Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
File:                     AhaSppUBf7XEv4wjgHjzA9j78Ic.mft (raw, json)
Hash identifier:          fNc9WiH9eGsZBnvSv3X/M9jfiZDDwpFuKIJE+7f5i0A=
Subject key identifier:   A3:1B:C2:E2:8A:1F:C5:49:BB:F6:4A:FB:96:22:23:31:49:6C:1F:25
Authority key identifier: 02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87
Certificate issuer:       /CN=021692a695017fb5c4bf8c238078f303d8fbf087
Certificate serial:       01968391AC93AEC12BB95E0A7754BE14C820
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
Manifest number:          1512
Signing time:             Tue 29 Apr 2025 22:01:24 +0000
Manifest this update:     Tue 29 Apr 2025 22:01:24 +0000
Manifest next update:     Wed 30 Apr 2025 22:01:24 +0000
Files and hashes:         1: AhaSppUBf7XEv4wjgHjzA9j78Ic.crl (hash: MPY/UaA9ss1JmZR4Fr/V9QQPs8pCWmzfkPXFF3YQwA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:ac:93:ae:c1:2b:b9:5e:0a:77:54:be:14:c8:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021692a695017fb5c4bf8c238078f303d8fbf087
        Validity
            Not Before: Apr 29 22:01:24 2025 GMT
            Not After : Apr 30 22:01:24 2025 GMT
        Subject: CN=a31bc2e28a1fc549bbf64afb96222331496c1f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:94:86:87:b5:fc:c7:9a:a0:61:4b:5a:60:b7:
                    f5:66:5a:6c:7f:21:b0:65:a8:5b:d4:6d:8a:35:32:
                    26:4d:7c:cc:8d:cf:e2:65:3b:9c:59:de:a3:dd:8c:
                    26:13:f5:b4:7c:f7:41:fd:da:13:f2:d0:a2:9e:96:
                    c6:2a:58:45:17:42:8d:51:5a:5b:7a:af:76:5d:97:
                    1d:52:80:cd:f7:90:ff:e4:1d:99:f1:e0:95:67:25:
                    d8:e4:03:4b:65:81:f0:8c:9d:fd:0a:a6:87:4e:d3:
                    58:5a:22:a1:26:d0:72:f2:ac:4a:b8:9b:ba:5e:be:
                    1f:7d:f7:7b:c5:eb:d1:1c:79:ef:6e:f1:da:82:10:
                    f4:c3:f0:7d:ef:b8:89:9a:1b:e1:a0:69:a0:90:77:
                    75:36:71:6c:2b:b4:e8:e8:73:de:83:5d:9c:f8:d6:
                    5f:4d:26:27:43:79:e8:dc:b2:95:c5:49:df:55:90:
                    d8:46:fe:fb:e6:2f:c2:9f:78:e0:f9:a2:5a:35:36:
                    15:67:02:fc:52:d4:b7:94:98:e8:94:2c:93:8b:87:
                    29:51:0a:3b:73:5a:26:83:b5:9f:94:e9:cc:02:02:
                    3f:21:43:8b:22:1c:9f:53:7e:96:21:bf:77:ef:1d:
                    df:b1:e1:99:44:5d:71:05:c8:cc:da:a1:ad:01:7b:
                    b6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:1B:C2:E2:8A:1F:C5:49:BB:F6:4A:FB:96:22:23:31:49:6C:1F:25
            X509v3 Authority Key Identifier:
                keyid:02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:ac:b7:b2:f9:11:c2:78:fb:51:fa:5b:1a:42:ab:2a:2b:3c:
         5a:46:5c:8d:7d:ea:2b:66:db:e0:66:32:b8:48:4d:9c:96:75:
         0a:d7:ec:de:9c:9d:c9:ff:1f:bb:78:d7:bf:2a:9d:e3:40:14:
         38:78:f3:fb:85:fa:c4:2f:05:07:1a:d8:0e:fd:42:bd:b7:a5:
         18:db:fe:b9:25:e4:62:fd:13:24:b6:80:5f:36:ba:f1:f5:0b:
         b6:1f:2c:30:94:5f:3c:6d:68:60:fc:ce:3a:43:b5:61:22:a1:
         33:0f:de:93:e2:e5:46:29:78:4d:a7:a0:29:46:58:cd:ad:f8:
         86:2d:77:fd:64:04:9a:c8:9d:c4:10:59:19:d0:19:7e:26:5c:
         89:0f:1a:f6:14:60:f7:3a:da:7a:91:30:ae:c3:09:4d:d8:50:
         69:2a:51:73:d4:ba:db:95:ee:9b:42:97:88:c3:1b:2a:37:5c:
         2d:f6:76:39:7d:b5:11:7a:7e:1a:f0:7b:52:b8:03:10:59:bf:
         5c:01:82:36:cd:87:0f:b1:f1:a5:e1:db:d6:e6:f0:2d:2a:12:
         fd:cb:42:6a:35:31:dd:a9:b8:d9:c0:80:3e:55:ab:d6:6b:3c:
         9c:0a:a2:0d:8e:da:b2:db:71:72:d1:05:b7:8f:fd:8b:37:43:
         2c:54:f2:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkayTrsEruV4Kd1S+FMggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTY5MmE2OTUwMTdmYjVjNGJmOGMyMzgwNzhmMzAzZDhm
YmYwODcwHhcNMjUwNDI5MjIwMTI0WhcNMjUwNDMwMjIwMTI0WjAzMTEwLwYDVQQD
EyhhMzFiYzJlMjhhMWZjNTQ5YmJmNjRhZmI5NjIyMjMzMTQ5NmMxZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45SGh7X8x5qgYUtaYLf1ZlpsfyGw
Zahb1G2KNTImTXzMjc/iZTucWd6j3YwmE/W0fPdB/doT8tCinpbGKlhFF0KNUVpb
eq92XZcdUoDN95D/5B2Z8eCVZyXY5ANLZYHwjJ39CqaHTtNYWiKhJtBy8qxKuJu6
Xr4fffd7xevRHHnvbvHaghD0w/B977iJmhvhoGmgkHd1NnFsK7To6HPeg12c+NZf
TSYnQ3no3LKVxUnfVZDYRv775i/Cn3jg+aJaNTYVZwL8UtS3lJjolCyTi4cpUQo7
c1omg7WflOnMAgI/IUOLIhyfU36WIb937x3fseGZRF1xBcjM2qGtAXu2uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMbwuKKH8VJu/ZK+5YiIzFJbB8lMB8GA1UdIwQY
MBaAFAIWkqaVAX+1xL+MI4B48wPY+/CHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUt
NDhkMjVjMGE0OTVmLzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUtNDhkMjVjMGE0OTVm
LzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKy3svkR
wnj7UfpbGkKrKis8WkZcjX3qK2bb4GYyuEhNnJZ1Ctfs3pydyf8fu3jXvyqd40AU
OHjz+4X6xC8FBxrYDv1CvbelGNv+uSXkYv0TJLaAXza68fULth8sMJRfPG1oYPzO
OkO1YSKhMw/ek+LlRil4TaegKUZYza34hi13/WQEmsidxBBZGdAZfiZciQ8a9hRg
9zraepEwrsMJTdhQaSpRc9S625Xum0KXiMMbKjdcLfZ2OX21EXp+GvB7UrgDEFm/
XAGCNs2HD7HxpeHb1ubwLSoS/ctCajUx3am42cCAPlWr1ms8nAqiDY7asttxctEF
t4/9izdDLFTyHA==
-----END CERTIFICATE-----