Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
File:                     uFK2pNRayK4a7VTG9ayO1v88Hdc.mft (raw, json)
Hash identifier:          xnlBExp+UqNvUvXjcxtxvssrHWYuUEsqSf7oq7TwIYs=
Subject key identifier:   CA:4E:3F:63:9A:E6:AE:F0:30:0F:B7:A8:6B:6C:03:03:49:B4:25:79
Authority key identifier: B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7
Certificate issuer:       /CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
Certificate serial:       01963FFA6B409557C9BAB13D85E54021EE57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
Manifest number:          0A87
Signing time:             Wed 16 Apr 2025 19:01:38 +0000
Manifest this update:     Wed 16 Apr 2025 19:01:38 +0000
Manifest next update:     Thu 17 Apr 2025 19:01:38 +0000
Files and hashes:         1: uFK2pNRayK4a7VTG9ayO1v88Hdc.crl (hash: npNX1pdO9v8j8uU/KUzUJ72WtmFrKVUkbTOCUuxYeEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 19:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:fa:6b:40:95:57:c9:ba:b1:3d:85:e5:40:21:ee:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
        Validity
            Not Before: Apr 16 19:01:38 2025 GMT
            Not After : Apr 17 19:01:38 2025 GMT
        Subject: CN=ca4e3f639ae6aef0300fb7a86b6c030349b42579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:39:8e:fb:b7:48:c8:58:ae:82:25:d6:d5:ff:
                    62:ec:e6:15:4e:06:a7:fa:62:f1:d2:e5:8c:52:a5:
                    a7:dc:1f:ae:20:9f:ae:ec:14:05:4f:af:68:27:e5:
                    c7:ad:8d:d7:3f:c7:9e:e9:97:0a:80:4f:96:2d:fa:
                    a4:47:70:46:d2:8e:55:2d:b8:1c:d5:69:52:5e:39:
                    78:dc:11:f7:96:e0:60:81:87:c8:95:d9:52:37:ac:
                    d1:8c:01:62:c8:ed:53:2c:b8:1a:0d:07:53:62:36:
                    b3:20:0c:d3:36:cb:4e:73:39:99:45:c1:79:76:28:
                    c6:f6:68:4e:be:5e:e9:ed:8c:3f:0e:11:4a:d8:a2:
                    88:bc:be:07:51:90:a1:35:6f:ea:2d:8e:d8:23:fa:
                    db:92:6e:72:8e:0d:7f:0a:25:3b:d5:37:7a:6e:de:
                    e4:92:93:ec:c1:7d:14:3b:00:c7:f6:6f:df:12:90:
                    04:a6:b0:f0:81:b7:81:c8:11:5d:c9:66:7d:11:41:
                    5c:e1:b3:7a:23:4f:89:1b:d7:33:fa:34:b5:5e:52:
                    f9:b4:54:ae:b4:69:ba:7a:aa:87:a1:01:5a:3d:f6:
                    4f:2e:4e:5b:09:f4:13:fb:40:5a:33:c9:95:1f:39:
                    86:97:5e:11:d1:6b:49:aa:b3:ef:9f:70:22:b3:7c:
                    b8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:4E:3F:63:9A:E6:AE:F0:30:0F:B7:A8:6B:6C:03:03:49:B4:25:79
            X509v3 Authority Key Identifier:
                keyid:B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:92:3b:07:c8:d7:f9:f7:cd:7f:d9:df:e8:61:10:28:46:32:
         cd:28:a4:37:e9:c6:46:34:75:9f:b3:14:52:1f:1d:17:9b:2a:
         3e:2d:e9:50:28:2f:c3:ca:90:99:0e:9b:cf:24:d2:8f:a6:e0:
         a8:84:56:0c:63:16:66:07:e9:dd:85:9c:a5:0e:3c:fb:6b:4c:
         75:a4:0f:c0:f4:3b:ce:94:b8:c7:c0:03:45:e4:79:6f:6b:f3:
         61:05:14:c3:79:f4:70:ea:58:b3:68:fe:d9:1b:79:e9:71:0f:
         89:11:77:8b:af:7e:50:ec:0d:bc:2c:ab:f9:78:0c:d8:d1:96:
         7d:87:d7:89:a5:dd:4f:41:ae:75:b8:3b:e5:ec:c7:30:e7:ba:
         d7:e9:6b:3a:ce:ad:a8:af:e7:e1:70:e3:b1:3b:31:50:98:05:
         75:db:59:fb:e9:39:cc:bc:a0:92:88:b2:ea:fa:0a:93:ad:d9:
         cb:6c:5f:26:ee:4b:a0:55:4e:59:87:4a:f8:3f:b2:71:8f:e6:
         d2:c8:db:05:4f:47:43:c7:e7:f8:69:ba:df:1b:7f:0d:69:8d:
         ae:19:17:9b:b6:17:3f:07:fa:62:f4:85:07:38:ad:7f:8c:dc:
         ca:83:b2:73:99:5b:b2:47:99:db:88:9b:d7:76:2e:5f:70:18:
         00:2c:06:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+mtAlVfJurE9heVAIe5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTJiNmE0ZDQ1YWM4YWUxYWVkNTRjNmY1YWM4ZWQ2ZmYz
YzFkZDcwHhcNMjUwNDE2MTkwMTM4WhcNMjUwNDE3MTkwMTM4WjAzMTEwLwYDVQQD
EyhjYTRlM2Y2MzlhZTZhZWYwMzAwZmI3YTg2YjZjMDMwMzQ5YjQyNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8jmO+7dIyFiugiXW1f9i7OYVTgan
+mLx0uWMUqWn3B+uIJ+u7BQFT69oJ+XHrY3XP8ee6ZcKgE+WLfqkR3BG0o5VLbgc
1WlSXjl43BH3luBggYfIldlSN6zRjAFiyO1TLLgaDQdTYjazIAzTNstOczmZRcF5
dijG9mhOvl7p7Yw/DhFK2KKIvL4HUZChNW/qLY7YI/rbkm5yjg1/CiU71Td6bt7k
kpPswX0UOwDH9m/fEpAEprDwgbeByBFdyWZ9EUFc4bN6I0+JG9cz+jS1XlL5tFSu
tGm6eqqHoQFaPfZPLk5bCfQT+0BaM8mVHzmGl14R0WtJqrPvn3Ais3y4MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpOP2Oa5q7wMA+3qGtsAwNJtCV5MB8GA1UdIwQY
MBaAFLhStqTUWsiuGu1UxvWsjtb/PB3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYt
M2M0NmNkNTgwNzg5LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYtM2M0NmNkNTgwNzg5
LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5I7B8jX
+ffNf9nf6GEQKEYyzSikN+nGRjR1n7MUUh8dF5sqPi3pUCgvw8qQmQ6bzyTSj6bg
qIRWDGMWZgfp3YWcpQ48+2tMdaQPwPQ7zpS4x8ADReR5b2vzYQUUw3n0cOpYs2j+
2Rt56XEPiRF3i69+UOwNvCyr+XgM2NGWfYfXiaXdT0Gudbg75ezHMOe61+lrOs6t
qK/n4XDjsTsxUJgFddtZ++k5zLygkoiy6voKk63Zy2xfJu5LoFVOWYdK+D+ycY/m
0sjbBU9HQ8fn+Gm63xt/DWmNrhkXm7YXPwf6YvSFBzitf4zcyoOyc5lbskeZ24ib
13YuX3AYACwGag==
-----END CERTIFICATE-----