Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
File:                     uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft (raw, json)
Hash identifier:          LDFm7gaxKewyfEoZlLjXNjeyBlJ8BJKLkNNCf/1qKdE=
Subject key identifier:   09:62:72:6A:0B:5B:66:F1:26:AB:E6:DE:DE:FD:D2:61:1E:30:06:11
Authority key identifier: B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02
Certificate issuer:       /CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
Certificate serial:       019657266E0E0DBE5E71BBB3404010756080
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
Manifest number:          0F50
Signing time:             Mon 21 Apr 2025 07:00:58 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:58 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:58 +0000
Files and hashes:         1: uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl (hash: 4CJWebhbqj0gdLMHh56zRk4K6oSjKRz9ZgDgAB3ZCiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:6e:0e:0d:be:5e:71:bb:b3:40:40:10:75:60:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
        Validity
            Not Before: Apr 21 07:00:58 2025 GMT
            Not After : Apr 22 07:00:58 2025 GMT
        Subject: CN=0962726a0b5b66f126abe6dedefdd2611e300611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:08:0a:4a:99:fb:37:de:3c:e1:7a:4d:af:33:
                    b8:bc:d7:1d:a5:f8:d6:ec:37:df:b7:fb:b4:3a:79:
                    dc:a2:72:e9:e4:ec:95:00:3e:c4:11:e5:2b:54:86:
                    ac:4b:c2:73:f9:d3:29:4c:d0:a0:3f:a8:30:29:d5:
                    ba:03:8d:04:83:38:a0:a1:5a:9d:a4:94:f7:75:20:
                    43:71:4a:70:1e:fa:46:5b:79:91:8d:35:71:a5:8e:
                    51:83:e4:a9:cc:d2:35:21:03:64:c3:04:62:08:86:
                    6a:0c:51:b5:c9:7b:f8:5d:a8:d1:1b:f2:31:5f:d5:
                    f8:e7:c5:ba:bd:17:a1:3c:12:3b:e7:2b:60:ce:c3:
                    8d:d2:9a:e8:38:e7:d9:a4:40:ea:39:27:fb:fb:ac:
                    41:f1:49:e7:6d:34:c3:20:cd:e9:d5:26:dd:66:73:
                    e7:a1:00:fa:bd:ab:02:6d:92:00:2e:39:49:78:b5:
                    dc:d3:f1:c7:cb:f9:e4:11:a2:09:5f:b3:a1:82:ba:
                    bd:b3:53:29:b3:d8:88:e6:a7:e9:0e:43:53:e5:28:
                    4e:a2:b7:ef:22:6c:0b:4c:ab:00:c0:db:7c:8d:40:
                    e9:9d:ee:e5:f0:2e:db:e5:24:64:6e:90:9f:a1:57:
                    6b:3b:a4:61:9e:1d:19:8a:b0:09:af:6a:0b:aa:1d:
                    c0:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:62:72:6A:0B:5B:66:F1:26:AB:E6:DE:DE:FD:D2:61:1E:30:06:11
            X509v3 Authority Key Identifier:
                keyid:B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:c5:d5:31:13:83:c8:f8:6e:43:5d:cf:c4:81:41:70:87:7b:
         50:4b:1d:54:1b:9e:a1:e3:c7:65:59:05:3f:7d:00:20:4d:b3:
         7f:ae:a6:23:13:c2:ca:82:4c:41:62:cf:c1:a4:c8:34:a7:af:
         c5:e8:06:fe:ef:82:17:45:16:f3:16:4d:98:01:d7:c7:f8:d1:
         14:9e:d4:90:83:62:53:37:76:8e:c8:bb:b1:c8:13:0a:bc:43:
         60:75:57:23:0c:c6:02:91:ec:6c:81:0b:41:b6:60:ec:1e:a5:
         8d:e7:6a:ec:1b:19:f1:f9:f7:55:62:c8:0d:06:b4:78:95:75:
         e3:3c:7a:30:fa:fd:b7:e4:3d:5c:19:40:84:08:ba:85:0f:a7:
         16:04:f1:ed:37:c9:8c:6e:3a:ac:67:dc:89:23:ba:06:f4:c5:
         ec:62:17:b6:fd:95:61:cf:36:2a:c6:48:10:c4:d5:dc:6f:2c:
         09:41:87:f7:11:9f:81:53:7f:25:60:9c:e0:38:80:17:99:cb:
         74:12:9d:a6:13:8e:fe:ca:6e:38:ed:ed:5f:7a:45:63:ef:e3:
         28:42:86:83:e2:df:98:d0:54:52:d0:22:df:66:f6:35:f2:f6:
         dd:21:3e:f4:96:14:91:1e:06:84:ec:65:4b:8c:33:8c:5c:bf:
         34:a5:88:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJm4ODb5ecbuzQEAQdWCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWUwYmU2YjcyNzljZGVjZjc4YmRkNjQxMDVmODQ0M2Qw
YzBjMDIwHhcNMjUwNDIxMDcwMDU4WhcNMjUwNDIyMDcwMDU4WjAzMTEwLwYDVQQD
EygwOTYyNzI2YTBiNWI2NmYxMjZhYmU2ZGVkZWZkZDI2MTFlMzAwNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwgKSpn7N9484XpNrzO4vNcdpfjW
7Dfft/u0OnnconLp5OyVAD7EEeUrVIasS8Jz+dMpTNCgP6gwKdW6A40EgzigoVqd
pJT3dSBDcUpwHvpGW3mRjTVxpY5Rg+SpzNI1IQNkwwRiCIZqDFG1yXv4XajRG/Ix
X9X458W6vRehPBI75ytgzsON0proOOfZpEDqOSf7+6xB8UnnbTTDIM3p1SbdZnPn
oQD6vasCbZIALjlJeLXc0/HHy/nkEaIJX7Ohgrq9s1Mps9iI5qfpDkNT5ShOorfv
ImwLTKsAwNt8jUDpne7l8C7b5SRkbpCfoVdrO6Rhnh0ZirAJr2oLqh3AMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlicmoLW2bxJqvm3t790mEeMAYRMB8GA1UdIwQY
MBaAFLheC+a3J5zez3i91kEF+EQ9DAwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQt
NDNiZjFjNDNlYzBmLzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQtNDNiZjFjNDNlYzBm
LzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsMXVMROD
yPhuQ13PxIFBcId7UEsdVBueoePHZVkFP30AIE2zf66mIxPCyoJMQWLPwaTINKev
xegG/u+CF0UW8xZNmAHXx/jRFJ7UkINiUzd2jsi7scgTCrxDYHVXIwzGApHsbIEL
QbZg7B6ljedq7BsZ8fn3VWLIDQa0eJV14zx6MPr9t+Q9XBlAhAi6hQ+nFgTx7TfJ
jG46rGfciSO6BvTF7GIXtv2VYc82KsZIEMTV3G8sCUGH9xGfgVN/JWCc4DiAF5nL
dBKdphOO/spuOO3tX3pFY+/jKEKGg+LfmNBUUtAi32b2NfL23SE+9JYUkR4GhOxl
S4wzjFy/NKWIeQ==
-----END CERTIFICATE-----