Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          jjqhJ96arjgQHWMgpvlcdgjkUIWST2T9h0DYr5fanN8=
Subject key identifier:   FC:1F:2B:FE:70:19:EB:45:3C:57:29:7E:98:A2:1A:83:25:04:13:4D
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       01976961A9B21BA49C097EED4EA16329D97F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          11E0
Signing time:             Fri 13 Jun 2025 13:01:37 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:37 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:37 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: D6hLB2sURiZEjwK8a9iN8t7rq8hsgrdYfX/nJQiLdvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:a9:b2:1b:a4:9c:09:7e:ed:4e:a1:63:29:d9:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Jun 13 13:01:37 2025 GMT
            Not After : Jun 14 13:01:37 2025 GMT
        Subject: CN=fc1f2bfe7019eb453c57297e98a21a832504134d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:75:50:1e:b8:e2:5e:7b:83:67:93:89:4f:e9:
                    9e:bc:d2:bd:ae:99:b0:87:6d:08:48:c3:35:f5:00:
                    08:c3:13:8f:d8:bd:8d:aa:6b:1c:5e:f7:db:c1:80:
                    23:ad:aa:40:d3:55:23:6b:2d:d5:79:57:30:f7:2e:
                    23:06:cc:ac:17:9a:26:3a:b4:bf:8e:fe:6f:b5:a4:
                    d1:ab:03:15:93:65:d8:1e:91:6a:98:42:c1:f8:45:
                    c1:52:42:55:7e:7c:c5:71:db:f1:d5:2a:7a:2b:98:
                    33:54:dc:de:a0:02:c1:99:02:0f:c2:dc:d7:9b:85:
                    8e:13:17:8d:09:56:34:79:97:e7:05:03:2b:b3:51:
                    75:6c:d1:da:24:a3:bf:ef:3c:94:c4:50:0b:f0:48:
                    49:eb:00:90:1e:6b:68:5f:89:a8:87:20:30:d1:78:
                    d1:e3:97:a5:c4:bf:3a:eb:c5:da:2a:92:6f:55:eb:
                    3e:f7:07:66:9a:e9:c0:85:96:79:f2:38:af:da:da:
                    6d:52:7e:f8:ff:73:43:8e:a8:da:9d:66:66:e3:5a:
                    2e:f0:cb:77:0c:2b:a4:de:97:01:d6:ee:51:2f:8c:
                    42:b4:ce:cb:09:6a:56:d8:f7:33:6e:cb:75:41:47:
                    34:60:85:6c:4c:f6:b5:eb:91:e1:9c:db:f3:07:af:
                    9c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:1F:2B:FE:70:19:EB:45:3C:57:29:7E:98:A2:1A:83:25:04:13:4D
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:5b:2a:b0:39:5d:27:ad:31:9e:5a:1c:79:1a:e7:40:3f:e8:
         af:a3:23:9c:92:41:cc:2e:0c:14:9a:c1:e0:1b:89:67:17:1a:
         3a:9c:31:e4:9b:ec:d3:a1:f3:80:96:bb:87:ab:b9:49:34:60:
         c0:72:85:8b:64:11:26:68:e6:ee:fc:bc:68:a8:54:48:5e:c6:
         a6:21:dc:34:55:44:b5:4c:fd:b4:9d:55:22:6d:7b:dc:88:c4:
         3a:58:90:dd:63:91:0a:7a:ed:35:2b:0d:7f:bc:9f:ee:16:3e:
         99:8f:ff:96:fb:5e:a8:82:51:9f:65:db:44:71:b3:91:dd:a0:
         5c:78:ca:eb:b7:20:1e:f9:5a:f2:73:5c:dc:d8:1e:4d:c4:64:
         e4:3a:68:42:ea:a5:8c:8a:0a:be:2a:54:30:87:d5:3c:07:95:
         c2:d7:9f:2f:d2:25:74:d3:d5:9a:df:12:d8:99:0f:7c:91:37:
         13:f1:fc:0e:33:07:32:cb:ae:29:98:f5:7c:81:09:97:bf:b3:
         ac:9e:9c:52:fd:d7:fe:19:46:35:8a:81:18:a1:09:b8:70:22:
         4b:48:7e:0b:0d:26:cc:16:4b:43:de:05:db:ef:be:20:d4:24:
         d4:3d:a3:5a:ba:ae:6f:1b:93:cb:58:c2:e7:60:c9:2a:64:7d:
         79:a6:1e:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYamyG6ScCX7tTqFjKdl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjUwNjEzMTMwMTM3WhcNMjUwNjE0MTMwMTM3WjAzMTEwLwYDVQQD
EyhmYzFmMmJmZTcwMTllYjQ1M2M1NzI5N2U5OGEyMWE4MzI1MDQxMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XVQHrjiXnuDZ5OJT+mevNK9rpmw
h20ISMM19QAIwxOP2L2NqmscXvfbwYAjrapA01Ujay3VeVcw9y4jBsysF5omOrS/
jv5vtaTRqwMVk2XYHpFqmELB+EXBUkJVfnzFcdvx1Sp6K5gzVNzeoALBmQIPwtzX
m4WOExeNCVY0eZfnBQMrs1F1bNHaJKO/7zyUxFAL8EhJ6wCQHmtoX4mohyAw0XjR
45elxL8668XaKpJvVes+9wdmmunAhZZ58jiv2tptUn74/3NDjqjanWZm41ou8Mt3
DCuk3pcB1u5RL4xCtM7LCWpW2Pczbst1QUc0YIVsTPa165HhnNvzB6+cRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwfK/5wGetFPFcpfpiiGoMlBBNNMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1sqsDld
J60xnloceRrnQD/or6MjnJJBzC4MFJrB4BuJZxcaOpwx5Jvs06HzgJa7h6u5STRg
wHKFi2QRJmjm7vy8aKhUSF7GpiHcNFVEtUz9tJ1VIm173IjEOliQ3WORCnrtNSsN
f7yf7hY+mY//lvteqIJRn2XbRHGzkd2gXHjK67cgHvla8nNc3NgeTcRk5DpoQuql
jIoKvipUMIfVPAeVwtefL9IldNPVmt8S2JkPfJE3E/H8DjMHMsuuKZj1fIEJl7+z
rJ6cUv3X/hlGNYqBGKEJuHAiS0h+Cw0mzBZLQ94F2+++INQk1D2jWrqubxuTy1jC
52DJKmR9eaYeEg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:16:35 2025 by rpki-client