Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.mft
File:                     Mk2diwUEVVZ2uRjuOR3BU6mH44o.mft (raw, json)
Hash identifier:          k/Pt1++ImOP7NdPMYnF6mmWslAbCa4YSo/jMSf+LRzg=
Subject key identifier:   79:FF:98:5D:F7:D6:EC:1B:48:90:2D:3B:15:66:16:70:BD:AF:ED:3E
Authority key identifier: 32:4D:9D:8B:05:04:55:56:76:B9:18:EE:39:1D:C1:53:A9:87:E3:8A
Certificate issuer:       /CN=324d9d8b0504555676b918ee391dc153a987e38a
Certificate serial:       0196760C6184462402D6E7DBCF58862B8124
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mk2diwUEVVZ2uRjuOR3BU6mH44o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.mft
Manifest number:          0F33
Signing time:             Sun 27 Apr 2025 07:00:44 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:44 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:44 +0000
Files and hashes:         1: Mk2diwUEVVZ2uRjuOR3BU6mH44o.crl (hash: T6ZOfg0uI+Do0GHyy18XPGgLHrX8K9ErFJu3QDkPJe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mk2diwUEVVZ2uRjuOR3BU6mH44o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:61:84:46:24:02:d6:e7:db:cf:58:86:2b:81:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=324d9d8b0504555676b918ee391dc153a987e38a
        Validity
            Not Before: Apr 27 07:00:44 2025 GMT
            Not After : Apr 28 07:00:44 2025 GMT
        Subject: CN=79ff985df7d6ec1b48902d3b15661670bdafed3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fc:1a:d4:64:f2:4c:c9:92:53:0a:66:91:3f:
                    77:cb:d7:b9:fc:9e:e1:30:0d:23:5e:f9:bb:69:a1:
                    e6:f4:19:f9:77:15:f0:6d:b5:39:3f:0e:66:d6:dc:
                    35:32:b0:5e:b7:85:73:99:d4:f3:1f:32:10:76:77:
                    71:79:03:65:2c:c7:7b:8d:39:2d:59:56:63:45:9c:
                    96:d5:8a:a5:e3:c6:30:91:6c:c5:3e:28:5a:5f:7a:
                    7c:97:52:f6:e2:aa:02:45:a8:0f:54:02:cd:fb:4e:
                    d5:52:25:8d:88:15:d9:d2:f5:09:c9:36:ea:59:bb:
                    3b:fa:23:c1:bd:68:cd:63:8d:70:5b:d3:02:67:7c:
                    7c:7f:8e:0f:75:2d:cb:d9:2f:fe:69:f1:f0:46:f4:
                    12:ee:b7:b4:00:b5:49:27:18:62:05:5f:dc:98:1b:
                    77:5e:61:45:65:45:cf:99:ee:1f:bd:2c:82:66:a6:
                    22:89:61:59:7d:b8:34:f7:21:24:e7:bd:e2:b7:7e:
                    59:82:83:df:d9:4b:63:d1:f9:06:39:ec:8b:da:ff:
                    39:4e:00:9c:14:24:f4:84:31:c0:a0:7c:a6:68:61:
                    b4:5d:a9:1f:4a:38:83:02:e8:5a:56:69:5d:95:6f:
                    6a:c7:c3:f7:a8:bc:cd:ce:38:f2:1d:05:de:91:59:
                    41:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:FF:98:5D:F7:D6:EC:1B:48:90:2D:3B:15:66:16:70:BD:AF:ED:3E
            X509v3 Authority Key Identifier:
