Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.mft
File:                     s5hg55nVMGYfFSE1RiKOmSmlPJw.mft (raw, json)
Hash identifier:          R8sSiJzq/0ElvzB/wW6cyyWOtHFoGYw5gCuZxn1NdMs=
Subject key identifier:   16:BB:08:B6:59:93:7B:39:70:79:AB:E2:3A:E2:E2:CB:12:C7:F4:73
Authority key identifier: B3:98:60:E7:99:D5:30:66:1F:15:21:35:46:22:8E:99:29:A5:3C:9C
Certificate issuer:       /CN=b39860e799d530661f15213546228e9929a53c9c
Certificate serial:       019650ED121D67C2E9EE7B6810FFBEDB9363
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s5hg55nVMGYfFSE1RiKOmSmlPJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.mft
Manifest number:          0302
Signing time:             Sun 20 Apr 2025 02:00:36 +0000
Manifest this update:     Sun 20 Apr 2025 02:00:36 +0000
Manifest next update:     Mon 21 Apr 2025 02:00:36 +0000
Files and hashes:         1: s5hg55nVMGYfFSE1RiKOmSmlPJw.crl (hash: mQ0+7ukecMIyGXc4eKBT2pivO/okkPDSilLHyhwURAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s5hg55nVMGYfFSE1RiKOmSmlPJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 02:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:ed:12:1d:67:c2:e9:ee:7b:68:10:ff:be:db:93:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b39860e799d530661f15213546228e9929a53c9c
        Validity
            Not Before: Apr 20 02:00:36 2025 GMT
            Not After : Apr 21 02:00:36 2025 GMT
        Subject: CN=16bb08b659937b397079abe23ae2e2cb12c7f473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:29:e2:d8:95:8c:23:6c:c8:60:d7:61:be:55:
                    06:e9:86:44:6e:9c:df:0d:b6:f4:9e:ba:6d:dc:72:
                    2c:10:60:97:b4:14:a2:e3:4c:3c:c8:68:f5:20:3f:
                    51:4d:3d:3a:fe:16:0a:90:13:d8:72:38:f5:b7:0a:
                    01:3e:1b:85:57:a5:fe:42:bd:8e:79:7d:50:2b:de:
                    4a:bc:4a:ed:02:88:05:f5:82:20:b1:f5:70:65:e5:
                    a8:58:a8:fa:cb:ee:8b:6e:30:05:2f:a3:63:41:b7:
                    44:d9:4f:28:9b:33:7d:f1:70:b1:87:cc:fe:2a:11:
                    54:dc:78:a9:2d:61:23:74:2e:e8:69:79:47:7f:42:
                    0d:c7:55:89:c3:c0:cf:13:b0:1a:65:42:86:aa:71:
                    3c:ac:2c:85:41:32:ae:c4:3a:cc:e1:bd:e0:63:aa:
                    57:32:c0:49:13:d2:36:68:7e:ea:e7:b9:dc:9f:ac:
                    48:17:b0:db:75:c2:a1:32:cb:e0:36:24:59:ad:bc:
                    9a:74:54:1f:bf:17:28:f9:e3:a0:4e:48:ba:f1:17:
                    04:c8:07:03:cf:97:79:30:56:72:4e:dc:93:24:89:
                    ef:d9:16:a0:f1:c2:44:54:a0:78:88:1f:93:4c:69:
                    2d:4f:e9:08:57:3d:f1:d5:77:2e:de:97:c9:f8:fb:
                    76:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:BB:08:B6:59:93:7B:39:70:79:AB:E2:3A:E2:E2:CB:12:C7:F4:73
            X509v3 Authority Key Identifier:
