Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
File:                     Sqk04w2mkOdRcTO30hJjJlWnS4c.mft (raw, json)
Hash identifier:          2a3mmmmCUW4klTiXsxtZgEZFkr/QuH2DUM7boF+UPUI=
Subject key identifier:   C3:2B:74:C9:C0:CF:60:DA:AF:36:FB:73:39:94:FC:22:60:29:B0:B3
Authority key identifier: 4A:A9:34:E3:0D:A6:90:E7:51:71:33:B7:D2:12:63:26:55:A7:4B:87
Certificate issuer:       /CN=4aa934e30da690e7517133b7d212632655a74b87
Certificate serial:       0196515B8F4FBD35533CBBE34029228EF32D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
Manifest number:          0DF8
Signing time:             Sun 20 Apr 2025 04:01:17 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:17 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:17 +0000
Files and hashes:         1: Sqk04w2mkOdRcTO30hJjJlWnS4c.crl (hash: +4uZNtcfXR32Hfh+Gbnlay6hltBzAujxSygCsHARr9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:8f:4f:bd:35:53:3c:bb:e3:40:29:22:8e:f3:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aa934e30da690e7517133b7d212632655a74b87
        Validity
            Not Before: Apr 20 04:01:17 2025 GMT
            Not After : Apr 21 04:01:17 2025 GMT
        Subject: CN=c32b74c9c0cf60daaf36fb733994fc226029b0b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d2:af:ca:1c:72:33:27:a4:9e:8c:55:75:82:
                    63:f8:f7:5f:8c:61:e7:c5:4f:07:cc:6d:2c:97:01:
                    e2:e9:80:2c:32:12:68:5a:f0:19:ba:ec:ba:87:5f:
                    ba:34:65:87:d4:a2:77:d9:78:c5:1b:f5:c7:64:e5:
                    a3:88:05:ea:8e:60:ab:93:d7:6e:7b:1a:e9:ec:7b:
                    c4:60:75:e9:62:29:a7:c1:a5:7c:79:73:6c:e0:74:
                    3b:3a:8c:26:cf:93:20:2f:18:98:66:50:5b:64:3b:
                    2a:6f:90:32:17:04:96:f2:94:e2:4e:ee:74:d9:20:
                    3f:5e:c8:dc:79:e5:21:d7:08:9b:5a:f8:87:8b:f9:
                    25:d4:21:7d:dd:08:8e:7c:4f:8c:7a:0f:c6:0d:e1:
                    72:eb:4d:0a:6f:cb:98:ce:13:54:73:d9:b7:a6:d6:
                    b0:43:b2:98:04:25:37:e3:8a:51:c0:a0:ce:28:f6:
                    da:79:77:4d:b6:2f:4a:94:09:43:f6:99:a3:04:87:
                    7c:cb:c7:4c:d0:f7:b6:3a:32:86:17:7a:72:a7:e1:
                    3e:05:4c:f0:1e:f6:2e:c5:1a:f1:8c:53:08:cf:2c:
                    31:66:a2:61:4b:96:a8:fa:77:cf:02:d7:27:b1:a4:
                    29:47:49:88:a0:8a:bc:4f:7e:25:51:74:6a:0c:0c:
                    8d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2B:74:C9:C0:CF:60:DA:AF:36:FB:73:39:94:FC:22:60:29:B0:B3
