Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          sZaZQw/KuOweJt7r4gRbXwDuSMFQfi68K9++WlQxPXI=
Subject key identifier:   24:86:E0:9B:5A:56:FB:20:F7:CC:C8:B3:F0:E6:80:10:E4:5B:3D:3F
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       0196BF00B1858F3DE81EF542596FE68CD44B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          040E
Signing time:             Sun 11 May 2025 11:00:15 +0000
Manifest this update:     Sun 11 May 2025 11:00:15 +0000
Manifest next update:     Mon 12 May 2025 11:00:15 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: I5O2zkx1Ib0rCh7a1GLynzwBCPduOPgMsStc24FjkKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 11:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:00:b1:85:8f:3d:e8:1e:f5:42:59:6f:e6:8c:d4:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: May 11 11:00:15 2025 GMT
            Not After : May 12 11:00:15 2025 GMT
        Subject: CN=2486e09b5a56fb20f7ccc8b3f0e68010e45b3d3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ff:72:78:38:42:05:37:b6:ff:ba:f3:1c:92:
                    8f:47:61:50:6c:77:93:25:0b:91:7d:cb:bf:e8:e5:
                    b6:c4:c2:9c:df:9d:ff:47:66:17:34:cb:ff:3d:3f:
                    db:ba:bd:d8:8a:fa:04:2c:f7:d3:2a:3b:21:9d:0f:
                    e1:e1:ce:36:9c:3f:ee:07:f9:fb:91:2f:09:b7:26:
                    af:88:29:57:07:b9:15:f7:df:09:e7:c8:6b:ad:2e:
                    71:9f:2b:d0:0f:bb:5d:23:89:77:91:28:ad:50:f8:
                    2a:f5:ba:fe:51:11:b5:ce:ab:1a:70:46:89:98:99:
                    9d:e6:69:b3:e7:3a:11:76:78:f4:c0:fa:42:60:7d:
                    00:60:f1:d1:02:83:5d:a2:5c:2a:a0:a2:0f:bd:a1:
                    1a:cc:48:8d:44:f7:8f:bd:8d:74:11:ef:3b:8a:0d:
                    90:63:38:a6:ba:19:17:6c:b4:96:20:5d:ac:a8:5f:
                    88:42:13:72:e9:f2:71:b3:6c:22:e2:43:25:5d:c8:
                    a6:2e:26:e0:bd:5c:7f:1c:8d:87:a2:38:09:bb:c1:
                    36:9d:00:25:de:cc:78:0a:18:fe:01:03:ea:1f:f9:
                    f6:05:26:aa:75:81:7d:8c:6b:dd:e2:1c:2c:e3:e7:
                    4b:09:97:16:4b:54:bd:ff:c7:fe:a7:f3:fc:d4:8c:
                    e8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:86:E0:9B:5A:56:FB:20:F7:CC:C8:B3:F0:E6:80:10:E4:5B:3D:3F
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:5e:14:c1:77:12:d5:d1:1e:4d:6e:4b:fc:a4:f8:64:a8:7d:
         19:bb:8d:d3:15:2c:2b:8c:d4:17:5d:7a:38:b5:62:51:f5:83:
         66:6d:c3:66:5a:95:3c:84:91:99:54:a1:79:05:ca:8f:c8:0d:
         b7:ac:72:85:49:98:fd:11:45:fd:74:cf:f0:be:a8:9a:42:00:
         ab:2d:cc:95:df:da:f7:e2:ad:92:c7:6b:62:b7:eb:74:60:02:
         71:d6:cd:aa:d7:90:5d:72:68:9e:ac:67:d3:60:7d:ef:92:1e:
         2c:d5:0a:49:ad:7e:7c:f2:70:62:f4:78:2e:d1:4f:4e:9d:a6:
         4d:44:f1:82:50:13:58:d7:08:be:c0:56:73:8a:90:44:c9:81:
         fe:23:a3:c5:41:e2:e0:fd:da:0c:6f:3b:29:f6:21:ac:4a:4a:
         6e:8d:7d:11:fd:f8:86:24:0c:73:ba:1c:96:d1:7c:83:cb:4d:
         df:8b:9c:1d:c6:96:91:39:a2:d8:22:65:5e:06:ae:a0:24:5e:
         7a:38:e5:4e:33:e8:77:16:0e:d9:4f:21:0f:48:a1:59:25:d2:
         71:bb:f9:15:58:35:27:2a:c9:3b:df:9c:9c:20:65:bb:db:e8:
         8d:e0:c8:23:45:63:40:a7:cf:a2:cc:28:8d:91:4c:aa:8b:dc:
         eb:29:c9:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/ALGFjz3oHvVCWW/mjNRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwNTExMTEwMDE1WhcNMjUwNTEyMTEwMDE1WjAzMTEwLwYDVQQD
EygyNDg2ZTA5YjVhNTZmYjIwZjdjY2M4YjNmMGU2ODAxMGU0NWIzZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/9yeDhCBTe2/7rzHJKPR2FQbHeT
JQuRfcu/6OW2xMKc353/R2YXNMv/PT/bur3YivoELPfTKjshnQ/h4c42nD/uB/n7
kS8JtyaviClXB7kV998J58hrrS5xnyvQD7tdI4l3kSitUPgq9br+URG1zqsacEaJ
mJmd5mmz5zoRdnj0wPpCYH0AYPHRAoNdolwqoKIPvaEazEiNRPePvY10Ee87ig2Q
YzimuhkXbLSWIF2sqF+IQhNy6fJxs2wi4kMlXcimLibgvVx/HI2HojgJu8E2nQAl
3sx4Chj+AQPqH/n2BSaqdYF9jGvd4hws4+dLCZcWS1S9/8f+p/P81IzovwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSG4JtaVvsg98zIs/DmgBDkWz0/MB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtV4UwXcS
1dEeTW5L/KT4ZKh9GbuN0xUsK4zUF116OLViUfWDZm3DZlqVPISRmVSheQXKj8gN
t6xyhUmY/RFF/XTP8L6omkIAqy3Mld/a9+KtksdrYrfrdGACcdbNqteQXXJonqxn
02B975IeLNUKSa1+fPJwYvR4LtFPTp2mTUTxglATWNcIvsBWc4qQRMmB/iOjxUHi
4P3aDG87KfYhrEpKbo19Ef34hiQMc7ocltF8g8tN34ucHcaWkTmi2CJlXgauoCRe
ejjlTjPodxYO2U8hD0ihWSXScbv5FVg1JyrJO9+cnCBlu9vojeDII0VjQKfPoswo
jZFMqovc6ynJtw==
-----END CERTIFICATE-----