwC4NSme0rg1M+b8vwcs0CTD9MVzD
NWPMqgVHK/jaYJwmZwJvUpNT8Jutb0/976Jbdt93VuMkObS6Lp+piqNC4VnLuOFY
JUqu/oA5gjvy8NAUEaAGtZVoRiAMREu8uyuTWTPeJN658cIwdQSybpg6zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwpQ5o9lBD6duHSOAGAn5j7B02SMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkzRALhVX
6JN9X9be7wGh4CqjJYmbBdLtxPaRSb1y57G9Qd4eotALGIn4KVW7kpvLhtbssq0C
TjTscdlqs/fGuaiDp7m3TN8UFi22iUdlnZa8Ev4ATty1oCvyeEApXu2XhkepwDuF
pgs1CDSLCohDreQwF/Liw+DyOU45n7PnOH3ENsLUC63LAoq42lCQ6+8sErtEf+ZX
b8eNiBgl5c3J/shGg+atRrp2o1WHIUHvDQhHhVxjf+ZKse2P88tIx+ROhemyvHeG
PN7doV+5YSBhNjWKfr/rZ2voXUXQn6zGhStUaivQcq9J1TqJBL9/zeFU3H2i6D+G
ygLW5OOZntEobQ==
-----END CERTIFICATE-----