Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          34t0BmsMo6lE3Izbxh9K7H5vjL8/Psrmk7nwlz4QyHQ=
Subject key identifier:   A7:84:B2:63:93:1E:AA:A0:FC:5D:82:30:96:D5:92:17:82:8E:8B:E1
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       01968A37A91A4B463AAEA7F8F11E86CA01B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          0325
Signing time:             Thu 01 May 2025 05:00:25 +0000
Manifest this update:     Thu 01 May 2025 05:00:25 +0000
Manifest next update:     Fri 02 May 2025 05:00:25 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: ZHaCHI6W4blJUwnUrNOE7JBLHTAdOig87Wmg5vXEKTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 05:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:37:a9:1a:4b:46:3a:ae:a7:f8:f1:1e:86:ca:01:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: May  1 05:00:25 2025 GMT
            Not After : May  2 05:00:25 2025 GMT
        Subject: CN=a784b263931eaaa0fc5d823096d59217828e8be1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:4c:63:ac:8b:b6:ae:2c:0c:47:8f:9b:fd:d0:
                    42:e9:aa:15:8f:8a:4f:e5:72:e7:70:fc:b4:72:7a:
                    a9:1d:9b:58:5b:55:7f:b6:11:a1:74:bd:b5:22:25:
                    46:6c:78:36:c3:81:f1:1b:ef:08:d9:4b:18:6c:02:
                    e1:33:51:bf:e9:71:ef:d5:57:51:f7:f3:aa:bb:82:
                    c6:8a:ad:e3:f5:76:2c:2e:53:f9:e9:60:28:b2:bc:
                    29:58:17:b8:73:71:58:54:3c:81:95:1b:cf:04:2c:
                    ea:9f:8e:dc:06:14:55:8f:2d:e0:42:dd:b0:aa:c0:
                    0a:62:bc:a7:a5:9f:cb:89:73:80:04:3b:4b:14:e6:
                    2a:c3:c7:46:d6:2c:f7:d9:29:bd:ea:ba:d7:59:39:
                    99:c1:cd:4b:06:18:99:e2:16:09:92:e6:2c:ed:bc:
                    e3:8d:bd:7f:b0:33:fc:e7:68:1a:a2:89:20:15:7c:
                    99:89:54:f1:0d:c6:14:b8:d0:8d:89:d0:d9:fd:e0:
                    e6:7c:44:06:02:12:26:7c:59:9e:d7:dc:f3:ca:7f:
                    6b:6e:ff:a2:01:86:6a:44:90:d3:e6:75:0b:d1:2d:
                    3e:e6:a1:ea:d4:d2:8c:58:09:96:80:da:84:34:1e:
                    c9:bf:59:32:94:ab:8c:2f:d8:dd:01:86:eb:2c:d0:
                    bd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:84:B2:63:93:1E:AA:A0:FC:5D:82:30:96:D5:92:17:82:8E:8B:E1
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:ed:5a:45:14:7c:48:13:aa:46:60:e8:16:81:a9:3a:b9:3b:
         41:0a:cf:62:3f:88:d1:40:97:4c:1d:43:a6:98:38:21:0e:09:
         48:09:4f:26:0e:bb:0d:92:fd:77:8c:96:de:1d:b3:e8:1f:b7:
         bd:44:81:ec:b5:f8:f8:39:65:95:ed:80:ed:59:4b:13:a1:c4:
         ba:d9:ae:ce:66:29:33:9b:b8:0b:2a:21:e5:60:6c:2b:6f:ba:
         2b:3e:9e:68:20:30:38:53:ca:04:77:b0:82:61:af:33:76:1e:
         a5:d2:64:aa:42:62:3d:67:b2:0d:d5:ea:50:f5:71:33:d3:5b:
         3e:1f:d9:ef:e7:7e:7d:1a:19:c4:90:69:f3:74:08:59:01:45:
         91:a8:8f:af:3e:66:9d:d4:52:c9:ef:46:e0:d9:c0:ca:83:18:
         31:28:c7:d2:8f:ff:25:92:c1:dc:f4:f3:c8:59:65:d9:45:04:
         97:f5:99:0e:5a:4a:55:37:a6:ba:43:de:5c:56:a8:96:75:60:
         f9:67:00:5c:91:e3:74:88:14:07:b5:51:9b:f0:b1:52:de:c1:
         73:86:74:ae:89:61:f5:5d:26:ea:57:e6:b4:4e:73:d7:58:ff:
         5f:4f:70:3c:39:c6:e7:48:06:a3:db:9c:bc:d9:0c:b8:7e:87:
         6a:7a:f5:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKN6kaS0Y6rqf48R6GygGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwNTAxMDUwMDI1WhcNMjUwNTAyMDUwMDI1WjAzMTEwLwYDVQQD
EyhhNzg0YjI2MzkzMWVhYWEwZmM1ZDgyMzA5NmQ1OTIxNzgyOGU4YmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ExjrIu2riwMR4+b/dBC6aoVj4pP
5XLncPy0cnqpHZtYW1V/thGhdL21IiVGbHg2w4HxG+8I2UsYbALhM1G/6XHv1VdR
9/Oqu4LGiq3j9XYsLlP56WAosrwpWBe4c3FYVDyBlRvPBCzqn47cBhRVjy3gQt2w
qsAKYrynpZ/LiXOABDtLFOYqw8dG1iz32Sm96rrXWTmZwc1LBhiZ4hYJkuYs7bzj
jb1/sDP852gaookgFXyZiVTxDcYUuNCNidDZ/eDmfEQGAhImfFme19zzyn9rbv+i
AYZqRJDT5nUL0S0+5qHq1NKMWAmWgNqENB7Jv1kylKuML9jdAYbrLNC9lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeEsmOTHqqg/F2CMJbVkheCjovhMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADe1aRRR8
SBOqRmDoFoGpOrk7QQrPYj+I0UCXTB1Dppg4IQ4JSAlPJg67DZL9d4yW3h2z6B+3
vUSB7LX4+Dllle2A7VlLE6HEutmuzmYpM5u4Cyoh5WBsK2+6Kz6eaCAwOFPKBHew
gmGvM3YepdJkqkJiPWeyDdXqUPVxM9NbPh/Z7+d+fRoZxJBp83QIWQFFkaiPrz5m
ndRSye9G4NnAyoMYMSjH0o//JZLB3PTzyFll2UUEl/WZDlpKVTemukPeXFaolnVg
+WcAXJHjdIgUB7VRm/CxUt7Bc4Z0rolh9V0m6lfmtE5z11j/X09wPDnG50gGo9uc
vNkMuH6Hanr1JQ==
-----END CERTIFICATE-----