Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
File:                     U3XfISulmO4KW_aAsh9QxPx9aOE.mft (raw, json)
Hash identifier:          Jfn7eQKzejMgGFvt8eznQ4ZUoomGRMhxKLzBS7kCwZA=
Subject key identifier:   B6:80:D9:56:10:8A:63:BC:5D:19:7D:FD:7B:5C:8D:4F:42:8C:50:6A
Authority key identifier: 53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1
Certificate issuer:       /CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
Certificate serial:       0196BDEEBFA6A79FC468ED97076B5072C376
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
Manifest number:          0CCE
Signing time:             Sun 11 May 2025 06:01:02 +0000
Manifest this update:     Sun 11 May 2025 06:01:02 +0000
Manifest next update:     Mon 12 May 2025 06:01:02 +0000
Files and hashes:         1: U3XfISulmO4KW_aAsh9QxPx9aOE.crl (hash: nGoYsDNfVLFFtlCju6xZ5CMl8IIPIfZ7C/Me1GGNb/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:bf:a6:a7:9f:c4:68:ed:97:07:6b:50:72:c3:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
        Validity
            Not Before: May 11 06:01:02 2025 GMT
            Not After : May 12 06:01:02 2025 GMT
        Subject: CN=b680d956108a63bc5d197dfd7b5c8d4f428c506a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:4c:1a:a0:e1:0d:63:ae:14:0a:f8:22:b9:7f:
                    ba:ad:13:e0:aa:fe:18:3a:bd:9c:74:f0:fd:cf:8b:
                    e3:a7:12:2c:a8:2b:e0:bc:0a:bf:cd:e1:16:29:ce:
                    61:de:82:c6:d0:cb:64:b0:db:7c:f5:1f:73:8a:bb:
                    2a:26:c4:ab:7f:03:0a:1d:e9:74:41:13:0e:d8:d0:
                    5d:c0:8f:05:95:7a:38:d7:3f:af:da:af:e2:d2:99:
                    cc:11:66:4b:eb:af:1f:f1:39:65:30:1b:d5:63:84:
                    e7:c9:58:6b:b1:33:0f:8c:bc:2b:7d:b9:e3:6f:63:
                    a2:20:c6:d7:a7:7a:bc:1a:1d:31:13:18:68:a3:fe:
                    8d:ee:3d:7d:18:cf:07:d3:22:2c:7c:ca:06:15:98:
                    b9:ae:dd:df:b1:38:28:07:b9:72:81:37:8c:10:37:
                    00:c6:d1:19:c8:ee:4f:a5:47:bb:22:45:4e:31:6a:
                    0e:a6:a4:0a:55:86:29:35:18:f2:33:2b:e7:5d:c8:
                    ff:4b:e3:ef:75:11:ac:24:25:08:2b:01:2b:97:c5:
                    06:dc:19:2d:5b:37:f7:e6:ff:7a:31:dd:33:ab:6f:
                    8d:bd:08:94:39:ee:0a:09:23:37:63:0f:7d:fe:6e:
                    77:78:53:fb:a3:41:1f:cd:ff:97:c2:ec:14:33:a8:
                    a7:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:80:D9:56:10:8A:63:BC:5D:19:7D:FD:7B:5C:8D:4F:42:8C:50:6A
            X509v3 Authority Key Identifier:
                keyid:53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:d8:64:bc:cb:26:20:2d:5b:91:d2:74:c1:23:7f:ce:ad:e3:
         62:f7:00:72:26:9f:0a:c9:3f:e6:74:1c:6f:59:84:4c:c6:cf:
         7a:26:de:5f:f3:85:33:fe:99:dc:24:53:f7:4c:76:88:fe:a8:
         a1:20:ca:a0:24:81:6c:91:44:c6:00:cd:7d:ba:06:35:56:5d:
         e4:13:70:24:ba:dd:a3:8e:72:f4:de:cd:14:aa:a2:85:55:85:
         39:94:f0:ec:80:7b:7b:fa:68:a8:70:2e:4a:c1:c7:b2:ee:32:
         9c:d8:62:98:87:77:d0:1f:4a:77:44:a3:26:0d:8e:5c:54:25:
         d9:a9:13:f7:b5:77:da:0f:d4:c3:84:f9:e5:7a:1c:7d:ce:21:
         aa:dd:8f:d7:4b:40:92:f3:ab:e8:0e:05:87:de:d6:84:91:54:
         de:5a:52:48:ad:70:ae:34:a3:4c:74:9c:e6:c9:74:c2:64:85:
         b0:b3:98:18:80:78:09:97:c2:88:95:43:71:c3:ac:fb:f9:91:
         6d:2a:1b:45:60:06:46:7d:02:a8:f1:f6:bb:c0:60:4c:79:51:
         15:83:8f:46:1c:5a:81:d9:dc:de:ad:d1:60:0f:3c:37:ec:33:
         da:68:92:0c:75:45:a7:d2:a9:65:9c:ac:a6:f6:5e:db:1b:9e:
         43:12:71:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97r+mp5/EaO2XB2tQcsN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzVkZjIxMmJhNTk4ZWUwYTViZjY4MGIyMWY1MGM0ZmM3
ZDY4ZTEwHhcNMjUwNTExMDYwMTAyWhcNMjUwNTEyMDYwMTAyWjAzMTEwLwYDVQQD
EyhiNjgwZDk1NjEwOGE2M2JjNWQxOTdkZmQ3YjVjOGQ0ZjQyOGM1MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EwaoOENY64UCvgiuX+6rRPgqv4Y
Or2cdPD9z4vjpxIsqCvgvAq/zeEWKc5h3oLG0MtksNt89R9zirsqJsSrfwMKHel0
QRMO2NBdwI8FlXo41z+v2q/i0pnMEWZL668f8TllMBvVY4TnyVhrsTMPjLwrfbnj
b2OiIMbXp3q8Gh0xExhoo/6N7j19GM8H0yIsfMoGFZi5rt3fsTgoB7lygTeMEDcA
xtEZyO5PpUe7IkVOMWoOpqQKVYYpNRjyMyvnXcj/S+PvdRGsJCUIKwErl8UG3Bkt
Wzf35v96Md0zq2+NvQiUOe4KCSM3Yw99/m53eFP7o0Efzf+XwuwUM6inbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaA2VYQimO8XRl9/XtcjU9CjFBqMB8GA1UdIwQY
MBaAFFN13yErpZjuClv2gLIfUMT8fWjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2It
MjUyZmQ5NjdiZmNjLzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2ItMjUyZmQ5NjdiZmNj
LzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADthkvMsm
IC1bkdJ0wSN/zq3jYvcAciafCsk/5nQcb1mETMbPeibeX/OFM/6Z3CRT90x2iP6o
oSDKoCSBbJFExgDNfboGNVZd5BNwJLrdo45y9N7NFKqihVWFOZTw7IB7e/poqHAu
SsHHsu4ynNhimId30B9Kd0SjJg2OXFQl2akT97V32g/Uw4T55Xocfc4hqt2P10tA
kvOr6A4Fh97WhJFU3lpSSK1wrjSjTHSc5sl0wmSFsLOYGIB4CZfCiJVDccOs+/mR
bSobRWAGRn0CqPH2u8BgTHlRFYOPRhxagdnc3q3RYA88N+wz2miSDHVFp9KpZZys
pvZe2xueQxJxFg==
-----END CERTIFICATE-----