Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          7MOMD8XQOtNhKyHYnN6YM/PrGrJ/GBsVfsyBcMAjiN4=
Subject key identifier:   BE:69:42:F2:F3:D5:AC:81:61:12:4B:16:7A:05:AD:60:C9:A9:81:F2
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       01968F27BDB2CC5642571D5CD4F50C7831DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          01BE
Signing time:             Fri 02 May 2025 04:01:08 +0000
Manifest this update:     Fri 02 May 2025 04:01:08 +0000
Manifest next update:     Sat 03 May 2025 04:01:08 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: XibHxhPaJzNEsZOOIFj3TT0YhrPmRM+8kwoYqgvHO5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:27:bd:b2:cc:56:42:57:1d:5c:d4:f5:0c:78:31:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: May  2 04:01:08 2025 GMT
            Not After : May  3 04:01:08 2025 GMT
        Subject: CN=be6942f2f3d5ac8161124b167a05ad60c9a981f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e9:5e:70:07:f9:91:f8:d0:60:38:75:71:17:
                    23:8f:fe:df:76:5a:c4:4a:b9:f2:6d:01:28:3b:68:
                    50:11:89:c8:b2:e2:d7:86:77:4d:cc:28:a4:e4:80:
                    a8:e4:06:21:f1:6c:a8:6a:2b:8a:56:17:98:16:2c:
                    3c:6d:76:4d:9f:d4:8d:da:75:34:91:d3:b7:eb:64:
                    47:b2:6c:04:c2:89:2c:9b:76:84:56:c6:e3:82:e2:
                    14:fe:c4:c5:ae:02:96:85:e6:89:ee:26:c0:8b:a2:
                    bc:62:8f:d3:0a:fd:4b:7d:20:6f:09:9b:33:94:08:
                    3f:d8:fc:1e:5a:d4:18:84:af:ac:1e:01:69:50:50:
                    22:3e:07:bd:0c:5a:fc:5e:b8:99:9c:7f:78:69:6b:
                    19:66:77:a4:b2:c9:ce:6f:5f:23:e6:12:b2:fa:ca:
                    11:1b:31:34:b1:e5:89:6a:99:04:05:54:c6:f1:38:
                    0f:84:c1:c6:24:0a:bc:a6:c3:f6:6c:37:57:56:1b:
                    c8:8e:d9:2c:fc:2c:dd:3d:ed:59:e9:97:af:ed:c4:
                    d3:e6:cc:e0:62:f6:80:b2:92:40:8b:e7:85:80:9d:
                    5d:72:b3:35:55:a4:c4:a2:a5:6d:6c:1b:de:0a:0b:
                    09:c1:15:6e:a3:5f:d8:24:7a:63:fe:c9:75:03:f5:
                    31:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:69:42:F2:F3:D5:AC:81:61:12:4B:16:7A:05:AD:60:C9:A9:81:F2
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:7b:07:0b:dd:d6:ee:f6:fb:2c:b1:d0:7e:28:e0:81:59:a4:
         d3:0f:db:14:c5:37:71:68:93:e8:67:7d:4a:f8:d6:da:28:8d:
         85:c5:5f:cf:ea:3e:f0:fc:cb:46:a7:03:b1:5b:02:1d:95:b8:
         71:bc:b8:0c:d8:4b:20:73:66:10:0b:77:18:68:c5:f2:50:11:
         11:8f:c0:01:76:37:09:72:71:a2:21:4d:b5:56:e3:d6:55:17:
         7f:da:35:ef:63:d4:48:e7:7b:c1:ca:ff:6e:0a:f9:71:d9:98:
         a0:14:9d:cb:9a:9f:99:7f:7e:05:67:5c:47:57:2a:a7:ce:6f:
         11:89:a5:1e:14:75:0c:31:0a:7c:0d:c8:ce:a5:94:b6:f7:c7:
         f8:23:67:3e:99:a1:01:a4:bb:af:2d:26:8f:7f:f9:a6:4f:31:
         66:44:be:eb:22:17:9b:fa:10:18:2f:10:d2:fa:90:23:f0:ef:
         29:47:fa:a3:ee:85:cb:8c:71:67:ae:9c:5a:9e:5a:21:9e:37:
         a4:99:6a:9a:f9:c0:ce:24:af:08:c7:28:ba:9f:a0:ef:ae:93:
         72:aa:78:a5:f5:8c:8e:43:cc:f7:58:e1:14:36:83:48:60:fb:
         fc:73:ff:64:ad:34:e5:cf:e2:e4:fc:80:d3:78:2b:2b:d7:13:
         57:7d:17:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPJ72yzFZCVx1c1PUMeDHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjUwNTAyMDQwMTA4WhcNMjUwNTAzMDQwMTA4WjAzMTEwLwYDVQQD
EyhiZTY5NDJmMmYzZDVhYzgxNjExMjRiMTY3YTA1YWQ2MGM5YTk4MWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulecAf5kfjQYDh1cRcjj/7fdlrE
SrnybQEoO2hQEYnIsuLXhndNzCik5ICo5AYh8WyoaiuKVheYFiw8bXZNn9SN2nU0
kdO362RHsmwEwoksm3aEVsbjguIU/sTFrgKWheaJ7ibAi6K8Yo/TCv1LfSBvCZsz
lAg/2PweWtQYhK+sHgFpUFAiPge9DFr8XriZnH94aWsZZnekssnOb18j5hKy+soR
GzE0seWJapkEBVTG8TgPhMHGJAq8psP2bDdXVhvIjtks/CzdPe1Z6Zev7cTT5szg
YvaAspJAi+eFgJ1dcrM1VaTEoqVtbBveCgsJwRVuo1/YJHpj/sl1A/Ux0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5pQvLz1ayBYRJLFnoFrWDJqYHyMB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGnsHC93W
7vb7LLHQfijggVmk0w/bFMU3cWiT6Gd9SvjW2iiNhcVfz+o+8PzLRqcDsVsCHZW4
cby4DNhLIHNmEAt3GGjF8lAREY/AAXY3CXJxoiFNtVbj1lUXf9o172PUSOd7wcr/
bgr5cdmYoBSdy5qfmX9+BWdcR1cqp85vEYmlHhR1DDEKfA3IzqWUtvfH+CNnPpmh
AaS7ry0mj3/5pk8xZkS+6yIXm/oQGC8Q0vqQI/DvKUf6o+6Fy4xxZ66cWp5aIZ43
pJlqmvnAziSvCMcoup+g766Tcqp4pfWMjkPM91jhFDaDSGD7/HP/ZK005c/i5PyA
03grK9cTV30XKw==
-----END CERTIFICATE-----