Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          Z4vgYCIX4/68c7UVVlw2YyWFHhH145xpnujpQmgRKlI=
Subject key identifier:   CB:FB:0D:ED:53:30:10:B0:6B:52:C4:4F:99:FD:D8:23:E4:E7:E8:88
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       01957910BAC1AFD009B4561B07F9B0640CF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          0811
Signing time:             Sun 09 Mar 2025 04:01:34 +0000
Manifest this update:     Sun 09 Mar 2025 04:01:34 +0000
Manifest next update:     Mon 10 Mar 2025 04:01:34 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: Brz8BCZt64RtSTo9KKiGnzBrAaxKolsuf4wrQKtUx5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:10:ba:c1:af:d0:09:b4:56:1b:07:f9:b0:64:0c:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Mar  9 04:01:34 2025 GMT
            Not After : Mar 10 04:01:34 2025 GMT
        Subject: CN=cbfb0ded533010b06b52c44f99fdd823e4e7e888
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:67:85:04:ca:d3:19:42:d7:60:03:a9:06:ad:
                    35:57:09:cc:75:3f:83:b3:8c:2e:3b:e4:d3:0b:0d:
                    cd:aa:30:c3:ea:e1:f8:50:1f:ee:7c:ef:84:f8:f9:
                    6d:73:a6:4a:b5:e0:01:7e:b3:be:08:17:ce:a3:5f:
                    52:4d:7a:1f:a7:c9:17:9d:f6:6d:fe:2d:d7:dc:7e:
                    b7:6a:d6:19:f9:01:b8:75:3d:a7:0d:49:3d:00:5e:
                    a4:af:d1:13:3d:48:5e:f8:b0:85:35:a3:ac:ea:bb:
                    ad:3c:2c:82:03:4c:51:9f:2d:61:a6:fa:49:85:0b:
                    71:77:2e:75:09:b4:0e:de:d6:bc:67:b9:b6:60:8c:
                    b2:94:6b:37:41:f3:a2:1d:bf:50:3d:37:a3:ac:84:
                    bf:d8:77:26:71:33:62:a9:f2:3c:6d:76:6e:40:c0:
                    a1:07:9b:2b:98:51:ed:ee:6b:25:9a:0e:d1:56:fe:
                    3c:be:fc:eb:30:d2:21:56:b8:cd:a7:3e:c2:52:fd:
                    cd:0c:c2:ae:ac:65:89:e0:2a:cc:fb:9f:3a:0a:97:
                    32:35:25:61:5c:e8:56:5d:0c:b0:d2:59:d0:a0:12:
                    55:71:42:e0:94:b0:d5:af:62:f7:f5:af:05:56:fc:
                    51:fa:67:2e:24:2e:2b:01:8a:f6:5b:f5:45:76:b3:
                    5f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:FB:0D:ED:53:30:10:B0:6B:52:C4:4F:99:FD:D8:23:E4:E7:E8:88
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:7a:04:07:68:6c:d0:f9:c9:f1:fb:9c:c1:94:3f:a8:ec:4d:
         a4:5f:fe:c0:f9:6d:54:de:31:ea:77:ac:cf:05:de:36:88:13:
         1c:dc:31:1d:74:3b:f4:2d:76:a3:33:8f:04:90:b6:6a:26:f5:
         2e:4e:41:0c:3c:02:29:37:cb:80:bb:e0:c9:01:13:0b:bf:4d:
         2f:e9:4c:c6:c8:6a:97:71:c5:f5:93:34:06:74:42:79:82:e6:
         dd:d3:2c:9f:4c:f8:6e:28:f1:c9:d9:5b:bc:b8:97:3b:6a:49:
         73:9a:ed:88:27:91:bd:ce:07:f7:f1:05:9f:c6:eb:03:bf:bf:
         67:de:9c:02:01:6f:e0:b1:ae:d4:bf:6f:9e:2d:5b:9d:86:70:
         a1:81:f2:68:59:56:b4:ad:dd:70:12:eb:4e:52:b3:41:f2:36:
         1e:46:e7:0c:b0:9a:22:3a:dd:5b:48:cb:b1:80:2f:7d:db:99:
         8a:7d:9f:a2:8f:29:e2:6c:e1:1c:82:c9:12:9a:1e:e7:1c:67:
         a1:c6:0c:1e:43:82:24:c4:47:e3:ad:6c:fe:85:a4:86:7b:52:
         6e:a1:b1:18:b4:07:c7:c9:09:e6:f7:5f:b5:ac:6d:97:8b:42:
         53:24:8b:78:14:cc:ca:95:50:94:fb:27:a8:42:97:a9:76:97:
         bb:30:aa:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5ELrBr9AJtFYbB/mwZAz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjUwMzA5MDQwMTM0WhcNMjUwMzEwMDQwMTM0WjAzMTEwLwYDVQQD
EyhjYmZiMGRlZDUzMzAxMGIwNmI1MmM0NGY5OWZkZDgyM2U0ZTdlODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WeFBMrTGULXYAOpBq01VwnMdT+D
s4wuO+TTCw3NqjDD6uH4UB/ufO+E+Pltc6ZKteABfrO+CBfOo19STXofp8kXnfZt
/i3X3H63atYZ+QG4dT2nDUk9AF6kr9ETPUhe+LCFNaOs6rutPCyCA0xRny1hpvpJ
hQtxdy51CbQO3ta8Z7m2YIyylGs3QfOiHb9QPTejrIS/2HcmcTNiqfI8bXZuQMCh
B5srmFHt7mslmg7RVv48vvzrMNIhVrjNpz7CUv3NDMKurGWJ4CrM+586CpcyNSVh
XOhWXQyw0lnQoBJVcULglLDVr2L39a8FVvxR+mcuJC4rAYr2W/VFdrNfUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMv7De1TMBCwa1LET5n92CPk5+iIMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlHoEB2hs
0PnJ8fucwZQ/qOxNpF/+wPltVN4x6neszwXeNogTHNwxHXQ79C12ozOPBJC2aib1
Lk5BDDwCKTfLgLvgyQETC79NL+lMxshql3HF9ZM0BnRCeYLm3dMsn0z4bijxydlb
vLiXO2pJc5rtiCeRvc4H9/EFn8brA7+/Z96cAgFv4LGu1L9vni1bnYZwoYHyaFlW
tK3dcBLrTlKzQfI2HkbnDLCaIjrdW0jLsYAvfduZin2foo8p4mzhHILJEpoe5xxn
ocYMHkOCJMRH461s/oWkhntSbqGxGLQHx8kJ5vdftaxtl4tCUySLeBTMypVQlPsn
qEKXqXaXuzCqpg==
-----END CERTIFICATE-----