Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
File:                     4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft (raw, json)
Hash identifier:          uETCmsdFZF4aJi/zCJ5m3Rs2a+DOl9MoJO87J2c9bV8=
Subject key identifier:   39:6F:02:10:31:13:68:AE:BF:4A:43:43:E8:A2:EA:76:EA:43:2A:2E
Authority key identifier: E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C
Certificate issuer:       /CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
Certificate serial:       0197469EA2B2D4F667124B66D5387D480A3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
Manifest number:          1320
Signing time:             Fri 06 Jun 2025 19:01:30 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:30 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:30 +0000
Files and hashes:         1: 4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl (hash: iiN8O7x0e/+Deq3t17O1rdnSKXFhfyZn+ezqbG0mUpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:a2:b2:d4:f6:67:12:4b:66:d5:38:7d:48:0a:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
        Validity
            Not Before: Jun  6 19:01:30 2025 GMT
            Not After : Jun  7 19:01:30 2025 GMT
        Subject: CN=396f0210311368aebf4a4343e8a2ea76ea432a2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4f:67:59:50:d5:51:dc:50:e7:a2:1b:e4:2f:
                    85:73:8f:11:54:f5:eb:7b:f3:7e:e1:51:65:bf:04:
                    cc:5d:27:c1:03:42:ec:1e:ed:50:5d:7e:e5:b8:32:
                    f2:79:dc:46:8b:d9:2c:42:91:da:03:51:3a:32:a7:
                    a2:94:80:43:39:95:bf:7d:79:96:a8:f0:c6:e9:9d:
                    36:ec:0a:5d:eb:95:6c:bf:a1:2b:10:d8:f8:9b:16:
                    f0:0a:4d:2e:21:03:86:62:71:39:ee:89:76:e2:9f:
                    f7:5f:f0:77:7e:89:04:18:af:7d:1e:b8:3d:83:66:
                    9e:d9:a6:1b:3c:5a:61:25:a9:45:03:01:91:79:34:
                    fd:ff:3d:9e:99:d6:5d:79:bd:4d:1f:89:0a:01:e2:
                    f0:af:7d:d1:1c:22:39:14:7f:73:92:f8:88:b3:3c:
                    9a:92:d7:04:fe:2c:ba:17:72:de:ff:a1:dd:ee:bc:
                    d6:16:ca:71:ba:ea:a9:98:cf:be:62:70:1f:c1:cf:
                    d2:73:9e:7f:ef:90:0a:bc:57:63:c7:ee:cf:5d:f7:
                    e1:b5:c2:5f:a6:83:4d:03:38:21:02:75:3d:ae:fd:
                    85:f5:a9:1b:7d:47:24:14:97:7b:0d:5f:5a:dd:cf:
                    eb:8f:a0:84:7c:1e:b0:e4:81:3c:6e:f4:0c:e4:b5:
                    5c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:6F:02:10:31:13:68:AE:BF:4A:43:43:E8:A2:EA:76:EA:43:2A:2E
            X509v3 Authority Key Identifier:
                keyid:E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:b1:b1:4b:d2:c2:0c:db:1b:35:9e:f8:41:0c:94:2d:6d:22:
         88:27:b0:f9:b7:0a:25:a8:de:89:87:8f:ff:a6:eb:6a:29:3c:
         1e:4b:85:fd:45:7e:50:64:b6:a7:fa:63:83:fb:80:e5:77:94:
         ec:83:86:43:f4:be:07:6f:2c:4b:ef:32:72:e4:eb:54:ee:e2:
         b2:85:d4:2c:5c:68:d0:77:5a:ba:d6:ea:ef:dc:b6:17:da:f2:
         a8:aa:49:d8:fc:74:fc:2c:20:9e:17:db:c9:4d:a3:ba:c5:97:
         3c:14:59:6e:42:28:bd:eb:58:3a:01:18:54:2b:37:7d:9b:61:
         23:bc:b5:b4:a6:bb:3b:6e:77:35:fb:9e:0a:19:f3:07:c0:12:
         b9:e6:80:9e:76:ff:11:38:36:90:38:9f:aa:e1:81:4b:22:20:
         5e:97:61:da:54:dc:0b:99:89:b6:87:a4:bf:32:d0:cf:ba:92:
         49:e9:08:1a:dd:70:e2:5e:82:70:4b:0f:57:4b:d0:d0:5c:52:
         4e:63:f9:de:38:bc:41:66:55:64:50:2e:ae:05:47:bb:56:9a:
         67:54:ec:48:af:6a:18:13:2f:27:01:97:96:26:fb:c7:db:e4:
         fb:5a:25:cf:86:c2:a3:96:e1:98:ea:1b:d8:60:8c:0a:f5:64:
         c7:26:75:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnqKy1PZnEktm1Th9SAo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWQxYjUwMzc3ZDdjMDc1YzY0ZDAwOWY0MGEzMGZlNzI5
MDY4N2MwHhcNMjUwNjA2MTkwMTMwWhcNMjUwNjA3MTkwMTMwWjAzMTEwLwYDVQQD
EygzOTZmMDIxMDMxMTM2OGFlYmY0YTQzNDNlOGEyZWE3NmVhNDMyYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk9nWVDVUdxQ56Ib5C+Fc48RVPXr
e/N+4VFlvwTMXSfBA0LsHu1QXX7luDLyedxGi9ksQpHaA1E6MqeilIBDOZW/fXmW
qPDG6Z027Apd65Vsv6ErENj4mxbwCk0uIQOGYnE57ol24p/3X/B3fokEGK99Hrg9
g2ae2aYbPFphJalFAwGReTT9/z2emdZdeb1NH4kKAeLwr33RHCI5FH9zkviIszya
ktcE/iy6F3Le/6Hd7rzWFspxuuqpmM++YnAfwc/Sc55/75AKvFdjx+7PXffhtcJf
poNNAzghAnU9rv2F9akbfUckFJd7DV9a3c/rj6CEfB6w5IE8bvQM5LVcrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlvAhAxE2iuv0pDQ+ii6nbqQyouMB8GA1UdIwQY
MBaAFOKtG1A3fXwHXGTQCfQKMP5ykGh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUt
NzNmMWFiNWNhZTk2LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUtNzNmMWFiNWNhZTk2
LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7GxS9LC
DNsbNZ74QQyULW0iiCew+bcKJajeiYeP/6braik8HkuF/UV+UGS2p/pjg/uA5XeU
7IOGQ/S+B28sS+8ycuTrVO7isoXULFxo0Hdautbq79y2F9ryqKpJ2Px0/Cwgnhfb
yU2jusWXPBRZbkIovetYOgEYVCs3fZthI7y1tKa7O253NfueChnzB8ASueaAnnb/
ETg2kDifquGBSyIgXpdh2lTcC5mJtoekvzLQz7qSSekIGt1w4l6CcEsPV0vQ0FxS
TmP53ji8QWZVZFAurgVHu1aaZ1TsSK9qGBMvJwGXlib7x9vk+1olz4bCo5bhmOob
2GCMCvVkxyZ1Cg==
-----END CERTIFICATE-----