Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
File:                     jR4EozwylZxnL0X0a-EIZLgemEo.mft (raw, json)
Hash identifier:          0YnBQO2W9vFvtpysDD+6tBO27I7FFIlNdgZfWa8OEZQ=
Subject key identifier:   A4:FB:7E:0C:FC:89:21:2E:17:78:CE:B6:89:E1:3F:23:02:89:C4:A0
Authority key identifier: 8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A
Certificate issuer:       /CN=8d1e04a33c32959c672f45f46be10864b81e984a
Certificate serial:       01965011D89926E166D00347052F514AA310
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 22:01:08 +0000
Manifest this update:     Sat 19 Apr 2025 22:01:08 +0000
Manifest next update:     Sun 20 Apr 2025 22:01:08 +0000
Files and hashes:         1: jR4EozwylZxnL0X0a-EIZLgemEo.crl (hash: we9k0zP9U5iBIXCpdtatLe19JdSFvZtnMZTNURyNkIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:11:d8:99:26:e1:66:d0:03:47:05:2f:51:4a:a3:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1e04a33c32959c672f45f46be10864b81e984a
        Validity
            Not Before: Apr 19 22:01:08 2025 GMT
            Not After : Apr 20 22:01:08 2025 GMT
        Subject: CN=a4fb7e0cfc89212e1778ceb689e13f230289c4a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3b:30:6a:7e:a6:ab:ae:bb:be:2d:7e:df:aa:
                    de:51:96:61:22:fa:51:15:fe:fa:be:fe:cf:54:4a:
                    a5:85:98:37:ae:db:7e:48:c1:f9:b5:3a:bc:5b:77:
                    b7:8c:b9:80:44:d8:11:f7:c1:64:86:e6:24:d3:ae:
                    38:b4:c0:73:76:4d:5e:b5:6e:af:47:bf:be:a2:9c:
                    ad:b9:a6:a0:3c:ff:34:d3:6e:7d:6a:34:0c:01:5b:
                    49:02:6f:49:b5:7c:6b:11:a9:ae:9d:dc:24:5f:3b:
                    b7:fa:9a:26:30:fd:19:35:04:96:71:bc:e3:fb:27:
                    0c:6f:6b:bf:1b:63:0b:5e:e4:46:11:15:bd:62:29:
                    6d:34:d4:85:ed:b2:0a:04:6f:2f:03:e8:15:45:2c:
                    74:17:dc:d3:4e:f7:b3:3d:59:07:2e:32:b1:9c:51:
                    d4:9d:70:5f:e6:b7:cc:51:e0:a1:87:36:68:fe:31:
                    9c:2a:2e:86:f9:e9:6b:4a:10:f4:be:be:d6:92:f2:
                    31:f0:5f:6c:fa:6b:01:43:74:c0:b0:c4:d2:e7:08:
                    06:45:b2:42:07:6e:15:10:d9:2e:39:4f:db:f0:93:
                    a7:a1:74:cd:3a:09:c0:4d:51:d7:13:c9:c8:2f:44:
                    28:e6:7f:8e:62:00:8c:76:27:b2:fc:4c:9c:70:46:
                    70:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:FB:7E:0C:FC:89:21:2E:17:78:CE:B6:89:E1:3F:23:02:89:C4:A0
            X509v3 Authority Key Identifier:
                keyid:8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:54:10:bb:aa:91:e5:54:8c:ab:7a:51:27:76:4c:1d:c3:e2:
         cb:cd:16:22:1a:d2:0d:24:51:d4:df:61:34:33:42:13:ba:6c:
         1c:f8:8f:d3:5a:75:6c:a9:c6:95:e6:34:48:f0:8c:34:b5:61:
         21:3c:77:40:4c:6c:9c:60:1c:ef:46:29:1b:8d:99:b7:ba:b5:
         99:e7:e6:dd:29:a8:08:36:66:94:8a:45:57:27:61:27:42:b5:
         74:b0:f5:c7:f1:6e:75:4b:97:53:61:36:85:c6:20:84:d8:55:
         71:fb:ae:68:10:ed:29:35:43:8f:82:52:44:fe:b8:ec:07:c4:
         da:f0:8c:2d:e0:4b:6d:07:95:cb:f3:57:03:e5:df:7f:4b:f7:
         70:bb:fb:61:ce:65:9c:c5:4d:fb:33:fb:fc:27:bb:f9:2e:d0:
         ac:84:40:8a:96:eb:f4:c5:54:d8:9b:1a:cc:b3:12:93:1a:0d:
         71:d8:c9:db:c9:f4:19:90:fb:2c:3d:c5:1b:84:f4:94:83:a7:
         4d:6d:8c:23:c0:c3:da:ca:97:58:14:bf:06:ac:23:d2:78:6b:
         14:b6:b0:2e:db:dd:43:8c:b9:ab:01:35:df:6e:7f:63:0c:c1:
         21:7b:98:90:3c:3a:7d:0c:bd:1b:b4:a5:a3:f8:0c:91:d3:d8:
         bb:28:fb:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQEdiZJuFm0ANHBS9RSqMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWUwNGEzM2MzMjk1OWM2NzJmNDVmNDZiZTEwODY0Yjgx
ZTk4NGEwHhcNMjUwNDE5MjIwMTA4WhcNMjUwNDIwMjIwMTA4WjAzMTEwLwYDVQQD
EyhhNGZiN2UwY2ZjODkyMTJlMTc3OGNlYjY4OWUxM2YyMzAyODljNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTswan6mq667vi1+36reUZZhIvpR
Ff76vv7PVEqlhZg3rtt+SMH5tTq8W3e3jLmARNgR98FkhuYk0644tMBzdk1etW6v
R7++opytuaagPP800259ajQMAVtJAm9JtXxrEamundwkXzu3+pomMP0ZNQSWcbzj
+ycMb2u/G2MLXuRGERW9YiltNNSF7bIKBG8vA+gVRSx0F9zTTvezPVkHLjKxnFHU
nXBf5rfMUeChhzZo/jGcKi6G+elrShD0vr7WkvIx8F9s+msBQ3TAsMTS5wgGRbJC
B24VENkuOU/b8JOnoXTNOgnATVHXE8nIL0Qo5n+OYgCMdiey/EyccEZwUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKT7fgz8iSEuF3jOtonhPyMCicSgMB8GA1UdIwQY
MBaAFI0eBKM8MpWcZy9F9GvhCGS4HphKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTct
ZTI0OWU3M2VjY2YxLzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTctZTI0OWU3M2VjY2Yx
LzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFQQu6qR
5VSMq3pRJ3ZMHcPiy80WIhrSDSRR1N9hNDNCE7psHPiP01p1bKnGleY0SPCMNLVh
ITx3QExsnGAc70YpG42Zt7q1mefm3SmoCDZmlIpFVydhJ0K1dLD1x/FudUuXU2E2
hcYghNhVcfuuaBDtKTVDj4JSRP647AfE2vCMLeBLbQeVy/NXA+Xff0v3cLv7Yc5l
nMVN+zP7/Ce7+S7QrIRAipbr9MVU2JsazLMSkxoNcdjJ28n0GZD7LD3FG4T0lIOn
TW2MI8DD2sqXWBS/Bqwj0nhrFLawLtvdQ4y5qwE1325/YwzBIXuYkDw6fQy9G7Sl
o/gMkdPYuyj7pg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:27:01 2025 by rpki-client