Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
File:                     4EHIW0dOi2wAiR2VQST_DIEgDYw.mft (raw, json)
Hash identifier:          N+yMkNHMg1szgTmsZcvBVk66Vge4kd78SDOkDsFRZvE=
Subject key identifier:   C3:59:14:1C:B6:C7:68:84:E8:FD:F4:33:67:FF:27:19:0B:86:11:C5
Authority key identifier: E0:41:C8:5B:47:4E:8B:6C:00:89:1D:95:41:24:FF:0C:81:20:0D:8C
Certificate issuer:       /CN=e041c85b474e8b6c00891d954124ff0c81200d8c
Certificate serial:       019761396D0455D2D1059573B3CC76E7165C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
Manifest number:          08E2
Signing time:             Wed 11 Jun 2025 23:00:42 +0000
Manifest this update:     Wed 11 Jun 2025 23:00:42 +0000
Manifest next update:     Thu 12 Jun 2025 23:00:42 +0000
Files and hashes:         1: 4EHIW0dOi2wAiR2VQST_DIEgDYw.crl (hash: U0ETXq7MeB4bwgXcnxf5MGXPJYxE+sYU39Y0qI8TD1E=)
                          2: N3RhFZbfRfFlakkE1oKkv4idahs.roa (hash: S19WQvJ0cwuBe3l5agvGw5hBi9jlwv6QitA6NIAiWl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:39:6d:04:55:d2:d1:05:95:73:b3:cc:76:e7:16:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e041c85b474e8b6c00891d954124ff0c81200d8c
        Validity
            Not Before: Jun 11 23:00:42 2025 GMT
            Not After : Jun 12 23:00:42 2025 GMT
        Subject: CN=c359141cb6c76884e8fdf43367ff27190b8611c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0b:8e:31:05:d6:3e:ed:52:25:76:17:49:d3:
                    27:f7:14:dc:19:4e:fb:ac:62:00:ca:1e:c8:f6:49:
                    e9:b1:27:fd:e1:d0:91:98:30:8e:81:d7:16:f7:d8:
                    6a:f9:08:da:ba:75:b8:f4:1d:44:d5:f3:6e:1d:1b:
                    ee:da:92:ef:af:b4:74:1c:45:03:29:c6:12:65:13:
                    46:36:8e:20:45:5f:4f:54:2d:12:de:d0:bc:c7:5d:
                    55:04:93:19:14:b1:a7:61:c6:e1:8e:28:d8:8f:90:
                    66:3f:d6:7c:01:0f:54:2b:10:93:cc:06:5e:7b:c4:
                    b5:a4:f3:1a:a0:00:a0:d2:d7:e4:1e:e7:6c:c6:d3:
                    e1:5b:b6:66:bc:40:26:c2:e1:5e:38:6c:fe:44:ce:
                    b7:81:6a:02:0a:9e:39:dc:a8:56:b7:9e:38:e8:67:
                    ee:e2:f4:dc:2d:fc:20:aa:99:39:3a:9b:1b:4d:e9:
                    b2:6c:95:cf:d2:89:5b:bd:f9:e0:02:08:ce:b6:87:
                    13:18:de:0d:9d:77:d8:95:29:a3:71:50:9e:87:63:
                    ff:20:2d:a7:68:a1:5c:58:bc:21:75:f3:14:0d:17:
                    d1:00:7d:d6:29:e7:2a:bf:fd:b2:de:9b:0a:f5:4d:
                    d7:9a:2b:68:c1:39:05:f3:3a:89:ad:c6:56:e8:5d:
                    c4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:59:14:1C:B6:C7:68:84:E8:FD:F4:33:67:FF:27:19:0B:86:11:C5
