Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          NORuejKJMa85ZlofWR+3hpkuGHiWvLs+JQq6RUMB2GU=
Subject key identifier:   76:3F:D2:14:B5:A0:3F:05:BF:B2:09:5E:63:88:A3:2F:0B:60:9F:DC
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       01976BBD4C490C07FA0BD4067F6CABAEFE46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 00:00:57 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:57 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:57 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: 49+6UzscrEXVf6CCuKZn+umrTEL0rIHAgm0kqwl6aI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:4c:49:0c:07:fa:0b:d4:06:7f:6c:ab:ae:fe:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Jun 14 00:00:57 2025 GMT
            Not After : Jun 15 00:00:57 2025 GMT
        Subject: CN=763fd214b5a03f05bfb2095e6388a32f0b609fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:65:ee:1e:59:9d:7c:7a:aa:93:fc:03:86:61:
                    b7:a3:1b:13:1a:21:8a:bc:42:6f:c9:aa:b8:6e:6f:
                    83:53:8a:ee:fc:9a:3d:2d:8a:cb:8d:46:16:5f:87:
                    3e:ec:a2:13:98:8f:f2:7e:ac:b7:41:e9:f4:d7:5f:
                    30:cf:b0:03:a2:f0:e4:a9:a2:68:5d:2d:6f:93:9c:
                    9f:4e:95:d6:c8:77:c2:6c:4e:a1:0b:81:23:ec:ce:
                    5e:c5:77:9b:2d:7c:50:8d:18:f1:05:db:44:40:3e:
                    9a:ca:59:b7:d4:81:07:25:f4:7e:96:1f:20:a0:e9:
                    c3:ba:fe:fd:96:b9:5c:b7:e7:82:94:40:f4:8c:9b:
                    60:61:d6:d0:fd:ea:81:ea:e8:fb:f1:34:09:84:50:
                    64:aa:28:a6:de:96:0e:5a:14:15:2c:e3:0e:0a:60:
                    33:ee:ea:aa:47:5d:a1:72:8e:0b:67:b0:9d:0f:2a:
                    b9:92:b9:22:1b:e3:e0:30:1a:ea:29:79:4b:ad:c6:
                    c3:2e:40:17:1e:8d:0a:61:25:ec:34:61:ae:d3:a3:
                    b4:7b:06:1b:fe:ad:d5:a6:d7:52:44:11:29:21:df:
                    ea:68:a8:4d:7f:b3:02:c5:31:2f:7b:71:04:28:64:
                    f7:54:3d:fb:e9:0d:fe:60:92:37:2c:ce:50:1b:49:
                    3f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:3F:D2:14:B5:A0:3F:05:BF:B2:09:5E:63:88:A3:2F:0B:60:9F:DC
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:2c:51:5a:18:a1:2a:6b:95:3e:e8:da:45:da:15:73:56:db:
         10:74:76:05:4a:85:b4:90:09:5d:5e:6d:03:fc:09:12:50:74:
         4e:4f:ea:b5:ee:08:22:21:ca:32:3c:2b:cd:2f:93:0a:ea:73:
         e9:25:b0:52:58:fc:e2:9d:c6:c5:2e:25:7f:3a:cc:3d:b5:85:
         4b:8e:69:a2:b5:88:a8:ab:df:74:a6:1b:e0:56:57:2e:6d:8f:
         e0:36:fb:7e:99:0b:d4:6c:30:5e:cf:5e:b9:92:94:ae:25:80:
         77:e2:37:33:8a:89:48:db:61:09:83:9d:68:b7:76:09:78:cd:
         f6:19:26:eb:4e:db:39:eb:14:ae:25:22:56:36:44:17:89:20:
         38:8a:89:1c:41:54:78:05:63:8f:5e:a4:b0:89:60:47:f2:ac:
         67:ad:ad:86:e4:1d:9d:19:6e:65:04:3f:40:da:25:b4:ae:cd:
         d5:01:c5:64:de:48:80:5d:a7:b2:62:a7:28:52:b5:b4:86:d9:
         1d:26:ff:34:1e:33:70:2a:55:90:b9:a4:dc:12:41:29:76:0b:
         a1:45:d4:e5:c3:0c:4d:a2:ad:d5:05:f4:b3:9c:bd:df:37:7c:
         2b:f5:1a:9d:0e:8c:e3:33:c8:c0:52:c7:d1:cb:aa:23:9b:3a:
         99:c7:06:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvUxJDAf6C9QGf2yrrv5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUwNjE0MDAwMDU3WhcNMjUwNjE1MDAwMDU3WjAzMTEwLwYDVQQD
Eyg3NjNmZDIxNGI1YTAzZjA1YmZiMjA5NWU2Mzg4YTMyZjBiNjA5ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWXuHlmdfHqqk/wDhmG3oxsTGiGK
vEJvyaq4bm+DU4ru/Jo9LYrLjUYWX4c+7KITmI/yfqy3Qen0118wz7ADovDkqaJo
XS1vk5yfTpXWyHfCbE6hC4Ej7M5exXebLXxQjRjxBdtEQD6aylm31IEHJfR+lh8g
oOnDuv79lrlct+eClED0jJtgYdbQ/eqB6uj78TQJhFBkqiim3pYOWhQVLOMOCmAz
7uqqR12hco4LZ7CdDyq5krkiG+PgMBrqKXlLrcbDLkAXHo0KYSXsNGGu06O0ewYb
/q3VptdSRBEpId/qaKhNf7MCxTEve3EEKGT3VD376Q3+YJI3LM5QG0k/kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHY/0hS1oD8Fv7IJXmOIoy8LYJ/cMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACixRWhih
KmuVPujaRdoVc1bbEHR2BUqFtJAJXV5tA/wJElB0Tk/qte4IIiHKMjwrzS+TCupz
6SWwUlj84p3GxS4lfzrMPbWFS45porWIqKvfdKYb4FZXLm2P4Db7fpkL1GwwXs9e
uZKUriWAd+I3M4qJSNthCYOdaLd2CXjN9hkm607bOesUriUiVjZEF4kgOIqJHEFU
eAVjj16ksIlgR/KsZ62thuQdnRluZQQ/QNoltK7N1QHFZN5IgF2nsmKnKFK1tIbZ
HSb/NB4zcCpVkLmk3BJBKXYLoUXU5cMMTaKt1QX0s5y93zd8K/UanQ6M4zPIwFLH
0cuqI5s6mccGbw==
-----END CERTIFICATE-----