Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          P8Vl5M7sSyfDWQGtxbnys/foZaqii5pc6viUK1udKv0=
Subject key identifier:   4A:06:06:27:25:DA:CB:F6:D0:E0:05:53:E2:62:1E:D8:98:A4:AE:A0
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       0196515AF106A1E6F27BA68274664396B6D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          11FC
Signing time:             Sun 20 Apr 2025 04:00:36 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:36 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:36 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: y0fclTHY6a5S5A9fVyDD3li+YXoyHQtwqxcmhPPaFsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5a:f1:06:a1:e6:f2:7b:a6:82:74:66:43:96:b6:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Apr 20 04:00:36 2025 GMT
            Not After : Apr 21 04:00:36 2025 GMT
        Subject: CN=4a06062725dacbf6d0e00553e2621ed898a4aea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5c:3d:5a:66:33:04:d7:e2:35:0c:7e:2a:ea:
                    d9:a6:16:25:d6:e3:56:46:f8:ae:24:a4:80:0b:97:
                    a5:2f:fc:2e:cb:04:b9:56:88:72:10:73:74:21:6f:
                    81:d7:b3:7f:cb:0c:11:1b:38:07:70:73:26:a8:6d:
                    86:49:90:ac:83:32:07:86:14:c5:48:e5:5d:4d:ba:
                    bf:b8:31:33:3b:75:c1:fe:f9:28:16:6e:1e:9b:e3:
                    9e:1d:93:7b:59:6b:6c:04:7b:b6:ab:93:1a:44:cd:
                    08:10:0f:81:66:e4:f9:29:62:a7:80:f1:97:e0:a6:
                    86:1e:06:99:01:a3:06:72:4f:09:fb:7a:42:53:45:
                    b0:ab:b7:86:8e:62:4c:cb:cf:f7:6b:fd:36:de:a4:
                    94:3a:f9:21:ba:de:0b:c7:8b:b0:92:45:0f:7a:ef:
                    00:54:2c:67:f5:a8:66:41:c0:45:66:75:54:be:da:
                    b7:69:29:64:9d:73:87:02:2d:27:e6:73:ab:88:89:
                    cc:fb:0a:3f:5d:aa:08:f0:bb:8b:01:29:b6:c9:ca:
                    4e:8f:4e:d9:17:43:b0:64:b2:c9:a6:a6:ff:0e:e4:
                    f9:41:9b:97:1f:d2:65:ed:bd:f9:18:27:cc:a9:8f:
                    83:bc:04:91:42:29:7a:ab:3e:c0:22:c8:e5:65:dc:
                    f9:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:06:06:27:25:DA:CB:F6:D0:E0:05:53:E2:62:1E:D8:98:A4:AE:A0
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:cd:fb:24:4d:6a:7a:07:80:c5:29:f3:83:80:cc:04:23:3c:
         04:e0:56:da:c6:fa:a7:f8:9f:c9:38:b5:b3:97:ec:d1:30:55:
         ee:9b:bc:2f:34:b5:17:27:b4:e6:f0:ce:89:3f:38:1d:10:e9:
         99:c6:dd:a6:c8:d4:60:69:99:f0:12:03:ca:28:2b:17:6e:2c:
         36:83:9e:44:b9:85:d1:92:f5:2a:77:c0:8d:1d:f2:fe:fa:4e:
         7f:d2:20:4e:63:fc:e8:4a:33:e6:f5:39:85:5d:f2:74:73:46:
         f3:08:54:58:8d:7d:35:35:1f:e9:70:40:f3:f0:19:e3:d0:ac:
         19:5a:21:42:07:f5:a0:43:b0:d2:0a:38:77:43:69:03:d0:b1:
         f1:78:56:d7:42:2d:df:d3:51:83:b4:42:5e:f1:e1:a8:e9:c2:
         88:87:2c:6d:56:50:33:98:42:3e:3c:54:cf:15:f9:97:ae:7a:
         f7:43:bf:2f:cb:1d:ac:25:9c:a2:fb:65:11:51:83:74:c8:84:
         ce:38:d4:18:e2:92:46:58:b5:a5:58:fb:81:cb:93:81:8c:4a:
         43:24:3a:5c:62:16:dc:0c:b0:17:db:24:52:54:1d:3e:4e:68:
         3c:7d:3f:3c:22:8b:6f:df:35:f0:e9:94:fa:5a:6e:b3:7c:3e:
         c8:6a:a9:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWvEGoebye6aCdGZDlrbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUwNDIwMDQwMDM2WhcNMjUwNDIxMDQwMDM2WjAzMTEwLwYDVQQD
Eyg0YTA2MDYyNzI1ZGFjYmY2ZDBlMDA1NTNlMjYyMWVkODk4YTRhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11w9WmYzBNfiNQx+KurZphYl1uNW
RviuJKSAC5elL/wuywS5VohyEHN0IW+B17N/ywwRGzgHcHMmqG2GSZCsgzIHhhTF
SOVdTbq/uDEzO3XB/vkoFm4em+OeHZN7WWtsBHu2q5MaRM0IEA+BZuT5KWKngPGX
4KaGHgaZAaMGck8J+3pCU0Wwq7eGjmJMy8/3a/023qSUOvkhut4Lx4uwkkUPeu8A
VCxn9ahmQcBFZnVUvtq3aSlknXOHAi0n5nOriInM+wo/XaoI8LuLASm2ycpOj07Z
F0OwZLLJpqb/DuT5QZuXH9Jl7b35GCfMqY+DvASRQil6qz7AIsjlZdz5uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoGBicl2sv20OAFU+JiHtiYpK6gMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZs37JE1q
egeAxSnzg4DMBCM8BOBW2sb6p/ifyTi1s5fs0TBV7pu8LzS1Fye05vDOiT84HRDp
mcbdpsjUYGmZ8BIDyigrF24sNoOeRLmF0ZL1KnfAjR3y/vpOf9IgTmP86Eoz5vU5
hV3ydHNG8whUWI19NTUf6XBA8/AZ49CsGVohQgf1oEOw0go4d0NpA9Cx8XhW10It
39NRg7RCXvHhqOnCiIcsbVZQM5hCPjxUzxX5l65690O/L8sdrCWcovtlEVGDdMiE
zjjUGOKSRli1pVj7gcuTgYxKQyQ6XGIW3AywF9skUlQdPk5oPH0/PCKLb9818OmU
+lpus3w+yGqpWQ==
-----END CERTIFICATE-----