Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          D3hNT/qVXY8x6N22uCA7w6bjIqiGWnYTO0oSAvdgbQs=
Subject key identifier:   F4:22:4F:C2:8C:C5:42:59:0C:76:88:18:6C:4F:DE:E6:C4:2A:24:B0
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       019651FFCF211E7AAC1C7D3D45D890ABDE54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          0EAD
Signing time:             Sun 20 Apr 2025 07:00:41 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:41 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:41 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: ODZOErPDKrE/o0+0B2PBB75zPjnASoCJmeK2pTSRLHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:cf:21:1e:7a:ac:1c:7d:3d:45:d8:90:ab:de:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Apr 20 07:00:41 2025 GMT
            Not After : Apr 21 07:00:41 2025 GMT
        Subject: CN=f4224fc28cc542590c7688186c4fdee6c42a24b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:db:1b:80:3e:be:4a:34:96:e8:5b:ec:cb:2a:
                    31:cd:0c:38:29:f2:a2:82:0c:e7:2e:1d:cd:c2:de:
                    ed:94:b3:61:1b:5e:0b:1d:ee:a5:70:ff:fc:05:55:
                    39:5e:56:65:dc:46:a4:82:24:32:af:d7:b3:3b:ed:
                    c3:20:02:9f:4d:98:2b:43:3a:9c:2d:21:42:55:8b:
                    1d:e0:5c:8a:bd:81:e0:09:d5:37:61:65:59:e8:9c:
                    ef:cb:d4:95:4a:eb:5c:55:4a:04:e6:fc:91:5f:e0:
                    c6:99:e2:38:e4:79:74:d7:c1:17:a7:89:ec:00:a4:
                    98:26:fe:fd:04:98:8b:c7:e6:fe:b7:a2:15:5d:b0:
                    23:1d:40:d2:8c:0b:f4:2c:1c:a9:33:40:aa:ed:db:
                    48:bc:2a:e7:8b:7c:f0:a3:d7:41:71:f6:4b:0c:fa:
                    26:4b:76:7e:98:b3:68:76:cb:81:0f:1d:40:82:5e:
                    96:fb:b6:82:68:fc:e3:a1:52:55:c7:36:7d:4e:98:
                    29:11:c2:81:85:77:ea:aa:19:a1:ca:53:dd:09:1b:
                    c9:8e:31:08:ee:fe:f4:f7:a2:63:9d:b3:27:69:2f:
                    a1:f5:73:b1:24:08:97:d6:5e:e2:68:f7:01:df:1f:
                    35:bf:c3:8e:77:c5:ba:c6:0f:e9:a7:3e:e2:93:c8:
                    1d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:22:4F:C2:8C:C5:42:59:0C:76:88:18:6C:4F:DE:E6:C4:2A:24:B0
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:de:a5:b6:8e:f7:36:c2:97:4f:eb:fc:b8:e5:f4:53:9c:e3:
         41:21:4b:c9:33:51:8c:15:f5:bb:a0:8c:63:7b:a6:e6:b2:51:
         05:5c:39:ad:b3:77:21:9c:77:8c:0b:5d:7d:e3:1c:dd:98:a4:
         49:1d:d0:c2:a3:86:e1:86:a0:83:d1:54:70:6f:75:21:e1:65:
         54:ec:b5:3b:07:f8:4a:d4:db:01:24:b3:52:7d:cf:78:5f:6a:
         7c:74:78:84:b9:a7:67:f6:c3:2b:66:ba:14:2e:7c:da:34:95:
         ce:1e:8a:be:90:c0:0b:40:73:79:36:e0:01:68:8d:22:32:c6:
         0f:d0:95:0f:43:77:8e:13:c1:47:ad:f2:89:65:f6:90:33:88:
         35:23:06:8f:fc:0d:c8:4f:86:ec:0d:e3:46:af:5a:2b:fe:82:
         7b:3b:be:eb:20:2a:0c:1e:cf:80:7f:48:2c:4b:14:9c:6e:af:
         d5:11:4d:4b:cb:23:66:ed:d6:16:a8:01:8c:53:26:57:3f:3c:
         0a:e7:99:05:10:79:fe:36:b2:d2:b6:a6:90:e4:69:28:bd:b6:
         98:3a:f8:95:3b:42:85:4a:68:49:5d:a4:ff:7c:73:75:ef:52:
         08:e7:e5:2f:62:01:da:4e:fc:39:ba:3e:be:95:5f:a6:0b:90:
         6c:19:e5:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/88hHnqsHH09RdiQq95UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjUwNDIwMDcwMDQxWhcNMjUwNDIxMDcwMDQxWjAzMTEwLwYDVQQD
EyhmNDIyNGZjMjhjYzU0MjU5MGM3Njg4MTg2YzRmZGVlNmM0MmEyNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNsbgD6+SjSW6FvsyyoxzQw4KfKi
ggznLh3Nwt7tlLNhG14LHe6lcP/8BVU5XlZl3EakgiQyr9ezO+3DIAKfTZgrQzqc
LSFCVYsd4FyKvYHgCdU3YWVZ6Jzvy9SVSutcVUoE5vyRX+DGmeI45Hl018EXp4ns
AKSYJv79BJiLx+b+t6IVXbAjHUDSjAv0LBypM0Cq7dtIvCrni3zwo9dBcfZLDPom
S3Z+mLNodsuBDx1Agl6W+7aCaPzjoVJVxzZ9TpgpEcKBhXfqqhmhylPdCRvJjjEI
7v7096JjnbMnaS+h9XOxJAiX1l7iaPcB3x81v8OOd8W6xg/ppz7ik8gdOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQiT8KMxUJZDHaIGGxP3ubEKiSwMB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMt6lto73
NsKXT+v8uOX0U5zjQSFLyTNRjBX1u6CMY3um5rJRBVw5rbN3IZx3jAtdfeMc3Zik
SR3QwqOG4Yagg9FUcG91IeFlVOy1Owf4StTbASSzUn3PeF9qfHR4hLmnZ/bDK2a6
FC582jSVzh6KvpDAC0BzeTbgAWiNIjLGD9CVD0N3jhPBR63yiWX2kDOINSMGj/wN
yE+G7A3jRq9aK/6Cezu+6yAqDB7PgH9ILEsUnG6v1RFNS8sjZu3WFqgBjFMmVz88
CueZBRB5/jay0ramkORpKL22mDr4lTtChUpoSV2k/3xzde9SCOflL2IB2k78Obo+
vpVfpguQbBnlMA==
-----END CERTIFICATE-----