Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
File:                     lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft (raw, json)
Hash identifier:          vmyJLDQkXMXd5iRhJuVEaZaUEGuyO5wfg+DJbAQchmY=
Subject key identifier:   1E:4E:9B:1A:50:D5:6C:FF:41:0C:74:EC:05:54:34:D5:2E:94:FA:AB
Authority key identifier: 94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9
Certificate issuer:       /CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
Certificate serial:       01958EF32CF983AA5FC41977F0FA700F5905
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
Manifest number:          03AE
Signing time:             Thu 13 Mar 2025 10:00:56 +0000
Manifest this update:     Thu 13 Mar 2025 10:00:56 +0000
Manifest next update:     Fri 14 Mar 2025 10:00:56 +0000
Files and hashes:         1: lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl (hash: OeqWzP7GJas6xy9KKhEX5ZojCxzMgLoEjVOxd3i7iUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:f3:2c:f9:83:aa:5f:c4:19:77:f0:fa:70:0f:59:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
        Validity
            Not Before: Mar 13 10:00:56 2025 GMT
            Not After : Mar 14 10:00:56 2025 GMT
        Subject: CN=1e4e9b1a50d56cff410c74ec055434d52e94faab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:53:1c:4a:0d:09:67:4a:80:f8:e3:e3:ee:94:
                    1c:db:1d:77:5d:c1:f7:82:a6:2b:57:7b:08:5a:76:
                    46:9a:59:5d:71:8a:21:51:00:07:ef:34:a6:3a:1a:
                    7e:f5:8f:8a:3a:aa:88:96:87:33:02:72:41:72:a4:
                    e6:d5:01:fd:49:32:13:98:d0:21:7e:79:56:75:f1:
                    95:ef:a6:e4:61:15:f5:c0:75:60:75:5f:52:5d:fa:
                    73:a0:88:03:42:6d:e0:75:5e:5e:7e:66:76:24:00:
                    69:12:07:17:6d:0f:9f:0a:19:19:65:7c:96:8d:3b:
                    1a:e2:ef:76:95:df:c1:30:19:18:b2:7e:28:8e:0d:
                    9d:7e:58:e2:12:5a:a1:10:20:97:f5:ff:a9:97:5e:
                    16:69:93:3e:bf:0f:a6:0d:1b:fe:1a:20:a1:86:10:
                    54:57:e7:02:64:19:dc:47:e7:12:9f:f1:ca:ef:46:
                    7f:e7:69:34:96:b7:2d:13:3d:84:4d:50:f4:e3:d7:
                    59:a1:bf:48:07:aa:4d:01:03:c0:6e:02:3b:7d:f9:
                    b0:f9:6d:dc:9c:fd:a8:21:f9:5b:6b:fe:9b:f1:7f:
                    16:b3:8a:ea:16:5a:76:73:7e:03:dc:7f:76:a8:db:
                    9b:ac:1b:da:2a:4c:f8:7c:cc:5a:fb:63:80:8f:98:
                    5a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4E:9B:1A:50:D5:6C:FF:41:0C:74:EC:05:54:34:D5:2E:94:FA:AB
            X509v3 Authority Key Identifier:
                keyid:94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:50:ef:32:f4:0b:cf:40:f6:a2:cd:76:0f:cf:cc:ed:7c:17:
         4f:16:c2:22:cd:de:89:e0:80:5a:ae:7d:02:cd:46:56:35:78:
         92:c5:70:6b:35:b2:13:90:78:61:8c:8a:10:bd:c2:fe:a5:aa:
         61:51:4d:bf:61:2b:1b:20:d6:e5:04:3a:cb:f9:5e:53:3b:30:
         10:82:ac:7f:83:38:60:15:35:69:4d:5f:cc:c9:8c:16:d5:aa:
         43:a7:d2:e0:36:8f:cb:78:62:6d:f5:97:39:6f:2f:01:a1:5a:
         d2:ae:0f:ec:8f:94:d9:fc:96:b7:7b:5d:09:07:09:37:8d:2a:
         5a:ea:0f:4d:a1:04:31:78:c7:93:11:01:d6:7f:9d:cd:ac:39:
         f3:f5:10:fd:2c:5c:7d:49:db:96:54:af:f1:3b:6e:d2:77:f5:
         b2:61:39:e0:a7:c2:04:3d:20:e7:9f:c7:d7:35:38:48:ae:ab:
         e3:07:21:5c:5d:83:0a:07:20:77:52:43:35:e4:20:d3:a9:a8:
         89:dc:c9:9a:37:56:46:c2:07:1e:0f:01:13:29:ec:48:93:e8:
         1f:dc:ff:99:07:5e:c9:a5:7b:4f:ff:be:47:c6:02:13:a8:3e:
         19:8b:f2:1a:76:56:d7:02:b2:1c:27:8a:b2:99:8b:3f:ce:37:
         1d:95:fa:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO8yz5g6pfxBl38PpwD1kFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODFlOTQ2Y2ZjOGUxOWMxNjY3YWYzNzVkMTBhMWU0MDQy
ZjBlYjkwHhcNMjUwMzEzMTAwMDU2WhcNMjUwMzE0MTAwMDU2WjAzMTEwLwYDVQQD
EygxZTRlOWIxYTUwZDU2Y2ZmNDEwYzc0ZWMwNTU0MzRkNTJlOTRmYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VMcSg0JZ0qA+OPj7pQc2x13XcH3
gqYrV3sIWnZGmlldcYohUQAH7zSmOhp+9Y+KOqqIloczAnJBcqTm1QH9STITmNAh
fnlWdfGV76bkYRX1wHVgdV9SXfpzoIgDQm3gdV5efmZ2JABpEgcXbQ+fChkZZXyW
jTsa4u92ld/BMBkYsn4ojg2dfljiElqhECCX9f+pl14WaZM+vw+mDRv+GiChhhBU
V+cCZBncR+cSn/HK70Z/52k0lrctEz2ETVD049dZob9IB6pNAQPAbgI7ffmw+W3c
nP2oIflba/6b8X8Ws4rqFlp2c34D3H92qNubrBvaKkz4fMxa+2OAj5hakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5OmxpQ1Wz/QQx07AVUNNUulPqrMB8GA1UdIwQY
MBaAFJSB6UbPyOGcFmevN10QoeQELw65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDkt
NTczMDNhYTQ1Y2JiLzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDktNTczMDNhYTQ1Y2Ji
LzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlDvMvQL
z0D2os12D8/M7XwXTxbCIs3eieCAWq59As1GVjV4ksVwazWyE5B4YYyKEL3C/qWq
YVFNv2ErGyDW5QQ6y/leUzswEIKsf4M4YBU1aU1fzMmMFtWqQ6fS4DaPy3hibfWX
OW8vAaFa0q4P7I+U2fyWt3tdCQcJN40qWuoPTaEEMXjHkxEB1n+dzaw58/UQ/Sxc
fUnbllSv8Ttu0nf1smE54KfCBD0g55/H1zU4SK6r4wchXF2DCgcgd1JDNeQg06mo
idzJmjdWRsIHHg8BEynsSJPoH9z/mQdeyaV7T/++R8YCE6g+GYvyGnZW1wKyHCeK
spmLP843HZX6Kg==
-----END CERTIFICATE-----