Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.mft
File:                     uQkHzuT6xQ83U2Iq0hqYmud0HEc.mft (raw, json)
Hash identifier:          uprK6oCtZ9axh49VFIOibzNDATPanXvz8L9mD5pF3/0=
Subject key identifier:   5D:CF:07:1D:E3:F3:B1:5C:2D:55:27:93:21:69:43:9F:81:F4:A6:6D
Authority key identifier: B9:09:07:CE:E4:FA:C5:0F:37:53:62:2A:D2:1A:98:9A:E7:74:1C:47
Certificate issuer:       /CN=b90907cee4fac50f3753622ad21a989ae7741c47
Certificate serial:       019653B7B56412EA765C708B7FC84461422C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uQkHzuT6xQ83U2Iq0hqYmud0HEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.mft
Manifest number:          11FF
Signing time:             Sun 20 Apr 2025 15:01:10 +0000
Manifest this update:     Sun 20 Apr 2025 15:01:10 +0000
Manifest next update:     Mon 21 Apr 2025 15:01:10 +0000
Files and hashes:         1: uQkHzuT6xQ83U2Iq0hqYmud0HEc.crl (hash: unkG3aRXbBvPYQ3hcMK7yhccmmhERUxMTi306SjQnVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uQkHzuT6xQ83U2Iq0hqYmud0HEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b7:b5:64:12:ea:76:5c:70:8b:7f:c8:44:61:42:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b90907cee4fac50f3753622ad21a989ae7741c47
        Validity
            Not Before: Apr 20 15:01:10 2025 GMT
            Not After : Apr 21 15:01:10 2025 GMT
        Subject: CN=5dcf071de3f3b15c2d5527932169439f81f4a66d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:19:c1:13:01:3f:c0:19:d3:21:43:0b:a1:ea:
                    fc:30:be:bf:95:10:99:21:11:e8:80:e8:f4:e8:68:
                    71:86:f0:6c:63:55:06:4d:b7:da:98:28:ab:e1:89:
                    d3:fe:68:8d:ac:86:6e:8a:26:fc:e4:8b:1f:fd:74:
                    fd:b7:87:a9:45:cf:5d:d8:87:5e:93:3e:e0:75:8d:
                    3b:cc:3a:83:58:6c:dd:8c:f4:ed:aa:8e:53:0b:df:
                    e8:3e:81:75:2c:71:fd:f4:62:d2:cc:6a:b0:6c:a0:
                    63:64:5a:48:ba:6e:8a:2b:4d:e2:48:68:a1:7f:fb:
                    a1:f6:d5:d5:68:2a:0f:4e:60:6d:24:aa:e2:cc:9d:
                    de:20:ba:6e:42:2b:55:0f:4a:36:12:46:1e:96:82:
                    8a:0f:7d:45:73:a5:33:d4:dc:40:70:cb:67:47:80:
                    87:98:9d:c8:d4:8c:d9:b7:a8:4d:fb:9f:3f:e6:54:
                    5f:9c:4d:fb:4f:dd:64:49:96:56:89:6f:36:e0:91:
                    3f:c7:a5:d1:fa:a9:ba:4b:29:e2:07:79:e5:6a:75:
                    61:32:55:d9:3a:fa:c1:c9:1b:21:05:1e:f8:c9:49:
                    c2:84:ed:32:4d:a5:96:3f:20:2a:6b:e7:ca:72:b9:
                    b0:d2:fb:2c:9a:1e:19:f0:fa:09:02:b6:c1:51:9b:
                    1a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CF:07:1D:E3:F3:B1:5C:2D:55:27:93:21:69:43:9F:81:F4:A6:6D
            X509v3 Authority Key Identifier:
