Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          UpuWs2+M+fY0w/lfQPSX99+mIgnqEldpv9Kyfra9e9s=
Subject key identifier:   0D:3F:F6:02:C0:C7:E2:23:58:C5:C8:9A:2F:45:9A:4D:87:3F:4B:68
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019655377AD114ED0AC3553212EC88DFA0E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0A88
Signing time:             Sun 20 Apr 2025 22:00:21 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:21 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:21 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: uxVMaa46ScmtDfjPLTu9cgwbr6wlddNShIzK+m+B0ZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:7a:d1:14:ed:0a:c3:55:32:12:ec:88:df:a0:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Apr 20 22:00:21 2025 GMT
            Not After : Apr 21 22:00:21 2025 GMT
        Subject: CN=0d3ff602c0c7e22358c5c89a2f459a4d873f4b68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0f:8f:6d:74:3b:dd:6b:b9:5b:f1:99:c2:88:
                    50:8d:17:ba:67:bc:3d:42:ba:79:7f:a6:29:0b:8d:
                    66:36:ec:b6:3c:ce:59:42:09:31:e2:45:d2:b2:32:
                    e9:b1:61:49:c7:0c:4b:d7:a1:30:6d:29:0d:f3:4d:
                    4e:fd:36:44:36:8e:60:b3:d7:9d:25:2e:1e:fb:d5:
                    f4:bb:a8:1f:c8:3e:64:e9:1d:0f:ed:1f:05:1f:b5:
                    5d:e0:ff:30:60:f4:8d:d1:1a:5c:8c:9f:6e:96:29:
                    d5:34:a1:22:ed:9c:38:b0:de:56:0b:ff:5c:26:20:
                    3b:db:07:a8:6a:f3:48:b9:9d:5b:09:cc:f7:0a:13:
                    b9:ca:41:96:49:59:5e:64:1f:17:36:96:b2:50:21:
                    b8:0f:19:d4:b4:86:ac:8c:0f:e9:89:be:95:29:d0:
                    d2:51:da:b3:f5:bf:d9:3b:8f:b2:57:b4:e1:e9:89:
                    bd:24:da:d3:2f:4e:8c:f1:ca:81:a2:ec:64:48:cd:
                    23:10:60:f4:9b:d8:89:fd:06:92:8b:85:96:7d:e4:
                    fe:83:7c:81:0d:52:90:81:74:85:5a:20:6a:81:3d:
                    10:d3:be:38:a5:f7:39:07:59:ce:d9:94:82:98:21:
                    82:4e:84:69:0a:4b:34:63:dd:23:86:b0:bf:f6:16:
                    ac:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:3F:F6:02:C0:C7:E2:23:58:C5:C8:9A:2F:45:9A:4D:87:3F:4B:68
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:40:3d:09:0b:90:e0:c5:bc:26:dc:48:62:e6:0e:f7:76:a7:
         94:08:8c:ec:7e:f8:33:27:70:40:66:a4:99:4a:69:88:28:35:
         7a:34:a7:86:5b:21:4b:a4:98:a1:bf:63:6c:3d:ba:9e:3f:ad:
         df:c8:29:66:9f:47:2d:38:69:7d:17:2c:67:c7:2c:a8:84:6b:
         ec:e5:20:fc:d7:07:14:4a:c3:47:56:a7:f8:93:f5:5b:bc:4d:
         64:01:10:fd:a6:bc:e7:e4:10:2e:2d:88:01:b2:73:c5:d0:9d:
         a4:a6:e9:db:07:43:8a:1c:0c:c2:ae:96:d3:e7:a0:37:30:e2:
         28:a6:cc:6a:52:41:36:2a:a7:a0:e9:5a:28:75:bb:87:8a:ad:
         b7:89:ab:f0:4b:8f:25:16:33:9d:28:09:32:14:d8:2f:cd:6a:
         56:f0:72:a3:9c:28:29:9d:fb:46:1e:61:61:28:ee:3f:fd:17:
         d0:df:ab:72:7f:61:15:45:98:0b:1f:e5:8d:ea:04:39:b4:79:
         28:e5:88:b7:ba:ee:7d:31:00:9d:aa:f4:fd:89:c9:24:d1:af:
         fe:ce:a1:c9:f2:e1:71:85:f8:98:1e:3e:e6:e1:05:b4:04:f9:
         57:bb:1e:5b:90:57:f4:2c:9b:6d:8b:94:12:5f:fc:d0:e6:2e:
         6e:9a:87:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN3rRFO0Kw1UyEuyI36DlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwNDIwMjIwMDIxWhcNMjUwNDIxMjIwMDIxWjAzMTEwLwYDVQQD
EygwZDNmZjYwMmMwYzdlMjIzNThjNWM4OWEyZjQ1OWE0ZDg3M2Y0YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Q+PbXQ73Wu5W/GZwohQjRe6Z7w9
Qrp5f6YpC41mNuy2PM5ZQgkx4kXSsjLpsWFJxwxL16EwbSkN801O/TZENo5gs9ed
JS4e+9X0u6gfyD5k6R0P7R8FH7Vd4P8wYPSN0RpcjJ9ulinVNKEi7Zw4sN5WC/9c
JiA72weoavNIuZ1bCcz3ChO5ykGWSVleZB8XNpayUCG4DxnUtIasjA/pib6VKdDS
Udqz9b/ZO4+yV7Th6Ym9JNrTL06M8cqBouxkSM0jEGD0m9iJ/QaSi4WWfeT+g3yB
DVKQgXSFWiBqgT0Q0744pfc5B1nO2ZSCmCGCToRpCks0Y90jhrC/9hasWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0/9gLAx+IjWMXImi9Fmk2HP0toMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUA9CQuQ
4MW8JtxIYuYO93anlAiM7H74MydwQGakmUppiCg1ejSnhlshS6SYob9jbD26nj+t
38gpZp9HLThpfRcsZ8csqIRr7OUg/NcHFErDR1an+JP1W7xNZAEQ/aa85+QQLi2I
AbJzxdCdpKbp2wdDihwMwq6W0+egNzDiKKbMalJBNiqnoOlaKHW7h4qtt4mr8EuP
JRYznSgJMhTYL81qVvByo5woKZ37Rh5hYSjuP/0X0N+rcn9hFUWYCx/ljeoEObR5
KOWIt7rufTEAnar0/YnJJNGv/s6hyfLhcYX4mB4+5uEFtAT5V7seW5BX9CybbYuU
El/80OYubpqHVQ==
-----END CERTIFICATE-----