                keyid:32:4D:9D:8B:05:04:55:56:76:B9:18:EE:39:1D:C1:53:A9:87:E3:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mk2diwUEVVZ2uRjuOR3BU6mH44o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/16eb03-414a-4852-81da-db261aa46f21/1/Mk2diwUEVVZ2uRjuOR3BU6mH44o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:8a:7a:c8:bc:94:ab:78:fe:d7:c5:d6:8e:3c:ab:65:41:f5:
         f4:dc:5b:f4:e3:16:67:25:42:33:75:7d:54:f2:fb:e9:c3:65:
         0d:5e:45:62:f0:94:83:36:76:4c:06:e6:78:be:8c:6d:b4:ef:
         a1:60:45:e9:27:28:1c:f4:3b:60:0d:93:8d:a4:47:98:8e:4c:
         ea:c6:53:f5:02:0a:6e:fb:ff:09:33:91:cf:ed:44:99:c5:7a:
         e2:d7:42:4e:92:c2:5c:12:39:5a:e8:61:27:a1:59:d7:2a:16:
         8d:e5:f2:f9:16:2b:47:d6:ef:ed:fb:36:08:53:57:ac:2d:d8:
         79:37:54:83:c5:c8:a1:e9:1b:df:ee:60:b5:b7:04:67:f3:ca:
         5f:f9:cc:19:98:79:ee:f5:62:a4:19:8d:ea:b5:e9:af:a2:ab:
         35:0d:14:e4:ad:f5:c4:1e:d0:03:88:86:95:e3:d2:cc:30:26:
         0e:fc:76:90:9f:59:c9:6d:e1:d2:b9:c6:41:fb:f6:88:81:3b:
         30:d1:cc:1f:69:3f:80:f1:8f:11:ba:c8:84:f8:b7:b9:05:3d:
         77:fb:75:2f:35:d3:a2:51:e3:52:9d:63:f1:1e:9c:04:7b:ec:
         6e:c3:93:bd:96:7f:bf:84:62:60:a7:0b:04:f2:f5:a8:86:8e:
         89:4e:d3:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DGGERiQC1ufbz1iGK4EkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGQ5ZDhiMDUwNDU1NTY3NmI5MThlZTM5MWRjMTUzYTk4
N2UzOGEwHhcNMjUwNDI3MDcwMDQ0WhcNMjUwNDI4MDcwMDQ0WjAzMTEwLwYDVQQD
Eyg3OWZmOTg1ZGY3ZDZlYzFiNDg5MDJkM2IxNTY2MTY3MGJkYWZlZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/wa1GTyTMmSUwpmkT93y9e5/J7h
MA0jXvm7aaHm9Bn5dxXwbbU5Pw5m1tw1MrBet4VzmdTzHzIQdndxeQNlLMd7jTkt
WVZjRZyW1Yql48YwkWzFPihaX3p8l1L24qoCRagPVALN+07VUiWNiBXZ0vUJyTbq
Wbs7+iPBvWjNY41wW9MCZ3x8f44PdS3L2S/+afHwRvQS7re0ALVJJxhiBV/cmBt3
XmFFZUXPme4fvSyCZqYiiWFZfbg09yEk573it35ZgoPf2Utj0fkGOeyL2v85TgCc
FCT0hDHAoHymaGG0XakfSjiDAuhaVmldlW9qx8P3qLzNzjjyHQXekVlBIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn/mF331uwbSJAtOxVmFnC9r+0+MB8GA1UdIwQY
MBaAFDJNnYsFBFVWdrkY7jkdwVOph+OKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWsyZGl3VUVWVloydVJqdU9SM0JVNm1INDRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xNmViMDMtNDE0YS00ODUyLTgxZGEt
ZGIyNjFhYTQ2ZjIxLzEvTWsyZGl3VUVWVloydVJqdU9SM0JVNm1INDRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xNmViMDMtNDE0YS00ODUyLTgxZGEtZGIyNjFhYTQ2ZjIx
LzEvTWsyZGl3VUVWVloydVJqdU9SM0JVNm1INDRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYp6yLyU
q3j+18XWjjyrZUH19Nxb9OMWZyVCM3V9VPL76cNlDV5FYvCUgzZ2TAbmeL6MbbTv
oWBF6ScoHPQ7YA2TjaRHmI5M6sZT9QIKbvv/CTORz+1EmcV64tdCTpLCXBI5Wuhh
J6FZ1yoWjeXy+RYrR9bv7fs2CFNXrC3YeTdUg8XIoekb3+5gtbcEZ/PKX/nMGZh5
7vVipBmN6rXpr6KrNQ0U5K31xB7QA4iGlePSzDAmDvx2kJ9ZyW3h0rnGQfv2iIE7
MNHMH2k/gPGPEbrIhPi3uQU9d/t1LzXTolHjUp1j8R6cBHvsbsOTvZZ/v4RiYKcL
BPL1qIaOiU7Tpg==
-----END CERTIFICATE-----