Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          IuM+pKcnVC26BIAEgqRZh6GTtgH7ivzYg+0LgccyS2M=
Subject key identifier:   A4:DE:48:55:0D:AD:6D:88:12:7D:F4:8A:E4:77:0C:8C:2C:38:7F:E2
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       0196748C3E56A79FC9D19A7319E4EF429C5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0795
Signing time:             Sun 27 Apr 2025 00:01:10 +0000
Manifest this update:     Sun 27 Apr 2025 00:01:10 +0000
Manifest next update:     Mon 28 Apr 2025 00:01:10 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: 7Qec87MbVc8Z+Ulz2u2SWPg1gr0rYYPO080UEB8cHqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8c:3e:56:a7:9f:c9:d1:9a:73:19:e4:ef:42:9c:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Apr 27 00:01:10 2025 GMT
            Not After : Apr 28 00:01:10 2025 GMT
        Subject: CN=a4de48550dad6d88127df48ae4770c8c2c387fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f8:1b:2f:38:6a:66:5a:68:19:ee:8f:73:86:
                    f3:7d:35:01:8e:19:50:3e:02:f4:b6:6b:89:82:0b:
                    07:ff:2c:80:50:c6:a3:57:87:86:29:8e:65:ce:61:
                    93:0c:b7:d4:38:be:1e:7e:97:36:c8:ff:c0:f2:1a:
                    c0:47:6f:e0:20:b9:ed:59:7a:07:e3:f9:78:50:28:
                    88:ce:1b:37:65:12:9d:56:0e:3a:b3:5e:01:b6:85:
                    1c:b2:7d:79:30:5d:e6:b3:7e:72:ac:1f:48:1e:63:
                    3b:91:19:eb:f7:37:b8:8d:59:07:0d:3e:83:ac:c5:
                    ea:c5:3d:4b:cf:ef:0f:df:59:3d:95:64:41:f3:c8:
                    02:0e:9e:37:45:55:02:d1:22:57:0e:65:e0:7b:6f:
                    bf:79:d9:8f:42:10:88:87:8b:32:fe:e7:ac:9d:b5:
                    26:a5:da:63:7b:63:8f:55:f5:29:c8:7d:a7:cc:b3:
                    c9:06:ef:31:41:25:9c:42:da:71:12:f9:9b:bb:9f:
                    b4:fa:de:9a:64:cf:1f:61:86:4b:a1:ac:73:04:bd:
                    dc:16:e5:6e:7d:80:84:30:4c:45:0f:fe:6a:1b:d3:
                    f5:a5:76:1f:8c:04:dd:df:58:0f:a4:b8:df:6e:cd:
                    69:9c:e0:e0:2f:bb:af:28:ca:5f:bb:d8:c3:72:f4:
                    8e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:DE:48:55:0D:AD:6D:88:12:7D:F4:8A:E4:77:0C:8C:2C:38:7F:E2
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:23:21:20:98:3d:63:99:dc:9d:2a:7c:f4:d5:38:cb:5a:79:
         c6:b4:77:b4:b0:3c:db:93:ea:03:b7:ed:2e:94:48:f0:48:ec:
         23:5c:d8:ff:72:b4:93:73:30:44:ad:72:29:c5:73:4f:f6:44:
         ca:c8:a5:7a:5e:6b:10:ee:81:37:64:c7:98:93:e0:e0:77:c4:
         89:c0:5f:af:20:56:1f:67:37:d6:3f:5c:d4:c6:b0:76:f9:c5:
         96:66:09:5c:e8:21:41:cc:99:f8:9e:6e:c5:e7:0c:7f:38:e2:
         a0:f8:af:ce:4d:5e:90:50:ce:d2:02:27:94:e3:41:be:ed:c6:
         60:ed:7b:fe:03:0d:e8:5b:d3:f9:1e:51:dd:15:dd:a6:ec:9d:
         9a:a1:ec:f4:31:5e:f3:fc:a3:88:b2:cc:4e:05:d9:22:49:c6:
         03:41:59:27:c3:7c:4d:4d:69:5e:f6:51:c6:45:48:68:ea:3c:
         08:6f:d0:80:64:84:c2:f4:8f:07:6d:9d:00:43:4e:92:e2:83:
         c1:37:3a:0c:4d:78:45:e6:3c:da:77:41:b7:01:08:f4:2b:7c:
         bd:e6:08:f0:5c:51:67:82:0b:bc:58:14:bd:57:22:4d:00:cf:
         fe:1e:f4:f9:0c:7e:3a:c4:fb:52:93:55:da:4a:be:37:b2:89:
         c7:77:a0:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0jD5Wp5/J0ZpzGeTvQpxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwNDI3MDAwMTEwWhcNMjUwNDI4MDAwMTEwWjAzMTEwLwYDVQQD
EyhhNGRlNDg1NTBkYWQ2ZDg4MTI3ZGY0OGFlNDc3MGM4YzJjMzg3ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPgbLzhqZlpoGe6Pc4bzfTUBjhlQ
PgL0tmuJggsH/yyAUMajV4eGKY5lzmGTDLfUOL4efpc2yP/A8hrAR2/gILntWXoH
4/l4UCiIzhs3ZRKdVg46s14BtoUcsn15MF3ms35yrB9IHmM7kRnr9ze4jVkHDT6D
rMXqxT1Lz+8P31k9lWRB88gCDp43RVUC0SJXDmXge2+/edmPQhCIh4sy/uesnbUm
pdpje2OPVfUpyH2nzLPJBu8xQSWcQtpxEvmbu5+0+t6aZM8fYYZLoaxzBL3cFuVu
fYCEMExFD/5qG9P1pXYfjATd31gPpLjfbs1pnODgL7uvKMpfu9jDcvSOBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTeSFUNrW2IEn30iuR3DIwsOH/iMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCMhIJg9
Y5ncnSp89NU4y1p5xrR3tLA825PqA7ftLpRI8EjsI1zY/3K0k3MwRK1yKcVzT/ZE
ysilel5rEO6BN2THmJPg4HfEicBfryBWH2c31j9c1MawdvnFlmYJXOghQcyZ+J5u
xecMfzjioPivzk1ekFDO0gInlONBvu3GYO17/gMN6FvT+R5R3RXdpuydmqHs9DFe
8/yjiLLMTgXZIknGA0FZJ8N8TU1pXvZRxkVIaOo8CG/QgGSEwvSPB22dAENOkuKD
wTc6DE14ReY82ndBtwEI9Ct8veYI8FxRZ4ILvFgUvVciTQDP/h70+Qx+OsT7UpNV
2kq+N7KJx3egfA==
-----END CERTIFICATE-----