Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
File:                     u-Sqx31jiC90NiBwTCTb7bGIDXo.mft (raw, json)
Hash identifier:          4Ov0x4gX6xlz1HxH4PFmttlwOReK+8cFENjQJ9iAMks=
Subject key identifier:   FF:74:0D:CF:5B:58:BD:30:DB:85:A2:35:41:AB:38:BD:EF:92:40:56
Authority key identifier: BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A
Certificate issuer:       /CN=bbe4aac77d63882f743620704c24dbedb1880d7a
Certificate serial:       019643D71155AC6ED3D65AF2CB607B2992A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
Manifest number:          044F
Signing time:             Thu 17 Apr 2025 13:01:30 +0000
Manifest this update:     Thu 17 Apr 2025 13:01:30 +0000
Manifest next update:     Fri 18 Apr 2025 13:01:30 +0000
Files and hashes:         1: u-Sqx31jiC90NiBwTCTb7bGIDXo.crl (hash: B6k85FukfX36WyK8X5pXRRUHpQYM9ts0HG8JJYyjhTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d7:11:55:ac:6e:d3:d6:5a:f2:cb:60:7b:29:92:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe4aac77d63882f743620704c24dbedb1880d7a
        Validity
            Not Before: Apr 17 13:01:30 2025 GMT
            Not After : Apr 18 13:01:30 2025 GMT
        Subject: CN=ff740dcf5b58bd30db85a23541ab38bdef924056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fc:fb:2e:94:60:0d:d0:33:23:ae:62:b2:a6:
                    0f:aa:f1:0c:dc:4a:6a:f0:0e:3d:61:ed:75:ab:18:
                    47:16:f5:d8:4f:c8:46:a2:13:24:85:fe:10:06:09:
                    fd:cf:b0:c6:be:8d:1b:2c:28:5c:b2:53:46:43:51:
                    86:18:b6:33:ca:a5:dc:f0:13:ac:e4:43:4a:9f:44:
                    36:5e:95:1d:5c:0b:6e:da:94:12:1c:86:95:e6:1f:
                    b5:ec:00:7d:f0:98:e1:48:e1:ce:c6:f6:7b:9f:27:
                    ab:86:84:f0:d9:34:81:b6:d8:db:1f:f9:fc:c1:40:
                    22:98:ff:09:37:40:f4:e6:3e:19:7d:b0:15:94:2f:
                    ea:10:bc:1d:ca:f7:55:26:c2:33:cc:d9:6d:eb:94:
                    0a:1c:49:00:6f:02:8e:e4:87:1d:b2:29:20:5a:42:
                    4c:c0:aa:ec:c9:8b:0f:7d:36:61:d7:6e:eb:43:ac:
                    52:30:b4:56:40:1d:af:b6:1e:9c:e4:f4:1f:ba:b7:
                    10:e4:26:04:66:68:c1:d7:db:c3:c7:2f:fd:32:05:
                    b0:52:ec:8f:07:d5:cc:54:35:d8:3d:f9:38:ba:90:
                    22:3c:0a:cd:7d:c1:0c:1d:06:97:9f:e1:be:f3:fa:
                    91:ea:1e:e6:0e:53:ef:9f:9c:19:55:89:e9:78:6a:
                    be:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:74:0D:CF:5B:58:BD:30:DB:85:A2:35:41:AB:38:BD:EF:92:40:56
            X509v3 Authority Key Identifier:
                keyid:BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:fc:02:cf:15:c0:a4:b5:a8:1e:ad:08:19:39:90:bf:db:8b:
         fb:50:8b:bf:68:dd:73:c5:ed:d5:6e:c6:5e:be:46:73:69:31:
         55:f9:3a:ad:cd:60:1d:6a:74:8d:c0:e6:de:d2:0d:73:03:73:
         de:24:b4:3e:46:75:72:fc:6a:e3:32:e4:f8:33:69:a1:ef:c0:
         7f:14:80:e1:83:cd:0b:e4:12:77:91:20:2e:a9:18:d8:db:b2:
         30:ac:e9:ab:06:21:82:98:05:36:cc:95:5f:06:0e:3a:c9:99:
         62:0c:4e:ae:30:dc:22:a6:51:2d:b9:c9:63:4f:42:c4:9b:66:
         d9:7d:ff:67:27:a1:40:a2:ff:0c:00:c8:24:61:a7:8f:9c:fb:
         a9:18:75:6d:ec:83:19:37:a2:1e:33:d3:21:54:ee:e3:97:fe:
         e0:71:5a:20:e1:d2:df:cb:42:d0:1d:ec:1b:00:08:30:de:b4:
         63:ef:7b:f4:67:3b:01:ed:c5:9f:e3:c1:72:23:91:14:a8:fe:
         17:1e:99:3a:b5:4f:88:28:9b:78:b7:5d:64:b4:14:fd:85:b6:
         f9:88:d3:a5:97:79:f1:cb:15:0f:0d:0f:dc:91:8e:2f:60:df:
         c1:93:3c:20:6b:d3:2d:8b:77:02:9c:af:e3:59:41:55:18:4a:
         22:fb:84:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1xFVrG7T1lryy2B7KZKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTRhYWM3N2Q2Mzg4MmY3NDM2MjA3MDRjMjRkYmVkYjE4
ODBkN2EwHhcNMjUwNDE3MTMwMTMwWhcNMjUwNDE4MTMwMTMwWjAzMTEwLwYDVQQD
EyhmZjc0MGRjZjViNThiZDMwZGI4NWEyMzU0MWFiMzhiZGVmOTI0MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Pz7LpRgDdAzI65isqYPqvEM3Epq
8A49Ye11qxhHFvXYT8hGohMkhf4QBgn9z7DGvo0bLChcslNGQ1GGGLYzyqXc8BOs
5ENKn0Q2XpUdXAtu2pQSHIaV5h+17AB98JjhSOHOxvZ7nyerhoTw2TSBttjbH/n8
wUAimP8JN0D05j4ZfbAVlC/qELwdyvdVJsIzzNlt65QKHEkAbwKO5IcdsikgWkJM
wKrsyYsPfTZh127rQ6xSMLRWQB2vth6c5PQfurcQ5CYEZmjB19vDxy/9MgWwUuyP
B9XMVDXYPfk4upAiPArNfcEMHQaXn+G+8/qR6h7mDlPvn5wZVYnpeGq+RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP90Dc9bWL0w24WiNUGrOL3vkkBWMB8GA1UdIwQY
MBaAFLvkqsd9Y4gvdDYgcEwk2+2xiA16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUt
MWJhMjFiMGUyOTEzLzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUtMWJhMjFiMGUyOTEz
LzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq/wCzxXA
pLWoHq0IGTmQv9uL+1CLv2jdc8Xt1W7GXr5Gc2kxVfk6rc1gHWp0jcDm3tINcwNz
3iS0PkZ1cvxq4zLk+DNpoe/AfxSA4YPNC+QSd5EgLqkY2NuyMKzpqwYhgpgFNsyV
XwYOOsmZYgxOrjDcIqZRLbnJY09CxJtm2X3/ZyehQKL/DADIJGGnj5z7qRh1beyD
GTeiHjPTIVTu45f+4HFaIOHS38tC0B3sGwAIMN60Y+979Gc7Ae3Fn+PBciORFKj+
Fx6ZOrVPiCibeLddZLQU/YW2+YjTpZd58csVDw0P3JGOL2DfwZM8IGvTLYt3Apyv
41lBVRhKIvuE0A==
-----END CERTIFICATE-----