Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
File:                     5J1E2IEnX8osC2s_fs7i0iIUb9I.mft (raw, json)
Hash identifier:          rcVKmix5OrsouVzqAQlKpiWPP/S78Fp7Te8xNBMXfaQ=
Subject key identifier:   2A:D5:C4:29:2C:7C:C5:A5:0F:72:33:BA:C7:B9:BF:81:2B:D3:12:D7
Authority key identifier: E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2
Certificate issuer:       /CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
Certificate serial:       01974B1FB13D2A7957A09BC77D152DFF8FD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
Manifest number:          12A5
Signing time:             Sat 07 Jun 2025 16:00:57 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:57 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:57 +0000
Files and hashes:         1: 5J1E2IEnX8osC2s_fs7i0iIUb9I.crl (hash: dP4Kv4N/Il+n87kOCoh/pKGVaZMaUSZibeoLVI/xUjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 16:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:b1:3d:2a:79:57:a0:9b:c7:7d:15:2d:ff:8f:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
        Validity
            Not Before: Jun  7 16:00:57 2025 GMT
            Not After : Jun  8 16:00:57 2025 GMT
        Subject: CN=2ad5c4292c7cc5a50f7233bac7b9bf812bd312d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:8f:23:89:da:f5:bf:d0:3a:96:76:a8:eb:1e:
                    1c:6e:3e:59:76:12:d3:68:e7:c2:82:05:be:b8:cf:
                    54:65:99:c9:a0:91:34:5c:40:0d:1d:5f:fa:11:8d:
                    57:5d:e0:2d:65:be:40:84:74:7e:a5:9c:9f:8d:29:
                    7f:c4:4a:87:5b:0f:e0:00:0b:f5:34:fb:84:3d:20:
                    5e:66:e8:a2:bb:f2:5f:6b:f8:e7:42:c6:09:68:06:
                    02:51:ad:f8:ba:05:a6:e5:28:f3:da:d0:ed:54:10:
                    63:c6:72:37:d7:62:89:3b:50:81:9d:54:95:6f:04:
                    38:cd:18:0f:7a:fc:64:11:41:12:cc:01:98:02:66:
                    15:0a:af:27:0d:e8:8e:60:17:9b:54:c9:45:f8:d1:
                    fe:88:d6:9b:6f:19:47:ba:7c:e9:37:f1:dc:0d:cc:
                    ea:a6:dc:00:9e:44:6f:44:fb:91:4e:30:87:e3:cd:
                    10:e3:f4:29:11:77:67:db:c8:df:f0:e9:2a:aa:c1:
                    96:a5:63:30:55:ce:69:5f:7c:54:17:e4:ff:2a:b3:
                    36:14:f5:6e:22:1e:89:59:0f:2b:36:59:30:ca:fd:
                    a2:b7:a7:f5:ed:d8:6a:b5:d0:c1:15:94:5f:55:6d:
                    83:7e:d3:8d:8f:0e:22:4e:fe:c0:e3:a7:3e:40:a0:
                    fd:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D5:C4:29:2C:7C:C5:A5:0F:72:33:BA:C7:B9:BF:81:2B:D3:12:D7
            X509v3 Authority Key Identifier:
                keyid:E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:6c:3b:ee:bc:c4:be:43:65:bf:f4:fb:bd:01:27:e4:c7:c6:
         9a:0c:b9:85:d6:27:db:1f:64:07:2f:0e:0a:d8:20:e6:3d:6d:
         0b:e2:fb:0b:ce:4a:3f:21:64:1c:d2:b8:1b:76:db:35:d3:f9:
         7b:aa:bb:d9:2d:72:b3:b7:3e:8c:c2:4b:c1:d7:f9:09:54:e0:
         9c:3f:9d:24:12:ff:63:3d:fc:77:51:e3:74:64:ea:37:a8:e2:
         82:9c:28:e7:dc:9e:c3:fd:e7:c1:14:6c:d6:11:db:e6:0b:5d:
         25:7a:a0:aa:c0:4c:46:33:b5:46:df:66:77:08:34:49:21:bd:
         cb:3d:41:83:bf:98:30:90:ea:a2:b9:e9:f7:8c:b3:ee:b5:4c:
         9d:f2:37:0e:24:06:08:2d:a8:f0:8b:cd:f0:3b:66:4b:11:02:
         1c:4a:f0:62:6c:37:90:98:8c:26:24:c4:53:f5:28:bb:d9:78:
         1a:6e:30:ee:b5:00:73:a3:e5:b3:51:09:ab:36:30:34:50:8e:
         55:59:c1:23:cf:a2:dc:c9:75:59:84:52:1d:2c:6e:3f:8d:e3:
         e2:34:5b:8d:83:4d:14:44:1a:f8:96:1f:4d:c6:fd:06:79:7a:
         11:e1:21:ec:50:8d:69:1b:de:d5:da:14:74:80:5e:cd:f7:e6:
         cb:7a:c9:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLH7E9KnlXoJvHfRUt/4/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWQ0NGQ4ODEyNzVmY2EyYzBiNmIzZjdlY2VlMmQyMjIx
NDZmZDIwHhcNMjUwNjA3MTYwMDU3WhcNMjUwNjA4MTYwMDU3WjAzMTEwLwYDVQQD
EygyYWQ1YzQyOTJjN2NjNWE1MGY3MjMzYmFjN2I5YmY4MTJiZDMxMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I8jidr1v9A6lnao6x4cbj5ZdhLT
aOfCggW+uM9UZZnJoJE0XEANHV/6EY1XXeAtZb5AhHR+pZyfjSl/xEqHWw/gAAv1
NPuEPSBeZuiiu/Jfa/jnQsYJaAYCUa34ugWm5Sjz2tDtVBBjxnI312KJO1CBnVSV
bwQ4zRgPevxkEUESzAGYAmYVCq8nDeiOYBebVMlF+NH+iNabbxlHunzpN/HcDczq
ptwAnkRvRPuRTjCH480Q4/QpEXdn28jf8OkqqsGWpWMwVc5pX3xUF+T/KrM2FPVu
Ih6JWQ8rNlkwyv2it6f17dhqtdDBFZRfVW2DftONjw4iTv7A46c+QKD9cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrVxCksfMWlD3Izuse5v4Er0xLXMB8GA1UdIwQY
MBaAFOSdRNiBJ1/KLAtrP37O4tIiFG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzkt
YzMyZDEwYzdlYTFmLzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzktYzMyZDEwYzdlYTFm
LzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWw77rzE
vkNlv/T7vQEn5MfGmgy5hdYn2x9kBy8OCtgg5j1tC+L7C85KPyFkHNK4G3bbNdP5
e6q72S1ys7c+jMJLwdf5CVTgnD+dJBL/Yz38d1HjdGTqN6jigpwo59yew/3nwRRs
1hHb5gtdJXqgqsBMRjO1Rt9mdwg0SSG9yz1Bg7+YMJDqornp94yz7rVMnfI3DiQG
CC2o8IvN8DtmSxECHErwYmw3kJiMJiTEU/Uou9l4Gm4w7rUAc6Pls1EJqzYwNFCO
VVnBI8+i3Ml1WYRSHSxuP43j4jRbjYNNFEQa+JYfTcb9Bnl6EeEh7FCNaRve1doU
dIBezffmy3rJ/w==
-----END CERTIFICATE-----