Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          Bj9rASvXPA6xHGuJ0wtrMokOyqG8QHjoEhNQJ7UBr5E=
Subject key identifier:   A4:00:50:A0:A1:7C:29:97:81:AC:AE:2F:CD:78:B8:85:C6:82:1C:B6
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       01974D7BF0DCADF7CC7A56F830AC789111AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          023D
Signing time:             Sun 08 Jun 2025 03:00:57 +0000
Manifest this update:     Sun 08 Jun 2025 03:00:57 +0000
Manifest next update:     Mon 09 Jun 2025 03:00:57 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: tfjzgsfmxxOpn9aIJsRHYPd7cHAteCbyB/Tdgbfjwv0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:7b:f0:dc:ad:f7:cc:7a:56:f8:30:ac:78:91:11:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Jun  8 03:00:57 2025 GMT
            Not After : Jun  9 03:00:57 2025 GMT
        Subject: CN=a40050a0a17c299781acae2fcd78b885c6821cb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c7:ed:d4:3e:5d:58:dd:b0:d7:c9:6f:7c:47:
                    0d:92:ea:81:4c:2e:31:4c:f6:23:6a:9a:20:0e:c4:
                    40:7c:b3:b5:a1:88:8a:4a:04:cc:60:cf:cb:fa:e4:
                    9c:1e:e6:a8:b1:9e:ab:97:f4:a5:f9:eb:bf:5f:0c:
                    84:e9:aa:56:5f:58:c5:da:e2:6b:e6:a5:c5:2f:67:
                    94:8b:3e:25:df:b4:f0:9d:08:b0:36:81:c1:35:44:
                    db:4f:d1:8a:1b:08:cb:87:2f:1d:51:2f:c1:53:1a:
                    0d:09:a8:fb:e3:be:6c:06:73:3a:81:8b:1b:d4:72:
                    57:69:a3:43:07:1a:6a:c9:ae:b2:7f:b2:5a:6e:8d:
                    e2:64:56:94:9e:7d:09:78:7b:63:88:73:20:8b:32:
                    f6:f4:70:96:6d:77:cc:c7:80:44:3a:2e:e3:09:10:
                    19:c9:ef:f5:c7:59:7f:84:27:c6:f8:92:1c:bb:dd:
                    ac:08:ba:2e:9b:f8:c2:63:62:c8:fb:89:38:31:cb:
                    87:e6:44:79:8a:bb:c4:97:46:45:77:73:1f:cc:9a:
                    c2:9c:4e:44:a2:63:fd:8c:bc:ec:cd:3d:4a:e3:6e:
                    07:f1:82:2e:7b:86:80:61:ab:d8:19:64:1e:9a:9e:
                    57:a5:f6:c0:41:9b:bb:3b:a6:ff:d1:a8:52:07:c4:
                    b5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:00:50:A0:A1:7C:29:97:81:AC:AE:2F:CD:78:B8:85:C6:82:1C:B6
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:42:ac:8f:82:54:34:0f:61:68:1f:df:56:d5:58:ff:d8:96:
         e2:f8:b6:2e:a4:d3:5f:b8:d0:f4:7c:ec:27:a6:f4:f7:c8:1f:
         51:c1:52:10:4f:ed:6a:6b:31:68:3f:28:c8:29:6f:a9:0e:0d:
         5d:05:90:5c:5f:0b:28:95:5a:ce:b8:a6:ce:f7:b6:f7:dd:86:
         a8:27:93:82:1f:ca:98:db:34:dd:d6:46:fe:2f:8d:e5:8d:55:
         d0:5f:20:d5:56:c3:9d:30:52:29:f3:07:2b:ff:15:86:ee:b0:
         b1:62:c2:38:7f:55:8d:2b:2d:a3:97:93:88:0c:21:0c:1b:6f:
         d2:9c:9f:86:6b:91:26:8b:85:53:e6:71:8c:da:8b:3b:a5:2f:
         1c:e7:eb:a4:8f:9f:ff:52:0e:81:d8:a9:b1:cc:74:f0:54:fe:
         b1:4c:5a:ab:1b:24:a3:5e:13:dd:4f:d8:cb:7e:11:2f:b4:d5:
         d7:33:8b:ab:41:98:70:5d:c6:b5:95:38:cc:d1:e3:07:c7:3a:
         a8:cd:d9:ed:41:ea:ce:85:ac:9c:06:44:94:90:9a:fe:5a:41:
         4f:73:45:9c:b4:35:f0:ac:d0:74:33:56:4f:d7:47:09:5a:5a:
         b4:90:13:d6:f0:70:27:61:72:f2:e3:2e:31:63:22:75:e8:ad:
         ed:58:2d:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNe/DcrffMelb4MKx4kRGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwNjA4MDMwMDU3WhcNMjUwNjA5MDMwMDU3WjAzMTEwLwYDVQQD
EyhhNDAwNTBhMGExN2MyOTk3ODFhY2FlMmZjZDc4Yjg4NWM2ODIxY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisft1D5dWN2w18lvfEcNkuqBTC4x
TPYjapogDsRAfLO1oYiKSgTMYM/L+uScHuaosZ6rl/Sl+eu/XwyE6apWX1jF2uJr
5qXFL2eUiz4l37TwnQiwNoHBNUTbT9GKGwjLhy8dUS/BUxoNCaj7475sBnM6gYsb
1HJXaaNDBxpqya6yf7Jabo3iZFaUnn0JeHtjiHMgizL29HCWbXfMx4BEOi7jCRAZ
ye/1x1l/hCfG+JIcu92sCLoum/jCY2LI+4k4McuH5kR5irvEl0ZFd3MfzJrCnE5E
omP9jLzszT1K424H8YIue4aAYavYGWQemp5XpfbAQZu7O6b/0ahSB8S1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQAUKChfCmXgayuL814uIXGghy2MB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAREKsj4JU
NA9haB/fVtVY/9iW4vi2LqTTX7jQ9HzsJ6b098gfUcFSEE/tamsxaD8oyClvqQ4N
XQWQXF8LKJVazrimzve2992GqCeTgh/KmNs03dZG/i+N5Y1V0F8g1VbDnTBSKfMH
K/8Vhu6wsWLCOH9VjSsto5eTiAwhDBtv0pyfhmuRJouFU+ZxjNqLO6UvHOfrpI+f
/1IOgdipscx08FT+sUxaqxsko14T3U/Yy34RL7TV1zOLq0GYcF3GtZU4zNHjB8c6
qM3Z7UHqzoWsnAZElJCa/lpBT3NFnLQ18KzQdDNWT9dHCVpatJAT1vBwJ2Fy8uMu
MWMideit7VgtRQ==
-----END CERTIFICATE-----