Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
File:                     wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft (raw, json)
Hash identifier:          SqAezLWnI4yfRT/DPHqVjZzhZRglA6MAT9OAB8PY0bw=
Subject key identifier:   BC:C3:62:1E:9E:49:FE:A3:80:4E:2E:E7:36:D7:27:7C:88:CE:B2:C1
Authority key identifier: C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55
Certificate issuer:       /CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
Certificate serial:       01965E03954171CB0B3A67BBF482CDFEB437
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
Manifest number:          023A
Signing time:             Tue 22 Apr 2025 15:00:15 +0000
Manifest this update:     Tue 22 Apr 2025 15:00:15 +0000
Manifest next update:     Wed 23 Apr 2025 15:00:15 +0000
Files and hashes:         1: wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl (hash: MllGFUZPWdyOLYOIKu0hEt68D7vbG5h80DxqK8iHGdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 14:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5e:03:95:41:71:cb:0b:3a:67:bb:f4:82:cd:fe:b4:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
        Validity
            Not Before: Apr 22 15:00:15 2025 GMT
            Not After : Apr 23 15:00:15 2025 GMT
        Subject: CN=bcc3621e9e49fea3804e2ee736d7277c88ceb2c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:56:a2:1e:3c:6f:ef:3d:1b:4c:60:03:e1:92:
                    4f:7b:ba:3f:79:78:6c:4a:85:00:39:27:65:5d:7c:
                    e0:fd:c1:d1:23:74:7c:b2:4f:2e:91:31:a9:19:d6:
                    fa:07:28:44:97:65:1b:97:43:2a:e0:d5:b8:fd:ec:
                    ee:8f:6a:be:e8:77:10:c6:1b:49:89:de:77:2a:19:
                    3d:25:a1:20:24:99:75:9e:22:f8:ac:d8:7f:a9:70:
                    e2:b1:af:ac:69:82:a8:ba:32:54:66:cf:9d:02:71:
                    4a:22:20:48:a7:73:98:7e:66:d4:12:2e:78:77:55:
                    ff:ba:22:ca:eb:7b:2d:c7:2d:13:a3:a9:a9:4c:9d:
                    40:1f:cc:9d:34:d7:41:08:79:1e:34:c9:53:31:4c:
                    2c:43:17:bf:a3:4e:9b:b1:1d:ec:1f:1d:b0:9a:9e:
                    82:b3:4e:01:43:b8:06:fa:d5:bf:86:0e:bf:a0:23:
                    a5:d3:5d:ac:7a:38:ad:a3:37:a7:2f:33:2f:6a:45:
                    5d:3c:2f:d3:fc:fc:02:71:09:b2:8c:20:e0:a7:5e:
                    50:c4:0a:20:d8:89:80:be:9f:a2:0d:89:f9:ee:61:
                    b2:40:07:38:48:83:e9:f6:c0:21:0b:9a:4e:b1:47:
                    c4:f4:63:31:fc:d4:a5:62:3c:f4:97:5a:ff:82:c0:
                    56:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C3:62:1E:9E:49:FE:A3:80:4E:2E:E7:36:D7:27:7C:88:CE:B2:C1
            X509v3 Authority Key Identifier:
                keyid:C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ad:fd:7b:6b:dd:e1:ed:50:a0:c0:78:7b:5d:7f:cb:db:8a:
         50:2e:06:dd:4b:8a:34:e7:4d:d8:0e:0d:00:58:7b:30:73:23:
         56:13:6b:12:65:67:37:53:6d:a8:4e:61:5e:de:20:79:ba:3e:
         a0:01:a6:13:38:3f:03:d1:57:c8:55:19:41:76:fd:0a:be:00:
         99:7d:5c:fa:2e:d2:40:b7:b5:8b:95:8e:b2:c4:f4:f2:57:4e:
         3c:53:9c:a3:59:75:0a:f7:42:23:93:3f:d7:10:41:2a:36:18:
         85:13:59:ff:8a:69:11:90:3f:20:80:c5:51:a1:24:4c:23:8a:
         68:1f:5d:a5:f0:23:75:27:46:f0:15:04:0a:6d:8f:fe:c1:6f:
         5b:85:c8:fc:d8:2b:cb:ab:91:71:5c:a7:98:9c:25:30:71:c7:
         24:ef:d9:5a:df:3e:6c:4f:91:ce:3d:9f:df:63:66:15:0b:03:
         1d:b9:7a:e0:a3:5f:e0:90:a4:fd:fb:94:7f:91:ec:af:7a:d7:
         ff:7b:24:c9:81:c2:a7:51:60:f5:a4:31:76:44:5d:f9:04:29:
         cf:b1:a6:4b:92:78:1b:a2:91:da:ba:ae:b3:4d:6d:e7:14:fa:
         20:18:9b:16:de:c9:bb:3e:c0:35:71:e1:77:54:36:ff:a7:f6:
         cf:a7:8c:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZeA5VBccsLOme79ILN/rQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOGQzMzg0YjQxMmM3Y2NkYmZmYTY0MWQ0MTRjMTE3ZGQw
ZWQwNTUwHhcNMjUwNDIyMTUwMDE1WhcNMjUwNDIzMTUwMDE1WjAzMTEwLwYDVQQD
EyhiY2MzNjIxZTllNDlmZWEzODA0ZTJlZTczNmQ3Mjc3Yzg4Y2ViMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1aiHjxv7z0bTGAD4ZJPe7o/eXhs
SoUAOSdlXXzg/cHRI3R8sk8ukTGpGdb6ByhEl2Ubl0Mq4NW4/ezuj2q+6HcQxhtJ
id53Khk9JaEgJJl1niL4rNh/qXDisa+saYKoujJUZs+dAnFKIiBIp3OYfmbUEi54
d1X/uiLK63stxy0To6mpTJ1AH8ydNNdBCHkeNMlTMUwsQxe/o06bsR3sHx2wmp6C
s04BQ7gG+tW/hg6/oCOl012sejitozenLzMvakVdPC/T/PwCcQmyjCDgp15QxAog
2ImAvp+iDYn57mGyQAc4SIPp9sAhC5pOsUfE9GMx/NSlYjz0l1r/gsBWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzDYh6eSf6jgE4u5zbXJ3yIzrLBMB8GA1UdIwQY
MBaAFMKNM4S0EsfM2/+mQdQUwRfdDtBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEt
ZDkwMzY4MjcwZTE0LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEtZDkwMzY4MjcwZTE0
LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMK39e2vd
4e1QoMB4e11/y9uKUC4G3UuKNOdN2A4NAFh7MHMjVhNrEmVnN1NtqE5hXt4gebo+
oAGmEzg/A9FXyFUZQXb9Cr4AmX1c+i7SQLe1i5WOssT08ldOPFOco1l1CvdCI5M/
1xBBKjYYhRNZ/4ppEZA/IIDFUaEkTCOKaB9dpfAjdSdG8BUECm2P/sFvW4XI/Ngr
y6uRcVynmJwlMHHHJO/ZWt8+bE+Rzj2f32NmFQsDHbl64KNf4JCk/fuUf5Hsr3rX
/3skyYHCp1Fg9aQxdkRd+QQpz7GmS5J4G6KR2rqus01t5xT6IBibFt7Juz7ANXHh
d1Q2/6f2z6eMTQ==
-----END CERTIFICATE-----