Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.mft
File:                     AslIBM_MfvJY1G_DJMFnZEdgPvY.mft (raw, json)
Hash identifier:          8DddXjp2gD19GOVnxjc4PXuBT2rYO5eAglLuqBLvOVo=
Subject key identifier:   85:04:58:20:E3:65:0E:BC:0F:43:3F:7A:8E:15:F3:81:30:11:D0:6B
Authority key identifier: 02:C9:48:04:CF:CC:7E:F2:58:D4:6F:C3:24:C1:67:64:47:60:3E:F6
Certificate issuer:       /CN=02c94804cfcc7ef258d46fc324c1676447603ef6
Certificate serial:       01968C25F19BDC2AC3B598E15D97ABAC2F89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AslIBM_MfvJY1G_DJMFnZEdgPvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.mft
Manifest number:          0552
Signing time:             Thu 01 May 2025 14:00:18 +0000
Manifest this update:     Thu 01 May 2025 14:00:18 +0000
Manifest next update:     Fri 02 May 2025 14:00:18 +0000
Files and hashes:         1: AslIBM_MfvJY1G_DJMFnZEdgPvY.crl (hash: 6lZS7Do71EKNyoE2SqyK38iJgLrJYAVdp6z/1m7yjPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AslIBM_MfvJY1G_DJMFnZEdgPvY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8c:25:f1:9b:dc:2a:c3:b5:98:e1:5d:97:ab:ac:2f:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02c94804cfcc7ef258d46fc324c1676447603ef6
        Validity
            Not Before: May  1 14:00:18 2025 GMT
            Not After : May  2 14:00:18 2025 GMT
        Subject: CN=85045820e3650ebc0f433f7a8e15f3813011d06b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d8:65:ee:4a:48:76:e1:23:88:73:92:4c:e2:
                    2c:e6:52:b5:2f:a4:f8:bf:ee:ad:2a:2b:fc:32:3b:
                    7a:2d:50:09:0f:d4:40:9e:33:cd:49:0c:32:d4:6e:
                    92:a7:cc:ed:4a:db:f4:01:c3:09:74:53:ce:36:d0:
                    6e:b1:e6:59:9e:95:7d:53:d9:a3:10:2b:f6:47:1c:
                    d7:94:c2:d3:7a:cf:fd:f7:da:e2:2a:97:46:21:73:
                    69:3f:89:e2:bd:93:90:43:76:ac:c1:69:37:94:48:
                    c1:bd:0e:6a:38:89:99:6e:26:59:d7:10:99:ac:d3:
                    0d:02:e5:f6:ba:0d:9d:5a:ff:77:3f:bd:e4:59:bd:
                    ba:83:13:1e:6b:09:93:6a:85:d6:b9:7d:70:1c:c1:
                    37:dc:be:51:e9:7e:f2:15:18:b6:a0:83:76:25:ae:
                    62:b0:41:7c:8f:7c:81:b7:dc:b2:93:58:1b:b6:18:
                    da:16:50:e6:c8:2d:de:c9:bc:00:8e:d9:89:9a:02:
                    12:fb:af:f6:b0:f1:ae:f4:42:a8:cb:45:2c:46:be:
                    2d:7d:4d:35:e5:8d:d3:76:57:b4:d1:89:fa:b4:d6:
                    79:28:71:9e:7a:48:1d:9c:b5:45:2c:f5:60:a3:2a:
                    00:a5:91:13:d0:62:9e:b1:31:f7:4c:4b:3e:6c:68:
                    6a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:04:58:20:E3:65:0E:BC:0F:43:3F:7A:8E:15:F3:81:30:11:D0:6B
            X509v3 Authority Key Identifier:
