Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          CS2SWrKQv74jV3yNURcY1ZjEY8wh5/ig/qt0GKlFm6I=
Subject key identifier:   4D:CB:77:4B:5B:B6:1D:F6:44:68:72:B1:59:4B:28:26:7A:11:8D:67
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019749D5AA1F8FAFAEBE847C4F5C41651D5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0EAE
Signing time:             Sat 07 Jun 2025 10:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:28 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: Pwb7wjj2UVcMKJrq04nMX6yRILuerRfTG2cNigzZjOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:aa:1f:8f:af:ae:be:84:7c:4f:5c:41:65:1d:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Jun  7 10:00:28 2025 GMT
            Not After : Jun  8 10:00:28 2025 GMT
        Subject: CN=4dcb774b5bb61df6446872b1594b28267a118d67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c7:95:76:6c:35:49:e7:80:79:b4:45:3a:94:
                    61:75:5a:8c:a0:85:70:c1:61:a2:3f:40:2b:57:8d:
                    d9:13:58:cf:d9:ad:58:f7:44:63:03:7a:9c:85:c8:
                    1a:95:3b:a9:93:8d:8d:7e:18:55:1f:a9:dc:4f:4d:
                    24:36:51:ae:38:a1:21:94:58:9c:92:44:46:6e:b0:
                    25:86:db:a2:a9:d2:c3:cf:26:82:f6:7c:46:9a:63:
                    1e:c7:37:c0:bb:c3:ba:f9:e9:91:ee:7a:11:10:e0:
                    eb:ae:fa:f6:d8:8b:7c:b1:c3:a7:cc:63:02:da:2e:
                    67:fd:e4:85:ea:70:8a:70:c5:0a:09:31:f2:38:eb:
                    00:8d:4f:e2:11:76:14:44:3c:67:fe:61:d8:80:58:
                    60:4c:0e:8a:19:86:d8:e8:94:5a:7c:9e:bf:b2:57:
                    48:04:bd:dd:ae:37:92:48:22:ed:ce:aa:8c:d7:4a:
                    cb:f3:6f:b1:bb:bf:ee:b1:de:b4:45:45:8e:4a:4b:
                    20:da:58:cc:bb:ed:e4:f4:5d:fa:b2:ee:84:5f:4c:
                    1b:01:ef:29:93:6e:14:b8:3d:17:b4:b8:28:c4:f6:
                    3f:27:17:1e:59:68:40:8e:ab:31:05:08:77:1a:37:
                    08:ed:82:26:54:f5:b3:0a:88:7e:6d:6a:83:d7:6a:
                    97:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:CB:77:4B:5B:B6:1D:F6:44:68:72:B1:59:4B:28:26:7A:11:8D:67
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:aa:f7:3e:6a:f2:6f:85:f0:57:9f:95:48:85:66:44:88:43:
         91:61:2d:90:fe:6b:ff:8f:c5:45:db:0d:e6:b5:e5:dd:38:c7:
         ca:9b:82:f4:a7:98:d5:74:db:89:85:7d:2f:d1:f6:11:32:e9:
         de:d5:a7:8f:c2:f1:5d:39:28:3d:88:31:80:eb:b2:bd:21:1f:
         6e:a7:27:5a:33:58:5f:c7:e0:d7:a6:ed:4a:34:80:67:d7:7c:
         16:f5:a2:cc:46:66:77:1e:33:db:d1:17:d7:d8:a4:76:1a:54:
         8b:3d:51:4e:08:0d:30:7b:69:d9:51:e2:3d:2e:f8:b9:8c:ab:
         ef:54:1d:b3:07:b3:60:6b:d9:61:5d:81:81:bf:79:11:7c:f0:
         16:fc:60:da:66:80:56:04:51:b6:d7:31:1b:69:8a:aa:59:7e:
         d6:ae:83:60:b0:18:f4:7b:58:26:eb:3a:53:32:43:2f:84:71:
         70:e4:74:cb:91:e3:66:b2:7d:f2:af:56:82:11:51:83:33:f6:
         b1:aa:d3:09:97:89:12:15:37:87:f3:c1:18:4d:47:5b:ef:b3:
         61:7f:26:22:02:28:4e:37:d6:f5:6f:66:40:6a:ae:2b:ea:00:
         ca:cc:f6:88:e6:8a:cf:62:05:1c:dc:2e:b8:c7:3f:e0:95:33:
         e1:85:7e:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1aofj6+uvoR8T1xBZR1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwNjA3MTAwMDI4WhcNMjUwNjA4MTAwMDI4WjAzMTEwLwYDVQQD
Eyg0ZGNiNzc0YjViYjYxZGY2NDQ2ODcyYjE1OTRiMjgyNjdhMTE4ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqseVdmw1SeeAebRFOpRhdVqMoIVw
wWGiP0ArV43ZE1jP2a1Y90RjA3qchcgalTupk42NfhhVH6ncT00kNlGuOKEhlFic
kkRGbrAlhtuiqdLDzyaC9nxGmmMexzfAu8O6+emR7noREODrrvr22It8scOnzGMC
2i5n/eSF6nCKcMUKCTHyOOsAjU/iEXYURDxn/mHYgFhgTA6KGYbY6JRafJ6/sldI
BL3drjeSSCLtzqqM10rL82+xu7/usd60RUWOSksg2ljMu+3k9F36su6EX0wbAe8p
k24UuD0XtLgoxPY/JxceWWhAjqsxBQh3GjcI7YImVPWzCoh+bWqD12qXsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3Ld0tbth32RGhysVlLKCZ6EY1nMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6r3Pmry
b4XwV5+VSIVmRIhDkWEtkP5r/4/FRdsN5rXl3TjHypuC9KeY1XTbiYV9L9H2ETLp
3tWnj8LxXTkoPYgxgOuyvSEfbqcnWjNYX8fg16btSjSAZ9d8FvWizEZmdx4z29EX
19ikdhpUiz1RTggNMHtp2VHiPS74uYyr71QdswezYGvZYV2Bgb95EXzwFvxg2maA
VgRRttcxG2mKqll+1q6DYLAY9HtYJus6UzJDL4RxcOR0y5HjZrJ98q9WghFRgzP2
sarTCZeJEhU3h/PBGE1HW++zYX8mIgIoTjfW9W9mQGquK+oAysz2iOaKz2IFHNwu
uMc/4JUz4YV+/A==
-----END CERTIFICATE-----