Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          QOgFAG53CV5CyV0Gri1XChLQzJ9DR+NpaUKnIWYUMVk=
Subject key identifier:   CE:15:74:DD:8F:40:5F:4A:A8:1A:EE:9A:1F:8E:AE:04:1A:E8:70:28
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       01964FA31F88CBD734BBF277124B5AA8DF4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0D7B
Signing time:             Sat 19 Apr 2025 20:00:12 +0000
Manifest this update:     Sat 19 Apr 2025 20:00:12 +0000
Manifest next update:     Sun 20 Apr 2025 20:00:12 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: 5p/dUqeX5aINq1Vn2QP7EFXIIoTDlSgXWURyisglGOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 20:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:a3:1f:88:cb:d7:34:bb:f2:77:12:4b:5a:a8:df:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Apr 19 20:00:12 2025 GMT
            Not After : Apr 20 20:00:12 2025 GMT
        Subject: CN=ce1574dd8f405f4aa81aee9a1f8eae041ae87028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:39:97:9b:6e:34:16:de:fc:98:cc:6f:d0:bc:
                    ba:4f:f3:db:66:08:bc:29:d7:63:1e:a1:e1:b5:4c:
                    39:de:1a:33:f1:24:60:f3:28:4e:ba:8d:f5:cc:c6:
                    18:2e:96:3a:fb:33:2b:a5:c9:b0:ce:41:05:96:16:
                    6b:25:c6:2c:79:c8:3c:b3:3b:ea:eb:a3:61:0f:99:
                    d7:19:6e:6c:64:2a:c7:03:2c:75:88:f0:df:60:f7:
                    27:05:6a:45:f8:e4:4a:0c:4c:55:ea:d2:e1:a5:e0:
                    12:d5:12:58:9b:e1:f5:ec:df:66:ad:cf:97:93:f3:
                    6f:63:3c:75:c4:d9:a3:d0:3f:3d:77:35:1c:fd:db:
                    9e:53:fb:30:c7:b2:15:58:8a:80:9b:0f:9c:86:d3:
                    ec:e7:3a:2a:41:2d:ac:bb:31:fb:f9:36:f4:ec:4f:
                    0b:c5:62:0a:97:87:74:72:51:71:cf:6b:fc:6e:19:
                    3d:9d:7d:40:e4:94:61:f3:83:73:37:a9:ff:3e:cf:
                    d2:6b:22:e1:2e:c7:b1:9d:87:c2:80:a0:d7:08:11:
                    5c:bd:fa:44:8c:8e:0c:cd:2e:ea:39:cb:23:73:e3:
                    06:e9:d4:f3:ca:94:bc:ea:97:31:75:06:ca:8b:4a:
                    a3:48:40:e1:3a:2e:f0:9f:57:b7:75:04:95:ad:30:
                    b3:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:15:74:DD:8F:40:5F:4A:A8:1A:EE:9A:1F:8E:AE:04:1A:E8:70:28
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:74:cf:a4:16:3d:19:ae:47:a2:86:71:0c:c0:ba:bf:f0:bf:
         75:91:9d:3d:33:34:e4:43:bd:2a:5e:18:6e:d7:f2:ab:58:b7:
         38:29:02:cd:b1:b0:29:6e:7e:55:39:f3:76:b9:fa:53:41:47:
         93:19:7a:14:cf:04:1a:7c:12:11:ba:26:1c:d6:1d:13:5e:76:
         ae:49:fa:bb:de:f7:a6:ab:c6:4a:df:af:36:ff:1c:35:b4:56:
         95:3c:2b:45:a9:0c:d3:53:51:75:ae:f3:81:49:33:c3:93:a9:
         cc:20:63:bd:2c:25:61:ee:83:d8:07:9e:8e:e6:af:1f:04:e3:
         e5:4d:67:36:98:d7:bf:30:2f:c9:d1:6d:6d:18:a4:8e:a6:47:
         99:5a:a7:e0:84:5b:c9:5e:60:5f:22:b2:20:36:3e:1f:73:1a:
         60:64:d8:27:c9:51:e7:1b:1d:08:ff:2d:16:8a:b0:7e:0c:84:
         f6:af:7d:26:9f:23:65:a8:47:bc:13:f7:08:1b:11:89:e4:50:
         ce:29:b3:63:3e:2d:de:a2:66:b6:2d:49:23:30:f4:80:22:50:
         43:1e:fc:3d:e3:91:ff:4e:ca:f8:ae:98:12:2b:6b:bb:bb:ca:
         e3:7e:61:4c:1c:25:cf:0b:b3:59:52:9e:6b:12:6b:ab:e8:c1:
         26:38:81:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPox+Iy9c0u/J3EktaqN9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwNDE5MjAwMDEyWhcNMjUwNDIwMjAwMDEyWjAzMTEwLwYDVQQD
EyhjZTE1NzRkZDhmNDA1ZjRhYTgxYWVlOWExZjhlYWUwNDFhZTg3MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TmXm240Ft78mMxv0Ly6T/PbZgi8
KddjHqHhtUw53hoz8SRg8yhOuo31zMYYLpY6+zMrpcmwzkEFlhZrJcYsecg8szvq
66NhD5nXGW5sZCrHAyx1iPDfYPcnBWpF+ORKDExV6tLhpeAS1RJYm+H17N9mrc+X
k/NvYzx1xNmj0D89dzUc/dueU/swx7IVWIqAmw+chtPs5zoqQS2suzH7+Tb07E8L
xWIKl4d0clFxz2v8bhk9nX1A5JRh84NzN6n/Ps/SayLhLsexnYfCgKDXCBFcvfpE
jI4MzS7qOcsjc+MG6dTzypS86pcxdQbKi0qjSEDhOi7wn1e3dQSVrTCzEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4VdN2PQF9KqBrumh+OrgQa6HAoMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjHTPpBY9
Ga5HooZxDMC6v/C/dZGdPTM05EO9Kl4Ybtfyq1i3OCkCzbGwKW5+VTnzdrn6U0FH
kxl6FM8EGnwSEbomHNYdE152rkn6u973pqvGSt+vNv8cNbRWlTwrRakM01NRda7z
gUkzw5OpzCBjvSwlYe6D2AeejuavHwTj5U1nNpjXvzAvydFtbRikjqZHmVqn4IRb
yV5gXyKyIDY+H3MaYGTYJ8lR5xsdCP8tFoqwfgyE9q99Jp8jZahHvBP3CBsRieRQ
zimzYz4t3qJmti1JIzD0gCJQQx78PeOR/07K+K6YEitru7vK435hTBwlzwuzWVKe
axJrq+jBJjiBuw==
-----END CERTIFICATE-----