            X509v3 Authority Key Identifier:
                keyid:4A:A9:34:E3:0D:A6:90:E7:51:71:33:B7:D2:12:63:26:55:A7:4B:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:dc:e0:dd:a3:87:d9:1b:55:4f:51:a7:85:e3:f5:8f:6c:0d:
         e8:7d:b4:ce:d4:2c:12:c9:fd:cd:0f:ae:a9:a7:b4:83:ed:5c:
         2f:a9:57:54:b9:d6:0b:22:4d:a9:9f:3a:ed:39:49:c6:51:2c:
         12:7a:ab:a5:79:94:18:e5:a4:04:68:8b:9e:47:7f:b6:69:0f:
         f5:1b:f3:d5:d7:55:c6:d7:3c:65:c3:5e:8e:7d:cf:7f:ad:a5:
         d4:16:9e:d4:42:f9:c7:ee:2f:f1:38:e9:82:15:b9:c8:ba:99:
         18:1a:52:91:26:b0:ed:f0:2e:47:40:b2:df:82:a5:fe:1a:38:
         18:54:2e:59:3b:b6:4d:f5:7d:57:5e:74:23:f2:94:30:ae:cf:
         57:85:f2:b8:58:c1:f5:3f:47:00:9a:88:fa:c6:b5:0e:99:9b:
         64:57:03:38:bc:6c:6b:63:92:b6:74:7a:33:0f:73:a5:b3:80:
         9b:e1:8f:28:f1:a6:d5:31:10:bd:9d:47:29:47:8f:36:ab:27:
         ed:cb:6c:19:c3:ee:da:f5:59:5c:c9:8e:87:f9:a2:59:5a:60:
         ad:80:27:cc:01:48:55:40:f7:66:44:dd:2d:8f:96:b3:cd:7b:
         be:20:47:3f:95:e7:22:ee:80:9d:07:00:99:b1:fd:a6:b9:d3:
         84:02:d8:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW49PvTVTPLvjQCkijvMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYTkzNGUzMGRhNjkwZTc1MTcxMzNiN2QyMTI2MzI2NTVh
NzRiODcwHhcNMjUwNDIwMDQwMTE3WhcNMjUwNDIxMDQwMTE3WjAzMTEwLwYDVQQD
EyhjMzJiNzRjOWMwY2Y2MGRhYWYzNmZiNzMzOTk0ZmMyMjYwMjliMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9KvyhxyMyeknoxVdYJj+PdfjGHn
xU8HzG0slwHi6YAsMhJoWvAZuuy6h1+6NGWH1KJ32XjFG/XHZOWjiAXqjmCrk9du
exrp7HvEYHXpYimnwaV8eXNs4HQ7Oowmz5MgLxiYZlBbZDsqb5AyFwSW8pTiTu50
2SA/XsjceeUh1wibWviHi/kl1CF93QiOfE+Meg/GDeFy600Kb8uYzhNUc9m3ptaw
Q7KYBCU344pRwKDOKPbaeXdNti9KlAlD9pmjBId8y8dM0Pe2OjKGF3pyp+E+BUzw
HvYuxRrxjFMIzywxZqJhS5ao+nfPAtcnsaQpR0mIoIq8T34lUXRqDAyNdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMrdMnAz2Darzb7czmU/CJgKbCzMB8GA1UdIwQY
MBaAFEqpNOMNppDnUXEzt9ISYyZVp0uHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYTQ3ZjMtMTE3Mi00MDAxLTg3Yzgt
Yjk5Y2RmOTc1ZWI2LzEvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYTQ3ZjMtMTE3Mi00MDAxLTg3YzgtYjk5Y2RmOTc1ZWI2
LzEvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuNzg3aOH
2RtVT1GnheP1j2wN6H20ztQsEsn9zQ+uqae0g+1cL6lXVLnWCyJNqZ867TlJxlEs
EnqrpXmUGOWkBGiLnkd/tmkP9Rvz1ddVxtc8ZcNejn3Pf62l1Bae1EL5x+4v8Tjp
ghW5yLqZGBpSkSaw7fAuR0Cy34Kl/ho4GFQuWTu2TfV9V150I/KUMK7PV4XyuFjB
9T9HAJqI+sa1DpmbZFcDOLxsa2OStnR6Mw9zpbOAm+GPKPGm1TEQvZ1HKUePNqsn
7ctsGcPu2vVZXMmOh/miWVpgrYAnzAFIVUD3ZkTdLY+Ws817viBHP5XnIu6AnQcA
mbH9prnThALYWA==
-----END CERTIFICATE-----