Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          gCnckB4X77b2UAiu43RZP9sgNBI42/GWXZpqdQ65yIM=
Subject key identifier:   6D:B1:91:71:7B:25:EA:6F:EC:A4:37:40:BC:39:63:7B:53:5D:84:C7
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       01977B9E82C99DE9BC7F84CBD31B2DB8D2DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          02BD
Signing time:             Tue 17 Jun 2025 02:01:15 +0000
Manifest this update:     Tue 17 Jun 2025 02:01:15 +0000
Manifest next update:     Wed 18 Jun 2025 02:01:15 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: 6MxCQfo3J9smqsd4dR3dh1pn+mUiPizqlKbxzEmhBvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 21:51:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7b:9e:82:c9:9d:e9:bc:7f:84:cb:d3:1b:2d:b8:d2:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Jun 17 02:01:15 2025 GMT
            Not After : Jun 18 02:01:15 2025 GMT
        Subject: CN=6db191717b25ea6feca43740bc39637b535d84c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e5:dc:28:04:8a:0b:94:f2:aa:4d:40:b3:f6:
                    0a:a6:f8:f7:80:47:a1:d7:60:48:32:32:28:08:2e:
                    27:14:c5:41:52:b2:1a:48:79:41:5b:b6:2f:f3:5a:
                    a3:5a:66:0c:bd:f5:a6:45:8d:f7:f9:73:0a:c9:cf:
                    0c:d3:8b:14:8e:02:89:42:23:5e:3e:0e:68:ca:02:
                    00:89:d5:19:07:16:b3:29:5e:46:da:c5:6d:64:f5:
                    31:26:28:30:35:5d:d7:65:6b:bc:1a:f5:63:b7:d8:
                    ef:d6:4f:7f:7a:c5:57:2d:d5:d7:e2:6c:57:10:47:
                    c4:19:d7:f9:c6:d8:50:b8:ce:dd:22:ad:92:bb:25:
                    1d:e7:31:90:39:82:f6:8c:98:3f:5f:35:f8:57:cf:
                    dd:0c:83:71:31:3a:6f:e2:01:e6:20:21:21:49:56:
                    8f:e4:8d:06:88:c2:00:39:a6:ad:12:5b:37:e3:83:
                    9f:2d:97:29:50:a9:32:52:3e:56:bc:fa:75:e5:c3:
                    d1:93:c9:46:fa:56:3b:d9:df:09:ac:d1:3a:85:80:
                    8a:a1:e3:be:3e:9e:eb:bb:b5:a6:91:31:6d:09:6b:
                    8d:f7:67:49:42:71:44:37:2e:6a:b5:99:4b:99:37:
                    54:ac:79:46:75:9c:24:21:21:46:49:21:9f:5e:97:
                    96:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:B1:91:71:7B:25:EA:6F:EC:A4:37:40:BC:39:63:7B:53:5D:84:C7
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:a3:32:61:e6:12:d5:bd:97:cf:aa:19:dd:84:7b:39:bc:c3:
         ba:9e:96:34:1a:e7:64:d4:b6:52:19:75:4e:6b:fe:66:19:07:
         18:09:dd:9f:19:d6:78:6a:be:17:36:0d:6f:5f:c3:2d:0a:e6:
         42:29:5c:08:3a:ed:cc:00:9f:b8:3c:c0:42:6a:74:16:42:d5:
         e2:2d:34:8f:0f:06:33:2b:96:e5:ba:02:4e:cd:fd:c1:35:00:
         1c:45:ac:3a:1f:a7:fa:78:dd:dc:e2:f0:07:e6:a9:2b:ba:a1:
         3f:d2:31:08:f1:f7:3b:de:f6:b9:1d:ae:1c:36:20:0b:f9:56:
         99:a7:4b:27:b0:9d:38:29:f2:c2:d0:c1:8c:57:95:bb:c5:ac:
         e7:13:93:0c:ca:38:1f:23:b2:45:92:35:07:a6:48:76:f0:f9:
         74:fe:a5:e8:08:ec:02:69:f1:f4:60:7d:ba:9e:c9:c4:5a:ee:
         c8:4a:1b:e4:b1:3e:35:96:83:8c:e4:ea:11:a3:9f:f6:e0:e1:
         58:ab:24:9a:50:4b:80:ce:b4:13:dc:bb:25:19:9d:6c:a1:c6:
         2b:f4:02:03:69:9d:8e:fc:b6:e8:17:65:79:c0:33:0b:d6:5d:
         1b:c4:50:2a:0e:a8:d6:29:f6:18:d4:4c:bd:87:74:4d:b4:aa:
         6d:ca:2f:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd7noLJnem8f4TL0xstuNLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwNjE3MDIwMTE1WhcNMjUwNjE4MDIwMTE1WjAzMTEwLwYDVQQD
Eyg2ZGIxOTE3MTdiMjVlYTZmZWNhNDM3NDBiYzM5NjM3YjUzNWQ4NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uXcKASKC5Tyqk1As/YKpvj3gEeh
12BIMjIoCC4nFMVBUrIaSHlBW7Yv81qjWmYMvfWmRY33+XMKyc8M04sUjgKJQiNe
Pg5oygIAidUZBxazKV5G2sVtZPUxJigwNV3XZWu8GvVjt9jv1k9/esVXLdXX4mxX
EEfEGdf5xthQuM7dIq2SuyUd5zGQOYL2jJg/XzX4V8/dDINxMTpv4gHmICEhSVaP
5I0GiMIAOaatEls344OfLZcpUKkyUj5WvPp15cPRk8lG+lY72d8JrNE6hYCKoeO+
Pp7ru7WmkTFtCWuN92dJQnFENy5qtZlLmTdUrHlGdZwkISFGSSGfXpeWTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2xkXF7Jepv7KQ3QLw5Y3tTXYTHMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4KMyYeYS
1b2Xz6oZ3YR7ObzDup6WNBrnZNS2Uhl1Tmv+ZhkHGAndnxnWeGq+FzYNb1/DLQrm
QilcCDrtzACfuDzAQmp0FkLV4i00jw8GMyuW5boCTs39wTUAHEWsOh+n+njd3OLw
B+apK7qhP9IxCPH3O972uR2uHDYgC/lWmadLJ7CdOCnywtDBjFeVu8Ws5xOTDMo4
HyOyRZI1B6ZIdvD5dP6l6AjsAmnx9GB9up7JxFruyEob5LE+NZaDjOTqEaOf9uDh
WKskmlBLgM60E9y7JRmdbKHGK/QCA2mdjvy26BdlecAzC9ZdG8RQKg6o1in2GNRM
vYd0TbSqbcovAg==
-----END CERTIFICATE-----