Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          iTmd8sJm/7dkfcrg0RL2ObZsHGybm5hnX7D2c9be6Rs=
Subject key identifier:   58:58:3B:AF:DC:6C:71:06:05:F0:EA:34:27:49:9C:09:4C:F0:48:C5
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       0196515B41E2CFDBAE10B308FB11A2017362
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          082E
Signing time:             Sun 20 Apr 2025 04:00:57 +0000
Manifest this update:     Sun 20 Apr 2025 04:00:57 +0000
Manifest next update:     Mon 21 Apr 2025 04:00:57 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: WzU0ll6Rks6FIZr0Rfs5xu3DKQl17uP7fsF217/qvCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:41:e2:cf:db:ae:10:b3:08:fb:11:a2:01:73:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Apr 20 04:00:57 2025 GMT
            Not After : Apr 21 04:00:57 2025 GMT
        Subject: CN=58583bafdc6c710605f0ea3427499c094cf048c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a9:ab:c1:12:05:c4:19:01:c7:31:5b:57:29:
                    94:77:f4:9d:32:06:f8:94:37:d0:92:8e:79:49:28:
                    c4:7e:04:dd:d6:cf:a2:0b:36:e2:48:d9:d9:e8:ac:
                    aa:27:59:ec:93:48:dc:fb:41:48:07:e1:22:ab:44:
                    65:69:4a:e3:07:65:4a:00:62:16:30:90:ae:96:a9:
                    09:70:c1:df:f1:1e:8c:53:63:90:c0:3a:9b:26:96:
                    d0:1c:27:29:b5:ef:4f:db:0b:2d:87:2b:95:88:ef:
                    27:59:f6:e0:9b:7c:78:b1:bc:1a:bd:f8:c3:50:8a:
                    af:74:72:d2:de:cb:61:a7:db:cb:29:0e:e2:4e:7c:
                    e8:33:ce:a5:d3:e7:4a:b5:3c:97:64:3a:1b:93:d4:
                    54:93:04:ff:ff:19:ef:0b:14:22:01:a8:3f:c8:8d:
                    c0:fa:ec:7b:eb:9e:cf:bf:7a:50:67:cd:08:e5:ac:
                    8f:04:00:55:39:d0:84:1a:eb:27:fa:95:0b:98:59:
                    68:f7:8c:f2:ba:15:1f:08:d3:ab:ac:cd:d6:67:09:
                    53:0a:2f:cb:8e:63:28:e9:b2:a0:3f:19:16:56:28:
                    8b:10:f3:89:6c:36:70:0a:80:e7:0c:a6:f3:6b:be:
                    a2:32:df:7e:2b:1c:3c:42:da:0a:f7:e4:57:e6:74:
                    35:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:58:3B:AF:DC:6C:71:06:05:F0:EA:34:27:49:9C:09:4C:F0:48:C5
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:ed:f2:a1:73:22:26:92:23:95:66:3f:61:2b:82:e4:c7:d0:
         79:4b:06:48:c5:19:82:7b:4f:03:9f:0f:26:5c:da:19:e1:60:
         65:6a:ff:08:25:fe:d4:69:0c:64:89:e7:47:a1:2c:a2:97:44:
         96:11:b2:84:02:b6:fe:0b:f3:30:7a:f0:94:98:44:7a:21:56:
         6b:36:f7:bb:1d:27:b6:b2:e5:41:88:1f:b7:df:d2:97:71:93:
         bb:c0:a6:d4:6b:1b:db:93:0e:dc:03:01:1a:d2:1b:21:6e:56:
         11:8c:e2:eb:4b:89:87:76:85:af:5f:6d:52:29:0c:78:31:15:
         a6:36:ce:fe:06:df:42:26:ed:7f:43:56:4f:a6:a9:17:72:ca:
         59:15:85:c4:a7:ba:ab:03:30:1f:53:4b:b2:71:b8:6c:d0:89:
         b3:5e:c0:10:4a:60:17:92:46:ee:4a:d9:00:7c:df:c8:2a:3f:
         28:76:68:4f:be:e6:6a:96:2a:3e:05:37:6a:42:e9:c9:ec:45:
         86:02:df:ef:05:cf:e0:f1:34:88:48:12:a2:24:1f:c5:b7:1b:
         2c:50:66:12:fe:51:f5:71:7b:b6:6f:dd:74:1b:65:4b:fd:d6:
         cf:9d:64:39:02:db:00:7c:0e:35:29:f8:d0:35:d3:5f:6e:b8:
         32:93:c5:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW0Hiz9uuELMI+xGiAXNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwNDIwMDQwMDU3WhcNMjUwNDIxMDQwMDU3WjAzMTEwLwYDVQQD
Eyg1ODU4M2JhZmRjNmM3MTA2MDVmMGVhMzQyNzQ5OWMwOTRjZjA0OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqmrwRIFxBkBxzFbVymUd/SdMgb4
lDfQko55SSjEfgTd1s+iCzbiSNnZ6KyqJ1nsk0jc+0FIB+Eiq0RlaUrjB2VKAGIW
MJCulqkJcMHf8R6MU2OQwDqbJpbQHCcpte9P2wsthyuViO8nWfbgm3x4sbwavfjD
UIqvdHLS3sthp9vLKQ7iTnzoM86l0+dKtTyXZDobk9RUkwT//xnvCxQiAag/yI3A
+ux7657Pv3pQZ80I5ayPBABVOdCEGusn+pULmFlo94zyuhUfCNOrrM3WZwlTCi/L
jmMo6bKgPxkWViiLEPOJbDZwCoDnDKbza76iMt9+Kxw8QtoK9+RX5nQ1DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhYO6/cbHEGBfDqNCdJnAlM8EjFMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+3yoXMi
JpIjlWY/YSuC5MfQeUsGSMUZgntPA58PJlzaGeFgZWr/CCX+1GkMZInnR6EsopdE
lhGyhAK2/gvzMHrwlJhEeiFWazb3ux0ntrLlQYgft9/Sl3GTu8Cm1Gsb25MO3AMB
GtIbIW5WEYzi60uJh3aFr19tUikMeDEVpjbO/gbfQibtf0NWT6apF3LKWRWFxKe6
qwMwH1NLsnG4bNCJs17AEEpgF5JG7krZAHzfyCo/KHZoT77mapYqPgU3akLpyexF
hgLf7wXP4PE0iEgSoiQfxbcbLFBmEv5R9XF7tm/ddBtlS/3Wz51kOQLbAHwONSn4
0DXTX264MpPFeA==
-----END CERTIFICATE-----