                keyid:02:C9:48:04:CF:CC:7E:F2:58:D4:6F:C3:24:C1:67:64:47:60:3E:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AslIBM_MfvJY1G_DJMFnZEdgPvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/85ff0a-22ab-4190-9b73-259be9fbc1f1/1/AslIBM_MfvJY1G_DJMFnZEdgPvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:71:a5:dd:7e:2e:29:40:a6:7b:38:e6:78:37:e8:59:30:52:
         39:ae:74:bc:c5:30:59:c3:70:9b:c8:b3:a4:de:96:f0:7b:aa:
         6b:27:02:08:2f:76:a2:67:98:f1:f1:ea:de:94:b3:55:e3:33:
         05:cb:cb:8b:76:f2:bd:33:21:65:d5:14:97:70:99:e0:73:fc:
         a9:25:c7:ea:2a:39:54:59:10:63:50:ee:66:2f:5d:4f:63:6a:
         e5:78:66:d5:eb:a4:4f:8b:50:66:a5:17:e9:ae:1d:0b:da:89:
         2a:f6:37:dc:f5:ed:5a:71:20:4d:22:99:90:a4:60:9c:cb:3a:
         63:2e:9e:e1:c0:6f:93:c5:a6:b4:e8:18:4f:2b:ef:1a:76:94:
         04:51:cf:50:a5:fb:1a:0a:86:d6:f2:9b:87:d7:3e:08:64:e1:
         5c:fc:7a:1c:9d:80:7e:3a:cc:00:4f:cc:5c:04:c1:5e:10:24:
         7b:2f:87:dd:23:79:85:33:07:db:e4:21:a6:2a:8d:78:81:a6:
         68:ff:08:2d:eb:e4:92:9a:78:f7:cd:d3:40:4a:56:f1:fb:21:
         81:f5:08:38:d7:10:8f:77:13:cd:2f:fc:8e:6b:e4:a5:d0:ea:
         d3:b9:69:69:e2:02:cd:13:a4:f4:e6:ce:41:8b:9f:21:a4:3c:
         f1:f0:7c:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaMJfGb3CrDtZjhXZerrC+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzk0ODA0Y2ZjYzdlZjI1OGQ0NmZjMzI0YzE2NzY0NDc2
MDNlZjYwHhcNMjUwNTAxMTQwMDE4WhcNMjUwNTAyMTQwMDE4WjAzMTEwLwYDVQQD
Eyg4NTA0NTgyMGUzNjUwZWJjMGY0MzNmN2E4ZTE1ZjM4MTMwMTFkMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNhl7kpIduEjiHOSTOIs5lK1L6T4
v+6tKiv8Mjt6LVAJD9RAnjPNSQwy1G6Sp8ztStv0AcMJdFPONtBuseZZnpV9U9mj
ECv2RxzXlMLTes/999riKpdGIXNpP4nivZOQQ3aswWk3lEjBvQ5qOImZbiZZ1xCZ
rNMNAuX2ug2dWv93P73kWb26gxMeawmTaoXWuX1wHME33L5R6X7yFRi2oIN2Ja5i
sEF8j3yBt9yyk1gbthjaFlDmyC3eybwAjtmJmgIS+6/2sPGu9EKoy0UsRr4tfU01
5Y3Tdle00Yn6tNZ5KHGeekgdnLVFLPVgoyoApZET0GKesTH3TEs+bGhqHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUEWCDjZQ68D0M/eo4V84EwEdBrMB8GA1UdIwQY
MBaAFALJSATPzH7yWNRvwyTBZ2RHYD72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNsSUJNX01mdkpZMUdfREpNRm5aRWRnUHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84NWZmMGEtMjJhYi00MTkwLTliNzMt
MjU5YmU5ZmJjMWYxLzEvQXNsSUJNX01mdkpZMUdfREpNRm5aRWRnUHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84NWZmMGEtMjJhYi00MTkwLTliNzMtMjU5YmU5ZmJjMWYx
LzEvQXNsSUJNX01mdkpZMUdfREpNRm5aRWRnUHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk3Gl3X4u
KUCmezjmeDfoWTBSOa50vMUwWcNwm8izpN6W8HuqaycCCC92omeY8fHq3pSzVeMz
BcvLi3byvTMhZdUUl3CZ4HP8qSXH6io5VFkQY1DuZi9dT2Nq5Xhm1eukT4tQZqUX
6a4dC9qJKvY33PXtWnEgTSKZkKRgnMs6Yy6e4cBvk8WmtOgYTyvvGnaUBFHPUKX7
GgqG1vKbh9c+CGThXPx6HJ2AfjrMAE/MXATBXhAkey+H3SN5hTMH2+QhpiqNeIGm
aP8ILevkkpp4983TQEpW8fshgfUIONcQj3cTzS/8jmvkpdDq07lpaeICzROk9ObO
QYufIaQ88fB8/w==
-----END CERTIFICATE-----