Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
File:                     fXrxi3mJleFLOBNhoGu2aEm36Fo.mft (raw, json)
Hash identifier:          K6QsYJ6+D0+hIXasDVJ3G4BVn/tm0n36S3jNbTnSR+Q=
Subject key identifier:   67:48:15:85:7F:60:53:D5:2A:E9:C9:26:50:98:F0:3C:39:8E:F0:5A
Authority key identifier: 7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A
Certificate issuer:       /CN=7d7af18b798995e14b381361a06bb66849b7e85a
Certificate serial:       01968BEF36C4BF437D6AAC999ACAD50D75AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
Manifest number:          0645
Signing time:             Thu 01 May 2025 13:00:32 +0000
Manifest this update:     Thu 01 May 2025 13:00:32 +0000
Manifest next update:     Fri 02 May 2025 13:00:32 +0000
Files and hashes:         1: fXrxi3mJleFLOBNhoGu2aEm36Fo.crl (hash: uNbEbHY8z5EpSdXNLRvVn5qT5ZXhPcXMp+Ca26n09MM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:ef:36:c4:bf:43:7d:6a:ac:99:9a:ca:d5:0d:75:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7af18b798995e14b381361a06bb66849b7e85a
        Validity
            Not Before: May  1 13:00:32 2025 GMT
            Not After : May  2 13:00:32 2025 GMT
        Subject: CN=674815857f6053d52ae9c9265098f03c398ef05a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:73:5a:a8:99:e8:fb:fa:aa:df:90:62:cd:e7:
                    7e:7b:ed:9c:19:f0:34:d7:9a:b4:b6:5d:f4:c8:ec:
                    06:a5:83:75:da:5f:c4:8c:6e:f1:cd:be:9b:80:ae:
                    c4:34:cb:25:5f:ae:73:05:18:23:cf:a1:ba:58:c3:
                    c8:3b:f9:fd:df:17:b8:a2:63:e0:90:b8:97:bc:44:
                    f1:70:da:cf:d7:4b:62:f2:67:15:82:26:07:d6:22:
                    48:df:b3:64:99:d7:65:1a:03:7f:0c:5f:14:fe:0d:
                    79:3b:df:a7:5d:55:b1:51:34:3a:57:6b:ed:a2:d6:
                    57:52:af:11:5e:e2:fe:e5:e5:e4:b2:3d:17:0f:9a:
                    8d:8e:91:67:76:e7:0c:06:88:28:c7:64:1d:4b:eb:
                    bf:bd:26:aa:16:f9:c7:e9:74:13:7b:ff:24:18:ac:
                    49:dc:af:cf:cb:dc:27:f5:44:5c:18:71:bf:ae:6f:
                    09:91:f6:d8:1b:44:1f:df:79:7a:c3:92:49:5f:63:
                    b8:45:5c:b6:b7:79:b9:31:fd:7b:c7:71:80:0c:31:
                    b8:5e:95:90:50:be:2a:b5:e0:c5:c0:ac:17:11:54:
                    b4:48:0b:f8:71:dd:fc:cd:2a:37:2c:fe:31:1e:6f:
                    53:ab:ef:37:b6:30:47:88:d4:03:86:22:33:6f:a7:
                    3c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:48:15:85:7F:60:53:D5:2A:E9:C9:26:50:98:F0:3C:39:8E:F0:5A
            X509v3 Authority Key Identifier:
                keyid:7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:8c:41:3d:fb:9d:73:c3:30:b2:f6:9e:76:6a:b1:b9:a2:db:
         8a:a2:13:40:d8:51:fe:f5:b9:71:a1:30:4f:d3:5c:d4:1b:3d:
         19:84:bf:09:57:20:c5:14:e2:0f:85:b2:0d:eb:db:6b:5f:13:
         d3:cd:40:c1:2f:34:c5:52:8f:0b:a2:73:87:6a:25:fc:5d:92:
         51:cb:38:be:36:79:75:74:e4:6a:34:a4:69:11:cd:df:61:15:
         46:df:c7:79:53:86:cc:66:c6:e0:af:c8:79:af:a2:e3:07:88:
         db:0b:70:3a:4a:83:c4:c1:bd:dc:2f:56:e6:20:02:6d:b5:c8:
         89:1c:73:35:09:3a:aa:f4:0c:84:bd:17:55:74:2a:d2:14:8a:
         5e:15:63:cb:8f:60:61:78:0c:45:30:36:81:bc:e2:9e:95:7c:
         16:31:68:f2:18:cd:84:31:2e:df:b0:f0:1c:65:15:12:2c:39:
         a2:f3:fb:7e:f3:bc:af:7c:05:6b:54:2a:59:5d:9d:63:69:12:
         06:73:d4:f8:ad:1d:da:2c:73:e5:84:92:60:bb:b2:f6:fe:43:
         72:9c:38:c5:92:d5:77:4f:a3:76:af:88:fa:7b:ba:fa:99:eb:
         f9:ae:fb:2d:09:84:5b:3e:9f:77:5b:1d:bd:f7:8a:30:b8:0b:
         8f:13:d3:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL7zbEv0N9aqyZmsrVDXWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2FmMThiNzk4OTk1ZTE0YjM4MTM2MWEwNmJiNjY4NDli
N2U4NWEwHhcNMjUwNTAxMTMwMDMyWhcNMjUwNTAyMTMwMDMyWjAzMTEwLwYDVQQD
Eyg2NzQ4MTU4NTdmNjA1M2Q1MmFlOWM5MjY1MDk4ZjAzYzM5OGVmMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHNaqJno+/qq35Bized+e+2cGfA0
15q0tl30yOwGpYN12l/EjG7xzb6bgK7ENMslX65zBRgjz6G6WMPIO/n93xe4omPg
kLiXvETxcNrP10ti8mcVgiYH1iJI37NkmddlGgN/DF8U/g15O9+nXVWxUTQ6V2vt
otZXUq8RXuL+5eXksj0XD5qNjpFnducMBogox2QdS+u/vSaqFvnH6XQTe/8kGKxJ
3K/Py9wn9URcGHG/rm8JkfbYG0Qf33l6w5JJX2O4RVy2t3m5Mf17x3GADDG4XpWQ
UL4qteDFwKwXEVS0SAv4cd38zSo3LP4xHm9Tq+83tjBHiNQDhiIzb6c8FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdIFYV/YFPVKunJJlCY8Dw5jvBaMB8GA1UdIwQY
MBaAFH168Yt5iZXhSzgTYaBrtmhJt+haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAt
N2M2MjUyYzVmNDVkLzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAtN2M2MjUyYzVmNDVk
LzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz4xBPfud
c8MwsvaedmqxuaLbiqITQNhR/vW5caEwT9Nc1Bs9GYS/CVcgxRTiD4WyDevba18T
081AwS80xVKPC6Jzh2ol/F2SUcs4vjZ5dXTkajSkaRHN32EVRt/HeVOGzGbG4K/I
ea+i4weI2wtwOkqDxMG93C9W5iACbbXIiRxzNQk6qvQMhL0XVXQq0hSKXhVjy49g
YXgMRTA2gbzinpV8FjFo8hjNhDEu37DwHGUVEiw5ovP7fvO8r3wFa1QqWV2dY2kS
BnPU+K0d2ixz5YSSYLuy9v5Dcpw4xZLVd0+jdq+I+nu6+pnr+a77LQmEWz6fd1sd
vfeKMLgLjxPTTQ==
-----END CERTIFICATE-----