Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File:                     IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier:          PTKuyXSTlA2qgL1pZKLDOwdYtG25Vci9U90EbmosCnI=
Subject key identifier:   95:E5:13:4B:24:41:CC:F4:EF:B6:3F:0E:26:C8:D6:F7:1B:2D:F8:D5
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer:       /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial:       019655A5DC3811B53AEC928F335BD2FCFF49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number:          14FF
Signing time:             Mon 21 Apr 2025 00:00:55 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:55 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:55 +0000
Files and hashes:         1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
                          2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: QxZBdMfW4loLpj+cavdil6wVeBoNtnYIT4TVY36pfH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:dc:38:11:b5:3a:ec:92:8f:33:5b:d2:fc:ff:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
        Validity
            Not Before: Apr 21 00:00:55 2025 GMT
            Not After : Apr 22 00:00:55 2025 GMT
        Subject: CN=95e5134b2441ccf4efb63f0e26c8d6f71b2df8d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:44:d5:7b:a3:32:0f:02:b3:d5:37:5b:b0:55:
                    7e:85:77:54:ab:20:7e:fa:27:d2:02:2c:25:8a:49:
                    6e:71:09:67:36:5b:ca:58:dd:3a:bd:79:94:10:dd:
                    72:8c:f8:9c:b1:7b:5f:8c:c9:f2:a4:87:72:13:1b:
                    72:3d:f8:54:a1:fe:00:46:3b:c8:88:c8:db:e5:cf:
                    8b:80:39:a8:9a:8a:80:bc:c0:20:5c:08:8b:ef:c2:
                    cc:d1:f0:90:99:06:a9:88:a3:ff:d9:12:c1:88:9a:
                    06:0f:1f:77:b0:3c:67:24:3b:28:9d:df:ae:be:ba:
                    cc:eb:2c:6f:21:8c:c9:f6:c6:20:62:63:b3:f1:f0:
                    66:09:c8:58:7c:a5:7d:d5:76:eb:d5:48:14:00:c9:
                    52:1c:07:b9:e4:e4:d5:c3:58:c9:23:3e:f5:90:07:
                    9e:3a:3c:08:90:98:d3:2c:2f:9d:bd:5c:67:f6:df:
                    a7:5b:07:4c:ee:a0:af:5b:d7:aa:9c:56:f7:01:ef:
                    1a:75:8f:ed:f0:75:c4:17:bc:be:2b:f5:49:fd:7a:
                    e8:2c:22:53:ae:5d:ff:e9:2b:0f:0a:a7:40:42:26:
                    9b:ad:d4:e8:71:43:42:32:f8:27:65:0e:93:88:8b:
                    4b:6a:d2:2c:b4:91:11:4c:83:2e:cd:cf:c5:ca:f3:
                    2c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:E5:13:4B:24:41:CC:F4:EF:B6:3F:0E:26:C8:D6:F7:1B:2D:F8:D5
            X509v3 Authority Key Identifier:
                keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:19:d2:0a:fc:69:5c:7e:06:e0:cb:77:f5:9a:8c:65:41:9f:
         da:c2:85:a1:ee:a1:59:b2:74:bc:e7:ed:9c:49:38:61:cc:b6:
         4e:39:a9:be:73:ce:0c:74:8c:d9:8f:95:62:c5:ae:26:f5:39:
         b9:8a:c8:eb:de:d5:f7:1b:64:4a:83:ee:43:a9:53:34:fb:83:
         b2:b4:bc:3d:1a:7b:77:5e:11:a6:f4:fc:7c:4f:40:6b:89:28:
         c4:f8:71:21:a4:c8:06:25:1b:4b:3f:cf:31:95:24:ea:99:35:
         7f:99:68:88:fc:69:f3:cc:d7:b5:60:a5:eb:08:79:3b:24:14:
         03:b3:1b:55:fa:6d:52:b9:aa:e1:80:e5:2a:be:91:a2:18:55:
         70:75:77:b1:63:fd:04:4a:be:f3:f9:46:d5:75:14:71:5a:f3:
         38:26:22:8e:10:3c:0e:04:4a:20:45:d7:f4:75:3d:62:14:ce:
         2e:fd:c6:18:d9:3e:ad:90:aa:55:d5:36:44:7e:50:2c:47:2e:
         5a:ef:bd:69:c0:f0:87:54:0d:97:ac:0f:a9:55:29:ce:17:db:
         39:d6:dc:b6:a0:03:1b:fe:21:b8:a6:82:78:0d:3f:c1:14:fe:
         cd:ed:56:32:8b:95:7c:ab:98:1b:87:62:29:12:9a:aa:88:e0:
         cb:a8:bb:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpdw4EbU67JKPM1vS/P9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUwNDIxMDAwMDU1WhcNMjUwNDIyMDAwMDU1WjAzMTEwLwYDVQQD
Eyg5NWU1MTM0YjI0NDFjY2Y0ZWZiNjNmMGUyNmM4ZDZmNzFiMmRmOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkTVe6MyDwKz1TdbsFV+hXdUqyB+
+ifSAiwliklucQlnNlvKWN06vXmUEN1yjPicsXtfjMnypIdyExtyPfhUof4ARjvI
iMjb5c+LgDmomoqAvMAgXAiL78LM0fCQmQapiKP/2RLBiJoGDx93sDxnJDsond+u
vrrM6yxvIYzJ9sYgYmOz8fBmCchYfKV91Xbr1UgUAMlSHAe55OTVw1jJIz71kAee
OjwIkJjTLC+dvVxn9t+nWwdM7qCvW9eqnFb3Ae8adY/t8HXEF7y+K/VJ/XroLCJT
rl3/6SsPCqdAQiabrdTocUNCMvgnZQ6TiItLatIstJERTIMuzc/FyvMsGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXlE0skQcz077Y/DibI1vcbLfjVMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAohnSCvxp
XH4G4Mt39ZqMZUGf2sKFoe6hWbJ0vOftnEk4Ycy2TjmpvnPODHSM2Y+VYsWuJvU5
uYrI697V9xtkSoPuQ6lTNPuDsrS8PRp7d14RpvT8fE9Aa4koxPhxIaTIBiUbSz/P
MZUk6pk1f5loiPxp88zXtWCl6wh5OyQUA7MbVfptUrmq4YDlKr6RohhVcHV3sWP9
BEq+8/lG1XUUcVrzOCYijhA8DgRKIEXX9HU9YhTOLv3GGNk+rZCqVdU2RH5QLEcu
Wu+9acDwh1QNl6wPqVUpzhfbOdbctqADG/4huKaCeA0/wRT+ze1WMouVfKuYG4di
KRKaqojgy6i7AA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:34 2025 by rpki-client