Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
File:                     PKE4ItxLDjEIGkhX_QQHDW2svgw.mft (raw, json)
Hash identifier:          pUA+FMh5Ycdc0NpAcS2gzCZYGtOWcNtYEteV38HDYUw=
Subject key identifier:   33:51:8C:36:40:9B:C9:B3:BF:77:C5:33:87:D1:F3:3A:3C:AF:6B:2E
Authority key identifier: 3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C
Certificate issuer:       /CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
Certificate serial:       01963B77DFD3E831799C189B7667008B204D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
Manifest number:          14ED
Signing time:             Tue 15 Apr 2025 22:00:33 +0000
Manifest this update:     Tue 15 Apr 2025 22:00:33 +0000
Manifest next update:     Wed 16 Apr 2025 22:00:33 +0000
Files and hashes:         1: PKE4ItxLDjEIGkhX_QQHDW2svgw.crl (hash: ZX/9vpmCrEorbnWGnuEAXHj31JEx8g5BwES24JWF2CY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 16 Apr 2025 22:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3b:77:df:d3:e8:31:79:9c:18:9b:76:67:00:8b:20:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
        Validity
            Not Before: Apr 15 22:00:33 2025 GMT
            Not After : Apr 16 22:00:33 2025 GMT
        Subject: CN=33518c36409bc9b3bf77c53387d1f33a3caf6b2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:14:9c:f2:95:cd:de:ca:51:fd:16:8e:15:76:
                    41:ef:a7:6f:51:3b:28:ec:25:d1:db:8b:32:59:d5:
                    ad:7f:1a:2a:58:7a:b0:89:58:a4:19:d7:20:1f:1c:
                    3e:9b:29:41:11:5f:fe:00:af:85:3c:bb:73:5e:89:
                    96:99:07:c7:2f:99:27:4b:34:c7:e4:70:a1:91:a8:
                    04:08:18:99:0b:ba:74:83:90:d5:c7:cb:bd:a1:c4:
                    24:cc:19:b0:53:2b:ce:0a:ce:17:52:a6:3f:33:05:
                    41:d2:d2:d6:bc:95:4b:a8:27:bd:bf:dc:a0:8e:6b:
                    98:50:f7:70:7c:04:66:ca:31:0d:74:14:a1:4b:e9:
                    db:43:c1:2c:d3:25:14:d1:6e:63:e9:5b:4a:ff:13:
                    b8:ba:44:d2:3e:21:2f:98:03:d9:d6:e9:09:e3:53:
                    97:82:4d:fd:ac:86:7b:1c:62:d0:29:64:1c:bd:2e:
                    11:3a:0e:d8:27:19:02:50:29:04:94:8b:ef:cc:a3:
                    17:57:19:4b:65:f3:1b:ba:c6:13:49:d1:9e:3e:35:
                    e0:0a:77:2c:61:c1:5e:df:56:9f:21:31:e7:40:0e:
                    70:a7:89:68:08:83:a5:33:37:e0:3f:f2:ad:00:22:
                    30:37:47:66:d3:bd:22:0e:e6:0c:c6:c2:19:82:81:
                    4e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:51:8C:36:40:9B:C9:B3:BF:77:C5:33:87:D1:F3:3A:3C:AF:6B:2E
            X509v3 Authority Key Identifier:
                keyid:3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:78:29:04:f4:72:d3:f8:db:0d:c1:d5:6a:fb:c0:50:46:41:
         eb:01:62:c5:44:02:4b:b5:cf:55:77:d4:c6:d2:0a:b4:39:0c:
         06:fc:7f:72:d4:48:b1:57:25:55:18:78:32:55:44:aa:b2:ac:
         e6:31:31:3e:0e:be:80:3f:ea:e4:6d:4d:5a:7c:56:5d:46:66:
         88:53:09:76:dc:f1:15:26:e2:47:2b:15:0d:2a:d8:af:c7:db:
         9d:72:33:83:91:59:b6:eb:40:4d:92:df:5d:0f:46:70:53:a9:
         ae:a5:44:d5:14:c8:6d:49:34:a6:d4:1e:d1:05:95:30:d1:fa:
         d0:59:ea:08:9f:76:3d:44:6f:92:ee:92:03:10:a5:bb:e1:df:
         05:e1:be:e2:aa:83:f3:c1:c2:f6:0c:33:6b:9c:8f:0c:3d:29:
         e4:b0:eb:bd:e1:ec:63:23:9b:b4:bd:63:77:34:69:de:a7:85:
         db:26:ba:03:ca:16:89:fe:ef:5e:bc:c0:29:1b:34:29:55:b3:
         fa:89:b8:44:b7:b2:d0:3f:05:70:2f:ad:75:af:9f:a9:e9:3b:
         a4:d0:ee:c8:c8:6b:44:4d:97:0f:6f:ff:48:27:2a:60:33:4e:
         89:f0:47:23:ee:7a:cf:a4:ed:d6:5a:12:59:0b:d3:79:9d:69:
         c2:76:ba:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY7d9/T6DF5nBibdmcAiyBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTEzODIyZGM0YjBlMzEwODFhNDg1N2ZkMDQwNzBkNmRh
Y2JlMGMwHhcNMjUwNDE1MjIwMDMzWhcNMjUwNDE2MjIwMDMzWjAzMTEwLwYDVQQD
EygzMzUxOGMzNjQwOWJjOWIzYmY3N2M1MzM4N2QxZjMzYTNjYWY2YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxSc8pXN3spR/RaOFXZB76dvUTso
7CXR24syWdWtfxoqWHqwiVikGdcgHxw+mylBEV/+AK+FPLtzXomWmQfHL5knSzTH
5HChkagECBiZC7p0g5DVx8u9ocQkzBmwUyvOCs4XUqY/MwVB0tLWvJVLqCe9v9yg
jmuYUPdwfARmyjENdBShS+nbQ8Es0yUU0W5j6VtK/xO4ukTSPiEvmAPZ1ukJ41OX
gk39rIZ7HGLQKWQcvS4ROg7YJxkCUCkElIvvzKMXVxlLZfMbusYTSdGePjXgCncs
YcFe31afITHnQA5wp4loCIOlMzfgP/KtACIwN0dm070iDuYMxsIZgoFONwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNRjDZAm8mzv3fFM4fR8zo8r2suMB8GA1UdIwQY
MBaAFDyhOCLcSw4xCBpIV/0EBw1trL4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgt
YjI5NGY2YmY4MTM3LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgtYjI5NGY2YmY4MTM3
LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAengpBPRy
0/jbDcHVavvAUEZB6wFixUQCS7XPVXfUxtIKtDkMBvx/ctRIsVclVRh4MlVEqrKs
5jExPg6+gD/q5G1NWnxWXUZmiFMJdtzxFSbiRysVDSrYr8fbnXIzg5FZtutATZLf
XQ9GcFOprqVE1RTIbUk0ptQe0QWVMNH60FnqCJ92PURvku6SAxClu+HfBeG+4qqD
88HC9gwza5yPDD0p5LDrveHsYyObtL1jdzRp3qeF2ya6A8oWif7vXrzAKRs0KVWz
+om4RLey0D8FcC+tda+fqek7pNDuyMhrRE2XD2//SCcqYDNOifBHI+56z6Tt1loS
WQvTeZ1pwna64g==
-----END CERTIFICATE-----