Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          94qEM75th587hr5t7XlljS3hLza56RK8QTe6VWdjMes=
Subject key identifier:   B7:DF:DC:49:83:E0:D5:61:37:92:FC:BF:DE:D0:93:0F:53:CB:68:34
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019683FF25484DCF1E9920788E646F733F92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          04E7
Signing time:             Wed 30 Apr 2025 00:00:58 +0000
Manifest this update:     Wed 30 Apr 2025 00:00:58 +0000
Manifest next update:     Thu 01 May 2025 00:00:58 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: 3+lnUSTk7MyCRvqqGECM6n8cJfU/qAcbDAoYJxDdjrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:25:48:4d:cf:1e:99:20:78:8e:64:6f:73:3f:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Apr 30 00:00:58 2025 GMT
            Not After : May  1 00:00:58 2025 GMT
        Subject: CN=b7dfdc4983e0d5613792fcbfded0930f53cb6834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:72:2d:80:ee:56:c4:8f:32:6c:69:52:60:87:
                    2c:b5:98:84:c2:e6:7a:2b:3e:38:9f:bd:fb:13:93:
                    24:6a:09:ca:63:7d:68:42:61:ea:ab:1b:b5:bf:dd:
                    7c:69:4e:75:d9:f4:0f:12:9c:0d:b5:70:87:69:46:
                    9c:59:b2:b5:24:15:3f:71:a5:bd:ea:84:e6:be:d5:
                    62:d1:8d:4e:3d:ba:28:e6:fa:01:6e:be:ad:65:f6:
                    9c:4b:45:de:2f:1a:b3:8e:2c:11:b8:16:74:3a:a9:
                    7e:3e:de:1b:12:de:2d:47:76:38:dc:1f:86:6b:9d:
                    00:13:03:00:e7:21:08:7f:e6:1c:68:6f:11:08:b7:
                    68:c7:6e:a2:09:8a:10:52:27:bd:ae:65:37:62:e1:
                    41:39:12:0d:e2:8b:b8:16:4a:08:58:c6:d2:9f:4a:
                    c0:29:8e:ba:fb:30:47:2c:0c:82:05:24:1b:4c:f8:
                    74:c0:e1:13:b5:a8:b4:fd:18:35:29:5e:06:50:e0:
                    68:e1:fa:a2:fd:31:d8:8a:a5:86:18:83:86:70:d4:
                    ab:3c:1a:9d:c8:d8:c2:29:d1:d9:f1:d6:b8:69:0e:
                    48:b3:74:1a:8c:9a:83:09:0b:50:2d:94:9f:8f:ae:
                    5f:0d:5a:98:2b:dd:ec:46:35:38:39:85:15:9a:78:
                    e3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:DF:DC:49:83:E0:D5:61:37:92:FC:BF:DE:D0:93:0F:53:CB:68:34
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:71:85:80:ad:bb:8f:cb:8c:9c:46:19:61:71:a4:b3:0f:06:
         f8:17:af:6e:90:1a:73:88:a5:d4:68:c8:eb:cd:18:91:d6:78:
         68:ba:3d:06:e2:e2:b2:f6:07:85:d2:0b:41:cb:a1:bd:7f:6b:
         80:48:de:14:1c:6d:84:dd:62:b8:be:90:ce:44:e5:d4:33:42:
         94:ef:88:da:e5:00:ac:06:a4:d6:c9:dd:bd:39:b8:f5:f0:47:
         b6:d3:15:1a:50:c5:71:a0:9c:be:44:e7:13:5d:20:f0:da:c5:
         b9:76:f7:8a:9f:a9:ac:43:8c:0f:81:9a:e9:f1:1f:7f:01:13:
         41:06:94:c8:4c:1d:96:ce:31:2e:ad:e2:64:fe:a8:9a:bf:0c:
         f0:92:82:6f:c0:ae:d8:ab:d5:51:63:bd:3f:c9:e6:af:64:7c:
         30:0b:f7:46:25:e3:93:ec:14:39:e0:e4:3c:09:9f:c5:21:f0:
         b9:32:3e:05:19:6a:41:a5:71:0c:a2:7c:e9:cc:1f:eb:07:29:
         f9:7f:b4:14:a9:ce:33:3d:d3:ab:84:5e:bd:91:59:a6:8d:e8:
         db:af:e5:8a:21:60:9c:72:40:67:09:11:fd:46:78:25:69:bd:
         01:79:6d:b3:16:28:dc:51:e4:f5:e4:b8:b6:b2:d3:83:30:ed:
         34:69:55:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/yVITc8emSB4jmRvcz+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNDMwMDAwMDU4WhcNMjUwNTAxMDAwMDU4WjAzMTEwLwYDVQQD
EyhiN2RmZGM0OTgzZTBkNTYxMzc5MmZjYmZkZWQwOTMwZjUzY2I2ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnItgO5WxI8ybGlSYIcstZiEwuZ6
Kz44n737E5MkagnKY31oQmHqqxu1v918aU512fQPEpwNtXCHaUacWbK1JBU/caW9
6oTmvtVi0Y1OPboo5voBbr6tZfacS0XeLxqzjiwRuBZ0Oql+Pt4bEt4tR3Y43B+G
a50AEwMA5yEIf+YcaG8RCLdox26iCYoQUie9rmU3YuFBORIN4ou4FkoIWMbSn0rA
KY66+zBHLAyCBSQbTPh0wOETtai0/Rg1KV4GUOBo4fqi/THYiqWGGIOGcNSrPBqd
yNjCKdHZ8da4aQ5Is3QajJqDCQtQLZSfj65fDVqYK93sRjU4OYUVmnjjnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLff3EmD4NVhN5L8v97Qkw9Ty2g0MB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHGFgK27
j8uMnEYZYXGksw8G+BevbpAac4il1GjI680YkdZ4aLo9BuLisvYHhdILQcuhvX9r
gEjeFBxthN1iuL6QzkTl1DNClO+I2uUArAak1sndvTm49fBHttMVGlDFcaCcvkTn
E10g8NrFuXb3ip+prEOMD4Ga6fEffwETQQaUyEwdls4xLq3iZP6omr8M8JKCb8Cu
2KvVUWO9P8nmr2R8MAv3RiXjk+wUOeDkPAmfxSHwuTI+BRlqQaVxDKJ86cwf6wcp
+X+0FKnOMz3Tq4RevZFZpo3o26/liiFgnHJAZwkR/UZ4JWm9AXltsxYo3FHk9eS4
trLTgzDtNGlVsg==
-----END CERTIFICATE-----