Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
File:                     mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft (raw, json)
Hash identifier:          Y1N/JVMzo8ve4wRg9GZgiIqRZXlXhVGap6XytPoKhYQ=
Subject key identifier:   E4:1A:5F:79:D6:86:60:F2:03:C3:AF:8D:84:43:FF:42:1D:A3:C3:2A
Authority key identifier: 99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4
Certificate issuer:       /CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
Certificate serial:       01964D7EF4140FD8FB64766198FB288304D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
Manifest number:          0825
Signing time:             Sat 19 Apr 2025 10:01:27 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:27 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:27 +0000
Files and hashes:         1: mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl (hash: RLamB7/K08ntSHNmZqmsR6taZLDd8UFGvm2F7ac8ZLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:f4:14:0f:d8:fb:64:76:61:98:fb:28:83:04:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
        Validity
            Not Before: Apr 19 10:01:27 2025 GMT
            Not After : Apr 20 10:01:27 2025 GMT
        Subject: CN=e41a5f79d68660f203c3af8d8443ff421da3c32a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7c:6c:ca:97:65:b7:28:3d:e7:dc:68:f7:e6:
                    88:fe:11:67:75:e3:92:b8:b7:1f:e9:c7:43:21:2c:
                    68:11:0a:e9:24:b5:be:bb:d9:00:2d:6a:a9:70:93:
                    82:bd:32:b1:46:62:92:02:2c:29:28:d6:31:58:78:
                    6b:cf:ec:69:1f:83:5a:88:a2:7d:b9:ae:7f:cb:78:
                    e1:cb:cf:50:e2:5b:9c:b7:5d:62:8e:24:bc:03:c6:
                    47:a9:fd:e4:c6:7f:f0:a7:f7:07:6e:d6:d9:e9:a4:
                    d6:a6:4d:ea:67:41:ed:ef:c3:b8:00:17:6d:28:dd:
                    04:db:b6:6c:f6:19:e0:56:6b:a9:db:5d:5d:ce:39:
                    e1:3e:7f:bd:eb:ae:98:43:34:56:12:15:42:d9:de:
                    f7:f0:d0:1e:02:6f:a4:67:1e:35:01:b6:41:87:eb:
                    dc:72:c2:9c:a0:96:ad:bc:45:ef:0a:84:10:74:3d:
                    a8:0a:e3:df:b7:47:ee:aa:aa:65:e9:5c:7b:88:00:
                    78:de:bc:96:5f:08:42:ee:4c:6a:1d:08:25:59:44:
                    6f:8d:dc:f6:b4:a8:de:75:c2:b0:9d:d9:4f:e0:eb:
                    bb:86:f7:41:3d:0d:e4:17:61:48:b8:2a:ef:b3:1d:
                    a3:11:7c:ce:37:75:d7:3a:fe:4c:2a:e6:f1:4f:c7:
                    eb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:1A:5F:79:D6:86:60:F2:03:C3:AF:8D:84:43:FF:42:1D:A3:C3:2A
            X509v3 Authority Key Identifier:
                keyid:99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:02:c4:9b:0d:c7:b1:19:fd:5b:c5:39:8a:61:d3:86:54:51:
         89:68:bf:ba:bb:d2:52:ce:8c:6d:b2:14:f0:fd:8a:80:9b:ed:
         c7:44:4c:fb:24:5b:5e:49:31:4c:48:5e:f2:b6:ba:6c:bc:e4:
         a6:62:f0:35:f7:05:9d:88:af:5f:d7:4f:fa:be:1e:bb:1d:a7:
         c3:15:54:f6:8b:b1:74:32:b0:c4:de:b7:84:02:8d:b6:8f:41:
         3b:33:0f:53:c1:66:0b:57:6c:b4:4f:55:53:8c:04:e2:a2:38:
         1a:67:6c:d8:06:79:13:33:97:ff:a3:3e:38:9e:02:ad:07:17:
         c4:5b:2c:65:17:25:fa:89:80:c4:2c:4f:fe:8f:ee:97:23:c7:
         4e:b5:6d:a0:77:90:f5:5b:d2:cf:a2:50:e7:f5:d0:27:60:1d:
         f3:36:47:8d:cf:79:b8:98:8a:8b:e7:6a:50:b1:5a:71:9c:a5:
         67:17:bb:83:0b:27:89:38:61:75:8b:9f:e5:57:4c:52:fb:0f:
         75:5d:39:80:15:4b:c6:51:f3:95:4a:83:8b:29:a9:de:36:12:
         e1:80:cf:04:e8:e7:b5:45:8e:10:0a:b2:c2:52:98:86:51:91:
         b4:55:1d:4c:e4:7f:a4:c8:85:f3:19:66:54:f3:00:da:cc:a6:
         28:09:42:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfvQUD9j7ZHZhmPsogwTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YzEzY2I1OGQyZmQzMWUxMmM1ZTE0NmNjNmI0ZjJjNzQ3
ODE2ZjQwHhcNMjUwNDE5MTAwMTI3WhcNMjUwNDIwMTAwMTI3WjAzMTEwLwYDVQQD
EyhlNDFhNWY3OWQ2ODY2MGYyMDNjM2FmOGQ4NDQzZmY0MjFkYTNjMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXxsypdltyg959xo9+aI/hFndeOS
uLcf6cdDISxoEQrpJLW+u9kALWqpcJOCvTKxRmKSAiwpKNYxWHhrz+xpH4NaiKJ9
ua5/y3jhy89Q4luct11ijiS8A8ZHqf3kxn/wp/cHbtbZ6aTWpk3qZ0Ht78O4ABdt
KN0E27Zs9hngVmup211dzjnhPn+9666YQzRWEhVC2d738NAeAm+kZx41AbZBh+vc
csKcoJatvEXvCoQQdD2oCuPft0fuqqpl6Vx7iAB43ryWXwhC7kxqHQglWURvjdz2
tKjedcKwndlP4Ou7hvdBPQ3kF2FIuCrvsx2jEXzON3XXOv5MKubxT8frTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQaX3nWhmDyA8OvjYRD/0Ido8MqMB8GA1UdIwQY
MBaAFJnBPLWNL9MeEsXhRsxrTyx0eBb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEt
NTY3ZGM5YTc5ZmRkLzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEtNTY3ZGM5YTc5ZmRk
LzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwLEmw3H
sRn9W8U5imHThlRRiWi/urvSUs6MbbIU8P2KgJvtx0RM+yRbXkkxTEhe8ra6bLzk
pmLwNfcFnYivX9dP+r4eux2nwxVU9ouxdDKwxN63hAKNto9BOzMPU8FmC1dstE9V
U4wE4qI4Gmds2AZ5EzOX/6M+OJ4CrQcXxFssZRcl+omAxCxP/o/ulyPHTrVtoHeQ
9VvSz6JQ5/XQJ2Ad8zZHjc95uJiKi+dqULFacZylZxe7gwsniThhdYuf5VdMUvsP
dV05gBVLxlHzlUqDiymp3jYS4YDPBOjntUWOEAqywlKYhlGRtFUdTOR/pMiF8xlm
VPMA2symKAlCCg==
-----END CERTIFICATE-----