                keyid:B9:09:07:CE:E4:FA:C5:0F:37:53:62:2A:D2:1A:98:9A:E7:74:1C:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQkHzuT6xQ83U2Iq0hqYmud0HEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3c16d2-d290-47fb-911d-5996cae9d115/1/uQkHzuT6xQ83U2Iq0hqYmud0HEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:ae:89:81:01:83:4c:1d:f4:1f:fd:c7:cc:d8:42:03:82:73:
         56:c2:b6:43:51:cb:49:d0:b6:7b:a4:cc:34:e1:4b:e2:70:f6:
         3e:8f:aa:13:62:ba:19:bd:3b:43:07:51:4a:5a:ce:c3:18:78:
         ca:61:18:ec:cc:8b:46:d3:09:d0:35:67:a2:86:27:df:fb:e2:
         37:ed:13:e8:c1:e8:8e:5c:16:63:f5:20:bb:3b:10:03:58:12:
         ba:53:6a:66:b6:78:ae:9b:52:4f:1c:a2:c5:62:4d:ff:36:02:
         ec:d1:dd:ce:c7:8a:53:f2:f4:42:45:15:6a:8d:c6:75:21:66:
         26:4c:ef:66:3d:45:31:2e:13:26:2c:2c:70:e6:d3:df:58:dc:
         40:2f:5f:0c:83:5d:a9:8a:0b:6e:87:5c:39:46:4e:10:a0:21:
         24:99:64:6e:3b:f5:86:f9:3d:04:01:0f:ac:1c:8c:3f:cb:e8:
         26:e4:9a:77:31:f7:c6:4e:c6:11:53:05:f6:08:47:0b:7a:66:
         c5:32:e0:05:c6:61:f2:97:94:db:26:32:f7:a6:28:90:a4:f4:
         f1:ae:1a:9d:94:03:04:40:ac:66:84:74:b9:dc:84:d5:0b:eb:
         83:b9:d0:6f:27:24:6a:81:70:7c:8d:51:0f:d9:9d:7f:aa:4d:
         74:47:ab:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTt7VkEup2XHCLf8hEYUIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDkwN2NlZTRmYWM1MGYzNzUzNjIyYWQyMWE5ODlhZTc3
NDFjNDcwHhcNMjUwNDIwMTUwMTEwWhcNMjUwNDIxMTUwMTEwWjAzMTEwLwYDVQQD
Eyg1ZGNmMDcxZGUzZjNiMTVjMmQ1NTI3OTMyMTY5NDM5ZjgxZjRhNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxnBEwE/wBnTIUMLoer8ML6/lRCZ
IRHogOj06GhxhvBsY1UGTbfamCir4YnT/miNrIZuiib85Isf/XT9t4epRc9d2Ide
kz7gdY07zDqDWGzdjPTtqo5TC9/oPoF1LHH99GLSzGqwbKBjZFpIum6KK03iSGih
f/uh9tXVaCoPTmBtJKrizJ3eILpuQitVD0o2EkYeloKKD31Fc6Uz1NxAcMtnR4CH
mJ3I1IzZt6hN+58/5lRfnE37T91kSZZWiW824JE/x6XR+qm6SyniB3nlanVhMlXZ
OvrByRshBR74yUnChO0yTaWWPyAqa+fKcrmw0vssmh4Z8PoJArbBUZsa2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3PBx3j87FcLVUnkyFpQ5+B9KZtMB8GA1UdIwQY
MBaAFLkJB87k+sUPN1NiKtIamJrndBxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFrSHp1VDZ4UTgzVTJJcTBocVltdWQwSEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zYzE2ZDItZDI5MC00N2ZiLTkxMWQt
NTk5NmNhZTlkMTE1LzEvdVFrSHp1VDZ4UTgzVTJJcTBocVltdWQwSEVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zYzE2ZDItZDI5MC00N2ZiLTkxMWQtNTk5NmNhZTlkMTE1
LzEvdVFrSHp1VDZ4UTgzVTJJcTBocVltdWQwSEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf66JgQGD
TB30H/3HzNhCA4JzVsK2Q1HLSdC2e6TMNOFL4nD2Po+qE2K6Gb07QwdRSlrOwxh4
ymEY7MyLRtMJ0DVnooYn3/viN+0T6MHojlwWY/UguzsQA1gSulNqZrZ4rptSTxyi
xWJN/zYC7NHdzseKU/L0QkUVao3GdSFmJkzvZj1FMS4TJiwscObT31jcQC9fDINd
qYoLbodcOUZOEKAhJJlkbjv1hvk9BAEPrByMP8voJuSadzH3xk7GEVMF9ghHC3pm
xTLgBcZh8peU2yYy96YokKT08a4anZQDBECsZoR0udyE1Qvrg7nQbyckaoFwfI1R
D9mdf6pNdEeroA==
-----END CERTIFICATE-----