Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          mGKOAr+l5N9iYrjkc6ABtdjzRtXdStYv6EPeH5Cuo4Y=
Subject key identifier:   D2:19:C1:3D:4F:05:07:28:57:31:40:70:C4:AD:F6:04:1C:3F:28:F6
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       01968548322DF120D1EEBCFACA8A581D5D21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          141C
Signing time:             Wed 30 Apr 2025 06:00:23 +0000
Manifest this update:     Wed 30 Apr 2025 06:00:23 +0000
Manifest next update:     Thu 01 May 2025 06:00:23 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: YbAolIDArqAqQFBrIHZNdxoADp4CufQtU3R8V0e0CwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:48:32:2d:f1:20:d1:ee:bc:fa:ca:8a:58:1d:5d:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Apr 30 06:00:23 2025 GMT
            Not After : May  1 06:00:23 2025 GMT
        Subject: CN=d219c13d4f05072857314070c4adf6041c3f28f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:39:b5:40:70:b0:73:32:0c:d2:24:f2:f8:3d:
                    59:74:f8:54:be:a5:73:3f:05:f5:4b:28:1b:3a:6a:
                    38:62:3a:3a:4d:24:28:9a:ef:cd:f7:1a:c3:4c:27:
                    05:11:57:ba:07:2a:e8:56:84:1d:dc:a3:98:77:a2:
                    70:69:a7:a0:63:ca:9b:3d:25:45:88:87:dc:26:db:
                    2f:da:0d:22:2f:4a:c2:1b:74:58:b2:be:ad:bc:96:
                    11:0e:29:48:c9:98:19:35:e3:37:02:bc:3f:63:8f:
                    9b:0b:55:34:76:4b:a8:c1:96:59:33:56:a0:50:9b:
                    ff:9e:5a:85:57:8f:f9:fc:bc:69:c4:96:a9:1a:08:
                    dc:ea:fe:a4:55:6d:48:00:b4:52:a1:74:9b:4d:67:
                    50:cb:f6:5a:b3:6f:c5:a1:5b:27:de:8f:3f:17:24:
                    c9:92:4c:2c:3f:c6:92:5e:78:af:6c:71:61:68:d5:
                    51:1c:0c:1f:3b:2a:cd:9f:11:ec:d1:d1:a2:30:af:
                    aa:6e:3e:84:73:3c:d5:5a:c6:27:d3:10:e7:3b:10:
                    0b:06:53:f0:b4:c6:45:d4:ed:50:0d:05:ff:17:72:
                    76:a5:e0:80:1c:4f:8d:78:b8:cd:de:eb:b1:b4:b3:
                    cf:f5:60:fb:0b:4c:9f:8b:65:82:f3:f9:17:9f:86:
                    b8:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:19:C1:3D:4F:05:07:28:57:31:40:70:C4:AD:F6:04:1C:3F:28:F6
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:b2:35:a9:b3:25:50:30:a0:3b:cf:ab:f2:b8:07:43:02:fe:
         3d:43:34:37:c1:74:b6:5b:0a:39:f2:50:eb:b6:2a:31:9b:bd:
         b1:5d:98:98:a4:45:f6:df:cc:56:07:9b:89:cb:6c:a2:59:11:
         e6:bb:15:e1:a0:52:00:77:ae:51:2c:c1:43:27:a2:57:a3:d8:
         1f:47:27:80:ac:34:60:ee:68:ed:32:49:5c:10:e4:46:e8:3b:
         10:a2:05:ef:ca:a1:3d:92:e0:d4:6f:18:06:7b:aa:a7:f3:0d:
         13:ff:90:04:52:a5:46:be:d7:ea:d3:9d:4e:22:17:19:ab:3e:
         f9:6e:bb:55:3d:67:6a:16:c1:2f:8b:56:8e:82:f0:01:1f:94:
         b8:d7:d6:14:1c:db:07:43:0e:f6:50:ec:af:3e:04:41:ba:e8:
         ce:67:8a:ea:3e:b6:d4:18:4f:08:67:cc:d1:8e:58:f9:17:e7:
         68:38:d1:90:29:37:61:5c:98:b1:04:e7:50:8b:09:e2:5c:83:
         c9:e2:32:ec:f1:9f:36:3f:09:a6:c9:89:1f:e5:5f:a9:a4:e5:
         83:a7:81:43:12:41:d1:68:48:fe:ec:dc:73:91:ee:18:d1:68:
         95:66:ba:87:fd:a6:49:82:d1:9a:4f:8d:16:51:2b:0c:9f:c7:
         ad:f6:db:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFSDIt8SDR7rz6yopYHV0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNDMwMDYwMDIzWhcNMjUwNTAxMDYwMDIzWjAzMTEwLwYDVQQD
EyhkMjE5YzEzZDRmMDUwNzI4NTczMTQwNzBjNGFkZjYwNDFjM2YyOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zm1QHCwczIM0iTy+D1ZdPhUvqVz
PwX1SygbOmo4Yjo6TSQomu/N9xrDTCcFEVe6ByroVoQd3KOYd6JwaaegY8qbPSVF
iIfcJtsv2g0iL0rCG3RYsr6tvJYRDilIyZgZNeM3Arw/Y4+bC1U0dkuowZZZM1ag
UJv/nlqFV4/5/LxpxJapGgjc6v6kVW1IALRSoXSbTWdQy/Zas2/FoVsn3o8/FyTJ
kkwsP8aSXnivbHFhaNVRHAwfOyrNnxHs0dGiMK+qbj6EczzVWsYn0xDnOxALBlPw
tMZF1O1QDQX/F3J2peCAHE+NeLjN3uuxtLPP9WD7C0yfi2WC8/kXn4a4sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIZwT1PBQcoVzFAcMSt9gQcPyj2MB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb7I1qbMl
UDCgO8+r8rgHQwL+PUM0N8F0tlsKOfJQ67YqMZu9sV2YmKRF9t/MVgebictsolkR
5rsV4aBSAHeuUSzBQyeiV6PYH0cngKw0YO5o7TJJXBDkRug7EKIF78qhPZLg1G8Y
Bnuqp/MNE/+QBFKlRr7X6tOdTiIXGas++W67VT1nahbBL4tWjoLwAR+UuNfWFBzb
B0MO9lDsrz4EQbrozmeK6j621BhPCGfM0Y5Y+RfnaDjRkCk3YVyYsQTnUIsJ4lyD
yeIy7PGfNj8JpsmJH+VfqaTlg6eBQxJB0WhI/uzcc5HuGNFolWa6h/2mSYLRmk+N
FlErDJ/Hrfbb5A==
-----END CERTIFICATE-----