Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          yLS4IMjjP+SifuzTpFkuhC67dOtucXmXy8eK3cSOX0w=
Subject key identifier:   CA:73:FB:8A:2F:79:64:20:87:44:E9:CC:7E:23:64:BE:9B:61:53:BB
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       01968058B0088889733A456E01906C37F2DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          05F9
Signing time:             Tue 29 Apr 2025 07:00:17 +0000
Manifest this update:     Tue 29 Apr 2025 07:00:17 +0000
Manifest next update:     Wed 30 Apr 2025 07:00:17 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: 2LkefnZK9VhO0iyaZ8UY61XUW0YlxeTEpxmHDJEhpt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:58:b0:08:88:89:73:3a:45:6e:01:90:6c:37:f2:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Apr 29 07:00:17 2025 GMT
            Not After : Apr 30 07:00:17 2025 GMT
        Subject: CN=ca73fb8a2f7964208744e9cc7e2364be9b6153bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1b:83:0e:4c:d8:73:d9:3a:51:6f:8c:57:87:
                    2a:38:14:73:c6:6a:52:b5:b5:5e:c4:00:19:77:34:
                    d9:5f:6b:65:f6:e1:fb:a3:48:d0:53:fd:2d:87:18:
                    07:1c:f7:0a:91:ac:ea:8d:82:22:35:42:59:72:07:
                    70:e8:fe:6e:a9:b0:81:58:cc:40:15:f5:26:0a:bc:
                    af:d5:f5:34:09:cb:a8:d2:ce:01:a3:df:dd:20:85:
                    e9:8e:dc:bf:1b:f7:cf:f2:fe:f8:db:9d:23:27:85:
                    d0:7c:a9:cc:fe:3b:08:93:7f:c4:9d:69:5e:d0:98:
                    75:71:67:9b:dc:8e:1d:dc:2b:88:fc:e1:91:6c:cc:
                    4c:ed:1b:eb:32:6d:e1:a7:b5:8c:9d:af:1c:42:ad:
                    8e:3b:6c:f6:b5:55:7b:e4:25:b9:b0:5c:eb:be:2b:
                    02:a7:7b:43:a9:b9:c0:fa:e6:7b:17:56:95:1b:fa:
                    1e:13:d1:31:b9:2b:a2:1a:6a:23:65:05:42:83:fc:
                    0b:61:29:2a:e2:88:3b:a9:7e:8e:79:50:3a:25:15:
                    81:7c:67:df:66:d2:39:1d:29:1f:ca:a1:21:da:92:
                    cd:8d:51:67:c5:b1:55:80:ad:66:d2:40:2c:a8:c5:
                    24:fb:a9:0e:e6:d0:1f:8a:d5:79:29:3c:6d:e2:3a:
                    c9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:73:FB:8A:2F:79:64:20:87:44:E9:CC:7E:23:64:BE:9B:61:53:BB
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:09:06:80:e6:25:57:d1:ef:b2:3d:f6:9f:fd:67:24:22:ac:
         af:96:c7:ec:e4:ee:b7:80:05:b3:75:33:74:cd:f0:dc:00:e7:
         e8:43:2f:b6:4e:23:8c:6e:0f:e4:a7:00:81:6d:2c:02:e8:cd:
         04:30:8a:01:5f:c5:fa:e7:e1:93:e2:2e:c3:42:5d:11:b4:92:
         b0:47:db:a0:37:e1:ff:71:e1:72:8b:dd:e0:30:fe:74:d9:06:
         5a:2b:e1:cd:ca:57:84:5b:02:f8:c7:ae:84:70:4c:f8:76:80:
         a3:67:c0:07:49:10:d0:9f:eb:f7:72:12:32:28:d2:e8:50:ef:
         c5:61:c4:16:f7:36:e6:99:32:53:57:7a:8e:d0:96:83:15:d1:
         29:1e:58:d4:b4:3f:f0:34:c8:69:8f:70:0f:32:c3:1a:37:fb:
         21:1f:44:d7:e6:27:e9:64:4a:7e:ee:b5:02:33:bf:39:19:3d:
         61:84:d2:0e:a0:93:92:1e:f8:1b:27:41:a8:8f:a9:c9:19:2a:
         3a:20:c4:0a:8a:30:96:f3:16:a9:2c:76:ca:44:cf:8f:33:a9:
         b0:a4:1a:06:e2:5c:f5:41:0b:c7:d4:3b:e5:b1:9b:4e:48:4c:
         ea:f8:2f:d6:a0:ef:da:f4:e8:6c:d1:7b:8e:67:7e:c1:c5:29:
         96:9b:39:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWLAIiIlzOkVuAZBsN/LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwNDI5MDcwMDE3WhcNMjUwNDMwMDcwMDE3WjAzMTEwLwYDVQQD
EyhjYTczZmI4YTJmNzk2NDIwODc0NGU5Y2M3ZTIzNjRiZTliNjE1M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRuDDkzYc9k6UW+MV4cqOBRzxmpS
tbVexAAZdzTZX2tl9uH7o0jQU/0thxgHHPcKkazqjYIiNUJZcgdw6P5uqbCBWMxA
FfUmCryv1fU0Ccuo0s4Bo9/dIIXpjty/G/fP8v74250jJ4XQfKnM/jsIk3/EnWle
0Jh1cWeb3I4d3CuI/OGRbMxM7RvrMm3hp7WMna8cQq2OO2z2tVV75CW5sFzrvisC
p3tDqbnA+uZ7F1aVG/oeE9ExuSuiGmojZQVCg/wLYSkq4og7qX6OeVA6JRWBfGff
ZtI5HSkfyqEh2pLNjVFnxbFVgK1m0kAsqMUk+6kO5tAfitV5KTxt4jrJ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpz+4oveWQgh0TpzH4jZL6bYVO7MB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbgkGgOYl
V9Hvsj32n/1nJCKsr5bH7OTut4AFs3UzdM3w3ADn6EMvtk4jjG4P5KcAgW0sAujN
BDCKAV/F+ufhk+Iuw0JdEbSSsEfboDfh/3Hhcovd4DD+dNkGWivhzcpXhFsC+Meu
hHBM+HaAo2fAB0kQ0J/r93ISMijS6FDvxWHEFvc25pkyU1d6jtCWgxXRKR5Y1LQ/
8DTIaY9wDzLDGjf7IR9E1+Yn6WRKfu61AjO/ORk9YYTSDqCTkh74GydBqI+pyRkq
OiDECoowlvMWqSx2ykTPjzOpsKQaBuJc9UELx9Q75bGbTkhM6vgv1qDv2vTobNF7
jmd+wcUplps5qQ==
-----END CERTIFICATE-----