Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
File:                     4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft (raw, json)
Hash identifier:          xE+p27weECagYm4LsGN5gyTIp7a7rA2RDXID3Fvchgs=
Subject key identifier:   30:ED:05:9F:18:D3:98:1B:8A:3E:11:A9:A3:4E:18:E4:38:DC:87:E6
Authority key identifier: E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C
Certificate issuer:       /CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
Certificate serial:       0196515AB502ED22823B5C80F39A4775F83F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
Manifest number:          12A1
Signing time:             Sun 20 Apr 2025 04:00:21 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:21 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:21 +0000
Files and hashes:         1: 4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl (hash: ekux59qbMdu+ywEaxXB9kXG/x1//nJWCPL2C9wktltc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5a:b5:02:ed:22:82:3b:5c:80:f3:9a:47:75:f8:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
        Validity
            Not Before: Apr 20 04:00:21 2025 GMT
            Not After : Apr 21 04:00:21 2025 GMT
        Subject: CN=30ed059f18d3981b8a3e11a9a34e18e438dc87e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:06:91:15:28:b7:08:af:81:4a:0a:47:1e:2e:
                    52:c9:58:70:98:b9:ff:a5:38:3a:64:05:e3:d7:fd:
                    17:dd:b4:7a:63:ab:f5:48:03:8c:68:b1:2b:d8:c8:
                    20:cf:3a:f4:2c:28:d7:3d:fc:21:59:b3:41:36:fc:
                    43:09:ca:53:81:97:e6:be:02:83:9e:6f:d7:14:ee:
                    bb:73:bb:1a:14:6a:b1:7c:5b:56:ad:d3:36:e8:89:
                    c3:d4:ae:ff:40:5a:de:ed:99:91:85:fd:e9:c5:61:
                    c7:37:f3:fe:ed:bc:4b:52:a0:90:0e:ce:6b:5e:19:
                    44:e5:3f:98:ee:44:68:70:42:1e:0e:1f:2e:68:6e:
                    77:6c:77:7f:e5:e6:a3:75:4b:1a:fe:9c:54:32:56:
                    a0:f3:54:e0:b2:0d:63:da:da:79:66:c9:da:5c:46:
                    07:bc:c4:88:9b:07:22:d8:29:8c:2e:8c:84:14:6c:
                    0f:bc:76:60:15:17:da:27:89:e2:94:91:51:bf:db:
                    f5:40:4b:99:c9:ff:82:56:5a:48:5c:be:ef:fa:ac:
                    52:9e:d6:11:37:7a:e1:1e:ae:d5:18:13:6e:0e:34:
                    eb:87:fb:df:f8:a0:98:89:08:25:5d:e1:69:d3:40:
                    36:e6:17:29:dd:fe:1b:f6:89:9a:24:4d:f8:b0:ee:
                    d9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:ED:05:9F:18:D3:98:1B:8A:3E:11:A9:A3:4E:18:E4:38:DC:87:E6
            X509v3 Authority Key Identifier:
                keyid:E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:e8:bf:bc:03:be:c9:d3:18:b9:7c:3a:00:28:01:ec:e8:ae:
         94:0e:35:78:a7:38:6c:c0:7a:42:8b:c1:08:36:ce:e8:f2:50:
         47:e1:c4:cb:7d:e2:49:07:d5:54:b8:0a:e7:f3:87:22:cb:77:
         2f:18:cc:84:5d:92:16:13:d4:fe:dd:43:96:06:a6:90:a4:d8:
         8f:a5:92:82:6c:48:63:db:8d:26:df:d0:25:c4:d3:02:44:b5:
         f7:e2:60:fd:9d:b4:1b:29:4c:83:34:95:12:23:04:ba:2b:7b:
         88:bb:12:3e:32:39:4d:f5:d0:4c:cc:43:5c:fd:d6:0d:a0:a5:
         f1:0e:10:ae:af:56:34:b5:46:2c:3d:9c:bd:1e:86:e5:b4:d7:
         0c:60:df:66:7a:0a:a4:87:4d:62:a5:51:f9:fd:94:87:3e:5e:
         91:96:e5:1c:1e:df:f1:87:d4:5c:fb:d9:1a:0a:36:50:68:4c:
         9e:77:68:c2:2e:a1:3c:4d:1e:6c:8f:e2:7f:cc:7a:c7:c7:fe:
         e0:0b:74:1c:05:fe:a1:bd:b3:96:75:d2:29:50:2d:8c:18:d0:
         46:e4:d6:f2:14:00:23:0f:82:86:f9:ff:40:2a:e6:d5:b8:66:
         3b:c8:f7:d3:f2:f5:81:de:84:f3:9c:79:d4:62:39:a3:f6:16:
         e7:94:1b:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWrUC7SKCO1yA85pHdfg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWQxYjUwMzc3ZDdjMDc1YzY0ZDAwOWY0MGEzMGZlNzI5
MDY4N2MwHhcNMjUwNDIwMDQwMDIxWhcNMjUwNDIxMDQwMDIxWjAzMTEwLwYDVQQD
EygzMGVkMDU5ZjE4ZDM5ODFiOGEzZTExYTlhMzRlMThlNDM4ZGM4N2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgaRFSi3CK+BSgpHHi5SyVhwmLn/
pTg6ZAXj1/0X3bR6Y6v1SAOMaLEr2Mggzzr0LCjXPfwhWbNBNvxDCcpTgZfmvgKD
nm/XFO67c7saFGqxfFtWrdM26InD1K7/QFre7ZmRhf3pxWHHN/P+7bxLUqCQDs5r
XhlE5T+Y7kRocEIeDh8uaG53bHd/5eajdUsa/pxUMlag81Tgsg1j2tp5ZsnaXEYH
vMSImwci2CmMLoyEFGwPvHZgFRfaJ4nilJFRv9v1QEuZyf+CVlpIXL7v+qxSntYR
N3rhHq7VGBNuDjTrh/vf+KCYiQglXeFp00A25hcp3f4b9omaJE34sO7ZoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDtBZ8Y05gbij4RqaNOGOQ43IfmMB8GA1UdIwQY
MBaAFOKtG1A3fXwHXGTQCfQKMP5ykGh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUt
NzNmMWFiNWNhZTk2LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUtNzNmMWFiNWNhZTk2
LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWui/vAO+
ydMYuXw6ACgB7OiulA41eKc4bMB6QovBCDbO6PJQR+HEy33iSQfVVLgK5/OHIst3
LxjMhF2SFhPU/t1DlgamkKTYj6WSgmxIY9uNJt/QJcTTAkS19+Jg/Z20GylMgzSV
EiMEuit7iLsSPjI5TfXQTMxDXP3WDaCl8Q4Qrq9WNLVGLD2cvR6G5bTXDGDfZnoK
pIdNYqVR+f2Uhz5ekZblHB7f8YfUXPvZGgo2UGhMnndowi6hPE0ebI/if8x6x8f+
4At0HAX+ob2zlnXSKVAtjBjQRuTW8hQAIw+Chvn/QCrm1bhmO8j30/L1gd6E85x5
1GI5o/YW55QbSg==
-----END CERTIFICATE-----