Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
File:                     8M0rO57YMSbUXboSAD1sbjWms4A.mft (raw, json)
Hash identifier:          MmmoBVP1okm/yZ2G3YXbw1107POYAfJ7pvIeUe2o/ZU=
Subject key identifier:   5C:E9:94:BA:2D:E1:A7:44:1A:38:21:9B:3B:D7:7B:1F:29:88:D9:CF
Authority key identifier: F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80
Certificate issuer:       /CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
Certificate serial:       019656818FC1A927F052CAD2FFC45BC8F59C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
Manifest number:          1225
Signing time:             Mon 21 Apr 2025 04:00:53 +0000
Manifest this update:     Mon 21 Apr 2025 04:00:53 +0000
Manifest next update:     Tue 22 Apr 2025 04:00:53 +0000
Files and hashes:         1: 8M0rO57YMSbUXboSAD1sbjWms4A.crl (hash: 1hLpgQutuZkbqQyz48VQ+oIIWG7ZYV0wjddkrRkBsQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:81:8f:c1:a9:27:f0:52:ca:d2:ff:c4:5b:c8:f5:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
        Validity
            Not Before: Apr 21 04:00:53 2025 GMT
            Not After : Apr 22 04:00:53 2025 GMT
        Subject: CN=5ce994ba2de1a7441a38219b3bd77b1f2988d9cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:0f:a5:e8:9a:57:3a:83:05:3b:02:8c:86:50:
                    fc:78:97:8c:40:57:81:24:06:eb:3c:29:db:af:57:
                    ab:83:8b:f6:de:62:c5:65:c9:13:2c:f8:68:4a:1b:
                    b9:8c:f6:75:a5:fe:60:64:81:27:7a:c2:60:88:dc:
                    3e:d9:dc:95:21:85:7e:cc:ec:2f:da:63:8f:ff:fb:
                    b1:86:07:d6:82:53:13:de:e5:46:19:c5:82:ee:31:
                    fd:72:5d:cd:3f:ae:6a:e5:1d:bb:ad:46:f3:33:74:
                    1a:68:d2:2e:ac:7c:8a:cb:4e:60:37:8e:96:8c:4b:
                    db:84:22:27:c1:4b:a4:ae:37:a4:81:40:57:cf:2d:
                    a4:3c:ba:ab:8a:a9:02:5e:b2:c2:eb:80:af:28:00:
                    a1:50:2f:2f:8e:1a:ff:b8:9a:9e:5c:d6:a1:be:c9:
                    bb:65:38:8d:45:dc:61:84:81:30:aa:8e:bb:04:87:
                    87:8c:11:37:b8:f0:c0:e3:a0:24:20:f4:8c:e9:d0:
                    20:0e:76:67:9a:22:6c:1d:71:ef:79:6a:43:3f:20:
                    44:09:8f:4a:24:85:89:c3:6f:c9:b4:24:9e:42:1f:
                    c1:56:39:7d:4b:fa:5f:2c:fb:dd:b2:ef:7e:d5:77:
                    bc:a4:db:a2:bc:f2:b5:03:3d:b1:d3:89:b7:eb:50:
                    4e:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E9:94:BA:2D:E1:A7:44:1A:38:21:9B:3B:D7:7B:1F:29:88:D9:CF
            X509v3 Authority Key Identifier:
                keyid:F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:52:90:26:6f:e7:f6:91:e2:ee:0d:10:87:66:3f:c1:9f:0e:
         a4:d3:ca:97:d3:ee:49:06:42:d3:8b:43:80:2f:13:5e:40:43:
         ec:67:12:99:10:98:44:1b:67:b3:73:f2:36:7f:c4:2e:e8:20:
         3c:99:3c:50:e5:dc:ff:58:0e:6b:ac:ca:0c:da:bd:85:d8:14:
         42:c1:02:99:a2:f2:8a:0d:a1:a1:c7:f8:6a:b5:ec:62:05:1f:
         6e:1d:86:d2:c7:e8:1f:ca:3d:e5:fc:4a:81:fc:5b:ad:89:36:
         f3:85:07:56:01:f4:b9:28:15:85:d2:6a:ea:69:85:e5:73:e9:
         7f:08:6e:b9:70:2f:85:5e:e7:5a:b2:fe:c0:4c:69:33:04:26:
         75:a9:78:1b:88:88:fd:79:b1:16:25:33:9d:ad:bb:3b:bb:84:
         8d:48:a4:c1:6a:fe:e8:0a:6e:37:6c:db:4c:df:6f:64:51:e8:
         99:0c:11:27:73:7f:83:b7:fa:9e:59:36:58:99:49:7b:ea:38:
         a3:9d:f7:d3:9d:10:c3:b5:f6:3d:79:ae:68:99:69:00:2d:2e:
         84:2c:e0:2b:79:e5:e7:49:05:a0:c3:ae:cc:11:bd:39:db:41:
         6c:74:f4:09:47:e0:92:2d:75:5c:2a:d0:78:7c:73:da:44:fe:
         57:68:97:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgY/BqSfwUsrS/8RbyPWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2QyYjNiOWVkODMxMjZkNDVkYmExMjAwM2Q2YzZlMzVh
NmIzODAwHhcNMjUwNDIxMDQwMDUzWhcNMjUwNDIyMDQwMDUzWjAzMTEwLwYDVQQD
Eyg1Y2U5OTRiYTJkZTFhNzQ0MWEzODIxOWIzYmQ3N2IxZjI5ODhkOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+l6JpXOoMFOwKMhlD8eJeMQFeB
JAbrPCnbr1erg4v23mLFZckTLPhoShu5jPZ1pf5gZIEnesJgiNw+2dyVIYV+zOwv
2mOP//uxhgfWglMT3uVGGcWC7jH9cl3NP65q5R27rUbzM3QaaNIurHyKy05gN46W
jEvbhCInwUukrjekgUBXzy2kPLqriqkCXrLC64CvKAChUC8vjhr/uJqeXNahvsm7
ZTiNRdxhhIEwqo67BIeHjBE3uPDA46AkIPSM6dAgDnZnmiJsHXHveWpDPyBECY9K
JIWJw2/JtCSeQh/BVjl9S/pfLPvdsu9+1Xe8pNuivPK1Az2x04m361BO2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzplLot4adEGjghmzvXex8piNnPMB8GA1UdIwQY
MBaAFPDNKzue2DEm1F26EgA9bG41prOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQt
N2M5ZTEwNTE3YzI1LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQtN2M5ZTEwNTE3YzI1
LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF1KQJm/n
9pHi7g0Qh2Y/wZ8OpNPKl9PuSQZC04tDgC8TXkBD7GcSmRCYRBtns3PyNn/ELugg
PJk8UOXc/1gOa6zKDNq9hdgUQsECmaLyig2hocf4arXsYgUfbh2G0sfoH8o95fxK
gfxbrYk284UHVgH0uSgVhdJq6mmF5XPpfwhuuXAvhV7nWrL+wExpMwQmdal4G4iI
/XmxFiUzna27O7uEjUikwWr+6ApuN2zbTN9vZFHomQwRJ3N/g7f6nlk2WJlJe+o4
o533050Qw7X2PXmuaJlpAC0uhCzgK3nl50kFoMOuzBG9OdtBbHT0CUfgki11XCrQ
eHxz2kT+V2iXXg==
-----END CERTIFICATE-----