Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
File:                     mEL3HQwjZ4gu9HCLIGtLbimjezM.mft (raw, json)
Hash identifier:          +GqyhfPYVd58NlKxQhzgg++cqak1zc6cRyjINhVPrjs=
Subject key identifier:   14:0D:7C:5F:53:4B:E9:2F:81:0E:F5:64:F0:9B:8E:3C:B4:E7:BE:FA
Authority key identifier: 98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33
Certificate issuer:       /CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
Certificate serial:       019757FFEF1CD0402F101E0818F54B7B1CD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
Manifest number:          1219
Signing time:             Tue 10 Jun 2025 04:01:19 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:19 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:19 +0000
Files and hashes:         1: mEL3HQwjZ4gu9HCLIGtLbimjezM.crl (hash: CMSV6IbyaQ4OqqyGrUInsXYpLICPzabqPaVrqxqRsuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:ef:1c:d0:40:2f:10:1e:08:18:f5:4b:7b:1c:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
        Validity
            Not Before: Jun 10 04:01:19 2025 GMT
            Not After : Jun 11 04:01:19 2025 GMT
        Subject: CN=140d7c5f534be92f810ef564f09b8e3cb4e7befa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e5:d9:bd:d7:6b:2d:40:3f:2b:e6:92:c9:69:
                    12:39:e9:90:c6:ac:20:c9:a6:cb:e2:88:32:0b:20:
                    fd:81:27:fa:e4:ea:8b:74:5e:50:f4:b6:27:26:99:
                    1a:32:1e:24:65:8b:9a:b2:07:a9:d7:00:8c:f3:64:
                    e7:16:25:44:d0:4e:4b:fc:5c:62:10:74:5c:61:dc:
                    ae:9c:02:06:46:40:90:c7:18:11:99:87:da:26:f2:
                    67:6e:e4:32:d9:3e:f3:ba:82:cc:64:28:09:be:4a:
                    2d:bb:27:4f:b1:03:ad:b5:76:c7:60:3d:e6:24:ba:
                    01:6a:94:ba:da:d1:36:32:58:35:aa:07:f6:e6:47:
                    5f:cc:1b:89:80:de:99:9b:26:8e:14:43:e7:ee:10:
                    ae:b5:5e:19:5c:88:02:75:41:25:81:b4:be:b4:ec:
                    ab:06:48:10:ff:89:a7:bc:16:9b:c4:1f:f5:b1:cf:
                    d9:18:8a:74:bd:0b:ab:49:53:6a:e6:c0:a1:3d:da:
                    d4:4a:54:a8:d3:ab:e8:16:00:8d:f1:51:8a:8f:73:
                    56:ab:a7:a9:6d:45:df:5b:6d:e8:8a:df:1f:4c:23:
                    f1:fc:76:5e:a7:1f:20:72:27:10:8e:a8:c2:e9:01:
                    c6:e2:07:a1:81:45:32:eb:4c:9a:99:72:98:8b:27:
                    cb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:0D:7C:5F:53:4B:E9:2F:81:0E:F5:64:F0:9B:8E:3C:B4:E7:BE:FA
            X509v3 Authority Key Identifier:
                keyid:98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:cb:2e:42:1d:a7:6a:ce:ec:e8:60:0d:fa:64:c0:08:7b:13:
         57:d4:84:b9:35:9b:92:ce:3e:db:2e:71:dc:e0:23:a1:78:0a:
         b0:fd:a7:fd:a4:86:28:2a:46:75:ef:42:a6:1b:f8:e0:37:a9:
         c9:d1:e8:32:06:87:e7:e3:81:13:5d:e0:96:ba:24:d1:79:17:
         89:1d:05:77:00:65:66:c4:ce:c2:fe:53:c1:08:f9:1c:e5:c8:
         d8:a9:c1:dd:21:48:d5:15:88:9a:70:6f:34:56:04:69:71:da:
         42:25:c6:25:d8:52:6c:6d:a3:11:56:71:b7:72:89:7b:f2:d7:
         da:d8:4b:52:7f:de:27:3e:7f:0e:12:b5:46:2f:f6:79:dc:e7:
         3c:df:7b:6e:b9:8e:66:ff:dd:a7:5e:c5:32:55:96:1e:a1:bb:
         b8:43:88:4e:6c:c8:5b:96:94:99:c6:9b:ac:ca:51:ee:b8:b3:
         65:92:b5:d8:20:20:62:75:ab:27:3e:ce:52:bb:91:cb:2f:22:
         96:d5:dc:5d:40:12:8d:1c:60:2f:02:49:e7:31:26:1f:e6:a4:
         a0:64:81:15:88:f7:ef:1d:e2:e9:da:f6:f7:ce:82:4c:4b:98:
         ff:a4:11:b9:fb:c0:3d:50:e8:ad:cb:30:67:e4:dc:9f:8b:5d:
         63:76:67:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/+8c0EAvEB4IGPVLexzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDJmNzFkMGMyMzY3ODgyZWY0NzA4YjIwNmI0YjZlMjlh
MzdiMzMwHhcNMjUwNjEwMDQwMTE5WhcNMjUwNjExMDQwMTE5WjAzMTEwLwYDVQQD
EygxNDBkN2M1ZjUzNGJlOTJmODEwZWY1NjRmMDliOGUzY2I0ZTdiZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOXZvddrLUA/K+aSyWkSOemQxqwg
yabL4ogyCyD9gSf65OqLdF5Q9LYnJpkaMh4kZYuasgep1wCM82TnFiVE0E5L/Fxi
EHRcYdyunAIGRkCQxxgRmYfaJvJnbuQy2T7zuoLMZCgJvkotuydPsQOttXbHYD3m
JLoBapS62tE2Mlg1qgf25kdfzBuJgN6ZmyaOFEPn7hCutV4ZXIgCdUElgbS+tOyr
BkgQ/4mnvBabxB/1sc/ZGIp0vQurSVNq5sChPdrUSlSo06voFgCN8VGKj3NWq6ep
bUXfW23oit8fTCPx/HZepx8gcicQjqjC6QHG4gehgUUy60yamXKYiyfLPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQNfF9TS+kvgQ71ZPCbjjy05776MB8GA1UdIwQY
MBaAFJhC9x0MI2eILvRwiyBrS24po3szMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUt
N2RhOGRiYWVhOTRhLzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUtN2RhOGRiYWVhOTRh
LzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGcsuQh2n
as7s6GAN+mTACHsTV9SEuTWbks4+2y5x3OAjoXgKsP2n/aSGKCpGde9Cphv44Dep
ydHoMgaH5+OBE13glrok0XkXiR0FdwBlZsTOwv5TwQj5HOXI2KnB3SFI1RWImnBv
NFYEaXHaQiXGJdhSbG2jEVZxt3KJe/LX2thLUn/eJz5/DhK1Ri/2edznPN97brmO
Zv/dp17FMlWWHqG7uEOITmzIW5aUmcabrMpR7rizZZK12CAgYnWrJz7OUruRyy8i
ltXcXUASjRxgLwJJ5zEmH+akoGSBFYj37x3i6dr2986CTEuY/6QRufvAPVDorcsw
Z+Tcn4tdY3ZnYg==
-----END CERTIFICATE-----