Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
File:                     Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft (raw, json)
Hash identifier:          Vm6/8tBcQkyOuEM5GCIlpuaW/67bdM1PrL5RU1duTRA=
Subject key identifier:   FA:8E:A5:82:80:89:DD:52:8A:E6:89:31:EA:CF:57:79:2B:01:E4:CD
Authority key identifier: 46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45
Certificate issuer:       /CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
Certificate serial:       019650119062FD909F26A9B10670372096FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
Manifest number:          11B8
Signing time:             Sat 19 Apr 2025 22:00:50 +0000
Manifest this update:     Sat 19 Apr 2025 22:00:50 +0000
Manifest next update:     Sun 20 Apr 2025 22:00:50 +0000
Files and hashes:         1: Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl (hash: UzDNTyTJDi0PlxH2x3apxCPKlJTFUjMo1tTr2bWfEGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:11:90:62:fd:90:9f:26:a9:b1:06:70:37:20:96:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
        Validity
            Not Before: Apr 19 22:00:50 2025 GMT
            Not After : Apr 20 22:00:50 2025 GMT
        Subject: CN=fa8ea5828089dd528ae68931eacf57792b01e4cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:29:9e:35:de:36:27:61:bf:32:1f:16:aa:00:
                    d2:69:0c:14:9c:51:98:ce:d7:80:1f:aa:73:dc:9f:
                    18:94:02:ee:d8:21:43:54:18:fc:07:9e:94:ee:e8:
                    ea:06:c7:5b:74:1b:47:cf:29:86:fb:44:75:d7:ba:
                    4a:39:6d:0c:34:2d:cd:5b:d7:e4:9e:23:30:07:fe:
                    af:69:6c:94:b0:0f:74:5b:ad:37:09:df:a4:27:3c:
                    1a:8e:c4:9d:b8:36:2e:9e:d6:0e:f3:89:ae:97:d6:
                    65:41:07:21:8e:d8:6b:fd:1a:86:1c:f7:34:52:3d:
                    27:cb:3b:1c:e6:43:54:5c:e2:d4:c7:b1:b8:f2:8d:
                    bf:aa:f3:62:6f:d3:0c:71:27:f5:80:f4:ab:a4:39:
                    11:88:0d:09:a0:66:1d:5c:54:a5:d7:3a:80:5d:86:
                    fe:2f:c1:e9:ab:29:b3:64:83:32:ba:76:3b:15:9b:
                    a4:31:1e:19:0d:b8:87:7d:8e:d2:90:64:72:d8:9a:
                    a2:74:02:9a:9e:29:84:91:8d:62:b0:33:1b:73:9a:
                    c5:a9:d1:46:cb:eb:84:97:fe:b0:b1:f6:dc:92:eb:
                    d1:83:54:b9:9b:99:fc:00:d8:a8:7f:57:0a:1b:80:
                    e6:d4:3a:82:72:f8:39:80:3d:5b:de:a6:20:e7:d0:
                    48:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8E:A5:82:80:89:DD:52:8A:E6:89:31:EA:CF:57:79:2B:01:E4:CD
            X509v3 Authority Key Identifier:
                keyid:46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:7d:40:d6:5c:d3:67:05:ef:38:7e:70:01:c3:d4:b1:d1:40:
         e3:b9:0c:f4:25:38:84:62:da:6d:8a:a2:a1:55:3c:0a:b0:d7:
         f7:69:7f:72:20:bb:2f:cb:5a:54:c2:be:8e:af:85:57:1f:72:
         c1:96:59:f3:19:71:85:8e:dd:ef:b7:a0:06:ce:b9:53:0a:c7:
         26:57:bb:c1:50:0c:ae:fc:48:b1:84:79:38:7c:67:98:cb:3d:
         d7:29:b3:96:ec:59:88:3d:fe:96:35:a9:f3:d7:eb:a9:cd:5b:
         cb:b2:c0:ae:d6:f9:62:77:a6:ec:6b:79:d7:41:ee:99:7b:3b:
         1f:35:79:6c:b9:66:7c:44:b7:b6:6d:76:fc:a4:ee:34:64:d7:
         71:55:94:22:e1:97:9c:15:81:34:f6:48:9e:77:61:44:e0:6e:
         31:5b:02:42:0b:7f:18:00:38:c9:9d:ed:fb:92:27:7e:86:61:
         b2:f4:af:28:28:32:2a:8b:f0:b0:23:16:d2:6b:fc:cd:72:22:
         76:b9:3c:3c:fc:66:fe:68:e8:b7:e0:45:c6:07:fe:3f:1d:42:
         b8:9e:21:30:db:90:c2:57:35:1f:d9:82:de:4e:1c:a7:7c:77:
         96:b2:6a:3e:88:43:cd:dc:0e:c0:d5:6d:a6:b0:fe:71:5b:e6:
         91:3b:72:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQEZBi/ZCfJqmxBnA3IJb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2EzODgxMTJlNjhmNGM3ZDRkODBjMzJkMzdjZmNkNmNk
MjNhNDUwHhcNMjUwNDE5MjIwMDUwWhcNMjUwNDIwMjIwMDUwWjAzMTEwLwYDVQQD
EyhmYThlYTU4MjgwODlkZDUyOGFlNjg5MzFlYWNmNTc3OTJiMDFlNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApymeNd42J2G/Mh8WqgDSaQwUnFGY
zteAH6pz3J8YlALu2CFDVBj8B56U7ujqBsdbdBtHzymG+0R117pKOW0MNC3NW9fk
niMwB/6vaWyUsA90W603Cd+kJzwajsSduDYuntYO84mul9ZlQQchjthr/RqGHPc0
Uj0nyzsc5kNUXOLUx7G48o2/qvNib9MMcSf1gPSrpDkRiA0JoGYdXFSl1zqAXYb+
L8HpqymzZIMyunY7FZukMR4ZDbiHfY7SkGRy2JqidAKanimEkY1isDMbc5rFqdFG
y+uEl/6wsfbckuvRg1S5m5n8ANiof1cKG4Dm1DqCcvg5gD1b3qYg59BIBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqOpYKAid1SiuaJMerPV3krAeTNMB8GA1UdIwQY
MBaAFEZ6OIES5o9MfU2Awy03z81s0jpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUt
YzcxODQ1YTAxNzQ5LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUtYzcxODQ1YTAxNzQ5
LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF31A1lzT
ZwXvOH5wAcPUsdFA47kM9CU4hGLabYqioVU8CrDX92l/ciC7L8taVMK+jq+FVx9y
wZZZ8xlxhY7d77egBs65UwrHJle7wVAMrvxIsYR5OHxnmMs91ymzluxZiD3+ljWp
89frqc1by7LArtb5Ynem7Gt510HumXs7HzV5bLlmfES3tm12/KTuNGTXcVWUIuGX
nBWBNPZInndhROBuMVsCQgt/GAA4yZ3t+5InfoZhsvSvKCgyKovwsCMW0mv8zXIi
drk8PPxm/mjot+BFxgf+Px1CuJ4hMNuQwlc1H9mC3k4cp3x3lrJqPohDzdwOwNVt
prD+cVvmkTtyug==
-----END CERTIFICATE-----