            X509v3 Authority Key Identifier:
                keyid:E0:41:C8:5B:47:4E:8B:6C:00:89:1D:95:41:24:FF:0C:81:20:0D:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:f8:d2:cb:81:23:3a:a7:4d:89:19:f3:21:e8:3e:7e:00:de:
         6c:c9:c5:7c:14:14:ed:1b:67:4e:7a:54:10:ee:5d:fa:65:4e:
         45:a6:8a:37:28:a7:6f:3f:f7:76:00:bd:9a:f5:ec:44:b1:9c:
         a0:12:51:55:a0:c5:b3:41:2d:e4:13:ed:0e:16:ac:07:6c:58:
         db:dc:c6:c4:e3:b9:be:a2:08:80:4d:09:2d:5b:fc:ec:63:be:
         ae:16:ad:95:4b:70:7b:87:2d:9c:e8:af:44:ac:9a:a8:47:69:
         63:db:1d:e3:7d:e8:8a:48:cc:6a:ef:5b:1e:9e:ee:91:c3:16:
         bf:21:8c:45:de:3a:48:4f:91:14:b1:b0:2e:ba:da:fa:4b:0f:
         20:9c:68:ac:1a:06:95:84:f0:75:23:fb:c9:7a:2d:b5:3f:4d:
         4d:94:11:93:3e:a6:48:7a:00:e1:87:da:87:4d:b8:c0:74:fd:
         e7:95:4b:8c:b7:cd:e8:50:61:a1:b1:9e:ca:30:df:0a:21:0b:
         b4:82:13:f5:eb:47:45:2c:c7:00:c5:dc:1c:ee:b0:6e:38:b1:
         76:54:cd:ec:5e:f7:8d:c7:a8:82:2e:d2:84:94:44:e6:da:52:
         c0:a2:05:cb:f5:be:fa:f8:ac:3b:3b:09:c6:49:25:6b:26:b0:
         01:f2:04:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhOW0EVdLRBZVzs8x25xZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNDFjODViNDc0ZThiNmMwMDg5MWQ5NTQxMjRmZjBjODEy
MDBkOGMwHhcNMjUwNjExMjMwMDQyWhcNMjUwNjEyMjMwMDQyWjAzMTEwLwYDVQQD
EyhjMzU5MTQxY2I2Yzc2ODg0ZThmZGY0MzM2N2ZmMjcxOTBiODYxMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQuOMQXWPu1SJXYXSdMn9xTcGU77
rGIAyh7I9knpsSf94dCRmDCOgdcW99hq+QjaunW49B1E1fNuHRvu2pLvr7R0HEUD
KcYSZRNGNo4gRV9PVC0S3tC8x11VBJMZFLGnYcbhjijYj5BmP9Z8AQ9UKxCTzAZe
e8S1pPMaoACg0tfkHudsxtPhW7ZmvEAmwuFeOGz+RM63gWoCCp453KhWt5446Gfu
4vTcLfwgqpk5OpsbTemybJXP0olbvfngAgjOtocTGN4NnXfYlSmjcVCeh2P/IC2n
aKFcWLwhdfMUDRfRAH3WKecqv/2y3psK9U3XmitowTkF8zqJrcZW6F3ECQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNZFBy2x2iE6P30M2f/JxkLhhHFMB8GA1UdIwQY
MBaAFOBByFtHTotsAIkdlUEk/wyBIA2MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81NDllNGQtOGRlZS00NTliLTkyODMt
NDZiYjNmYTI4YjAwLzEvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC81NDllNGQtOGRlZS00NTliLTkyODMtNDZiYjNmYTI4YjAw
LzEvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJvjSy4Ej
OqdNiRnzIeg+fgDebMnFfBQU7RtnTnpUEO5d+mVORaaKNyinbz/3dgC9mvXsRLGc
oBJRVaDFs0Et5BPtDhasB2xY29zGxOO5vqIIgE0JLVv87GO+rhatlUtwe4ctnOiv
RKyaqEdpY9sd433oikjMau9bHp7ukcMWvyGMRd46SE+RFLGwLrra+ksPIJxorBoG
lYTwdSP7yXottT9NTZQRkz6mSHoA4Yfah024wHT955VLjLfN6FBhobGeyjDfCiEL
tIIT9etHRSzHAMXcHO6wbjixdlTN7F73jceogi7ShJRE5tpSwKIFy/W++visOzsJ
xkklayawAfIE7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 06:59:54 2025 by rpki-client