Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          QzNgXs7Yiu4Xb00pVBUlYZC2qirIeLuDsDgvyKpviyQ=
Subject key identifier:   5B:FD:D5:62:36:09:00:D5:40:AC:A0:81:31:61:47:F3:33:CD:AA:50
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019655375747D3BF583CE0155BD97E397613
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          144E
Signing time:             Sun 20 Apr 2025 22:00:12 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:12 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:12 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: ytqwgj3CgmDDvFC1zJj1e45qRn0YrWE/GhARphAcguI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:57:47:d3:bf:58:3c:e0:15:5b:d9:7e:39:76:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Apr 20 22:00:12 2025 GMT
            Not After : Apr 21 22:00:12 2025 GMT
        Subject: CN=5bfdd562360900d540aca081316147f333cdaa50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b1:97:71:92:e8:29:bd:0f:21:88:fe:32:94:
                    99:f2:c6:dd:4a:d9:3c:f6:c9:f6:06:0a:e1:fe:de:
                    e2:68:ed:1a:38:21:8a:bd:c8:de:f4:f8:e5:c7:2b:
                    3a:cf:a5:b2:7b:fb:5b:37:60:f1:74:99:0c:e8:64:
                    d8:e7:0e:57:28:a5:36:07:16:b5:51:a8:9b:37:d7:
                    f1:de:21:e1:6e:dd:ed:51:1c:5c:08:29:a0:91:8e:
                    c9:4e:14:9a:94:3f:2c:e4:9e:94:78:51:7b:ce:5b:
                    4d:29:08:b3:6f:9b:d7:df:36:cc:9e:55:ea:9a:d1:
                    83:3c:39:ec:81:c8:8c:0f:f3:39:c4:50:5e:9d:d5:
                    25:9a:fe:75:7b:88:58:3e:f4:ee:23:30:e6:b9:48:
                    f7:f5:21:d4:2e:73:18:b3:7e:5b:fa:58:6f:6c:2e:
                    11:f6:f5:9d:25:37:5a:29:cf:eb:6a:9c:23:1b:a7:
                    3c:22:18:52:67:ab:3d:54:95:09:84:b1:cc:d2:6a:
                    67:c2:c2:15:cd:e8:71:08:c3:92:1e:55:e3:9f:3a:
                    96:00:c6:3e:a8:9f:92:08:07:18:33:c7:dc:4a:e8:
                    7c:d5:ff:03:69:09:bc:ff:05:ec:27:ee:25:f8:69:
                    df:eb:85:29:cc:ce:31:d8:ee:d3:cf:23:e3:d6:0e:
                    fa:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FD:D5:62:36:09:00:D5:40:AC:A0:81:31:61:47:F3:33:CD:AA:50
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:6e:2e:41:8e:d9:69:b2:7f:59:7d:f0:66:fb:85:7e:fe:0b:
         74:c2:98:d7:67:c1:47:fe:0e:13:d3:0e:e4:37:49:dd:f7:c3:
         ec:00:41:44:85:ad:93:c4:9b:61:5e:62:90:09:45:3e:52:9a:
         8a:04:97:17:e1:f1:a0:c2:0a:62:25:9a:77:80:e7:09:71:37:
         53:4d:10:06:f2:ac:93:d3:b9:1e:74:ec:2c:17:ae:49:36:40:
         c8:ea:9b:d9:b6:c6:80:79:e3:61:28:54:04:7a:35:81:1e:5b:
         dc:31:67:37:f4:63:54:dd:9f:64:fb:6e:02:87:d2:2b:25:f9:
         f7:08:07:62:52:5b:00:e0:ba:8e:dc:37:d3:c8:3e:a1:29:c2:
         d6:97:f2:56:b3:4c:05:58:d8:01:e0:92:55:b1:5c:63:ee:42:
         9a:d4:bb:2f:58:94:9a:10:e4:6c:24:40:af:e6:1b:dd:1c:5c:
         bd:dd:a8:cd:d3:57:a9:6b:b6:97:c1:06:80:31:b8:42:f6:9d:
         35:cf:09:3a:41:44:67:58:b7:40:7d:54:9b:b2:b8:aa:1f:cd:
         7e:e1:8a:7d:ff:10:3b:7b:9a:ba:4f:1d:48:af:bb:9f:d6:16:
         c9:1f:c0:f9:be:80:c7:db:fd:57:f7:4f:29:16:96:5d:1a:ce:
         9d:1a:dc:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN1dH079YPOAVW9l+OXYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwNDIwMjIwMDEyWhcNMjUwNDIxMjIwMDEyWjAzMTEwLwYDVQQD
Eyg1YmZkZDU2MjM2MDkwMGQ1NDBhY2EwODEzMTYxNDdmMzMzY2RhYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbGXcZLoKb0PIYj+MpSZ8sbdStk8
9sn2Bgrh/t7iaO0aOCGKvcje9Pjlxys6z6Wye/tbN2DxdJkM6GTY5w5XKKU2Bxa1
UaibN9fx3iHhbt3tURxcCCmgkY7JThSalD8s5J6UeFF7zltNKQizb5vX3zbMnlXq
mtGDPDnsgciMD/M5xFBendUlmv51e4hYPvTuIzDmuUj39SHULnMYs35b+lhvbC4R
9vWdJTdaKc/rapwjG6c8IhhSZ6s9VJUJhLHM0mpnwsIVzehxCMOSHlXjnzqWAMY+
qJ+SCAcYM8fcSuh81f8DaQm8/wXsJ+4l+Gnf64UpzM4x2O7TzyPj1g769wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv91WI2CQDVQKyggTFhR/MzzapQMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQG4uQY7Z
abJ/WX3wZvuFfv4LdMKY12fBR/4OE9MO5DdJ3ffD7ABBRIWtk8SbYV5ikAlFPlKa
igSXF+HxoMIKYiWad4DnCXE3U00QBvKsk9O5HnTsLBeuSTZAyOqb2bbGgHnjYShU
BHo1gR5b3DFnN/RjVN2fZPtuAofSKyX59wgHYlJbAOC6jtw308g+oSnC1pfyVrNM
BVjYAeCSVbFcY+5CmtS7L1iUmhDkbCRAr+Yb3Rxcvd2ozdNXqWu2l8EGgDG4Qvad
Nc8JOkFEZ1i3QH1Um7K4qh/NfuGKff8QO3uauk8dSK+7n9YWyR/A+b6Ax9v9V/dP
KRaWXRrOnRrcIA==
-----END CERTIFICATE-----