                keyid:B3:98:60:E7:99:D5:30:66:1F:15:21:35:46:22:8E:99:29:A5:3C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5hg55nVMGYfFSE1RiKOmSmlPJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4e206e-0c95-4c8e-847d-c13f30fdcadd/1/s5hg55nVMGYfFSE1RiKOmSmlPJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:81:7a:ad:13:29:6a:ca:75:dd:8b:b8:95:2a:ec:aa:9e:50:
         58:e2:fb:e4:67:44:92:12:65:0d:f4:b5:04:74:1f:4a:34:76:
         21:04:ac:1c:66:37:15:13:31:84:e9:8a:5b:ae:3a:b2:c6:0e:
         e4:6a:38:93:b0:d9:80:0f:1f:1e:9b:4b:ad:db:8c:29:25:14:
         bd:81:0b:bf:4b:b3:cc:38:d0:b5:54:76:ac:39:20:0d:d6:0c:
         4c:80:39:e7:2b:ec:24:99:07:84:b7:29:fa:16:10:c5:a7:68:
         bf:94:87:81:a8:88:5e:67:69:a6:19:e4:c0:5d:a4:2e:88:a2:
         23:c6:30:2c:61:da:d2:d3:da:ee:8c:81:48:41:d9:86:7c:98:
         00:66:75:61:b8:a0:20:a6:a7:a3:e6:ff:6f:d3:71:47:39:f3:
         98:c2:a5:a9:0d:fc:90:51:42:de:f0:0c:f0:4a:e0:33:7b:cc:
         ee:7f:fc:0d:dd:25:45:1b:af:e5:d6:94:c6:0f:ce:ce:9e:55:
         a7:c9:24:01:b9:e6:2f:54:99:8f:11:a6:d6:a4:0e:6f:00:0a:
         c7:be:a7:d6:01:b1:97:a5:27:9b:ce:45:f2:0a:37:97:22:27:
         eb:4f:c0:27:e3:26:93:3b:6b:3d:85:be:26:23:e8:19:9b:07:
         10:50:1e:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQ7RIdZ8Lp7ntoEP++25NjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTg2MGU3OTlkNTMwNjYxZjE1MjEzNTQ2MjI4ZTk5Mjlh
NTNjOWMwHhcNMjUwNDIwMDIwMDM2WhcNMjUwNDIxMDIwMDM2WjAzMTEwLwYDVQQD
EygxNmJiMDhiNjU5OTM3YjM5NzA3OWFiZTIzYWUyZTJjYjEyYzdmNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyni2JWMI2zIYNdhvlUG6YZEbpzf
Dbb0nrpt3HIsEGCXtBSi40w8yGj1ID9RTT06/hYKkBPYcjj1twoBPhuFV6X+Qr2O
eX1QK95KvErtAogF9YIgsfVwZeWoWKj6y+6LbjAFL6NjQbdE2U8omzN98XCxh8z+
KhFU3HipLWEjdC7oaXlHf0INx1WJw8DPE7AaZUKGqnE8rCyFQTKuxDrM4b3gY6pX
MsBJE9I2aH7q57ncn6xIF7DbdcKhMsvgNiRZrbyadFQfvxco+eOgTki68RcEyAcD
z5d5MFZyTtyTJInv2Rag8cJEVKB4iB+TTGktT+kIVz3x1Xcu3pfJ+Pt2MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBa7CLZZk3s5cHmr4jri4ssSx/RzMB8GA1UdIwQY
MBaAFLOYYOeZ1TBmHxUhNUYijpkppTycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVoZzU1blZNR1lmRlNFMVJpS09tU21sUEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80ZTIwNmUtMGM5NS00YzhlLTg0N2Qt
YzEzZjMwZmRjYWRkLzEvczVoZzU1blZNR1lmRlNFMVJpS09tU21sUEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80ZTIwNmUtMGM5NS00YzhlLTg0N2QtYzEzZjMwZmRjYWRk
LzEvczVoZzU1blZNR1lmRlNFMVJpS09tU21sUEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYF6rRMp
asp13Yu4lSrsqp5QWOL75GdEkhJlDfS1BHQfSjR2IQSsHGY3FRMxhOmKW646ssYO
5Go4k7DZgA8fHptLrduMKSUUvYELv0uzzDjQtVR2rDkgDdYMTIA55yvsJJkHhLcp
+hYQxadov5SHgaiIXmdpphnkwF2kLoiiI8YwLGHa0tPa7oyBSEHZhnyYAGZ1Ybig
IKano+b/b9NxRznzmMKlqQ38kFFC3vAM8ErgM3vM7n/8Dd0lRRuv5daUxg/Ozp5V
p8kkAbnmL1SZjxGm1qQObwAKx76n1gGxl6Unm85F8go3lyIn60/AJ+MmkztrPYW+
JiPoGZsHEFAeGg==
-----END CERTIFICATE-----