Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          4IbVrGmjxBNvfU9qf5sukgBoZbvSsNG1X4Vqt9ZpZT0=
Subject key identifier:   78:B6:08:A1:DA:4E:FF:67:C8:8E:2A:50:76:2E:EC:10:50:5A:A6:DE
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       0196A19B39E699007B9F382D26DF12182282
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          01E4
Signing time:             Mon 05 May 2025 18:00:26 +0000
Manifest this update:     Mon 05 May 2025 18:00:26 +0000
Manifest next update:     Tue 06 May 2025 18:00:26 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: AA5kwLIv9E/d5LPEHCkHtQaPeDAtGFMb2A5q4H0bs6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:9b:39:e6:99:00:7b:9f:38:2d:26:df:12:18:22:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: May  5 18:00:26 2025 GMT
            Not After : May  6 18:00:26 2025 GMT
        Subject: CN=78b608a1da4eff67c88e2a50762eec10505aa6de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:9a:ff:4f:94:bf:c4:86:3a:9a:b9:e5:e1:1b:
                    f4:8d:28:59:22:f8:f8:8d:83:93:c2:9c:31:2d:02:
                    e1:6c:7c:5b:54:3b:45:49:52:a7:ce:0d:94:77:65:
                    f3:0c:b8:20:3a:5e:4b:2c:a8:a8:ec:a2:64:93:ff:
                    09:42:7e:c4:07:8e:6c:7d:32:bd:9b:7e:b7:ca:25:
                    2b:aa:f4:0b:e2:55:6c:7a:92:0c:2a:53:57:46:6c:
                    2d:ee:a5:ee:c9:c1:7f:69:cc:7c:4b:1d:b0:e8:38:
                    5c:24:bd:62:4b:d9:ab:40:8f:53:f9:81:0e:3a:16:
                    b7:dc:be:65:1c:95:f1:16:29:cb:b1:b4:1f:1b:ea:
                    6f:24:6f:3e:04:be:fb:49:bf:21:9e:66:59:de:1d:
                    86:d2:4c:03:6f:d6:05:34:05:99:69:05:43:8a:7b:
                    78:eb:31:93:a2:86:4a:c8:f9:d9:c5:1e:6b:71:9c:
                    14:c7:2c:26:76:63:c6:6c:c1:73:a0:72:3e:9f:fd:
                    3c:4a:0c:81:a3:ad:e3:41:a8:83:59:85:63:39:c1:
                    6d:e3:f5:70:b5:ee:35:b8:00:dd:e6:d1:ce:cc:b7:
                    6b:a4:95:da:70:ec:09:06:19:8d:37:3b:d1:30:ba:
                    d7:d9:45:82:8c:30:46:4c:8f:3a:ab:6f:86:4c:3e:
                    ce:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:B6:08:A1:DA:4E:FF:67:C8:8E:2A:50:76:2E:EC:10:50:5A:A6:DE
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:51:cf:6f:86:09:7d:fb:48:56:34:3b:99:88:d7:25:8c:6b:
         6b:ed:4f:32:60:de:09:c3:1d:1f:13:f9:10:a1:11:96:cb:9d:
         ff:5d:74:2f:ed:e5:4a:19:25:e2:e9:33:3c:b5:3f:fa:57:be:
         a0:ee:7d:bc:b0:77:2c:a9:36:48:75:5f:47:4d:03:81:2d:f2:
         3d:78:23:6c:92:36:23:13:38:10:be:15:28:8f:5f:60:24:1a:
         ff:7e:04:15:60:6d:a8:33:82:ea:3e:7a:ce:16:2f:43:ea:b0:
         ed:eb:19:e8:16:31:71:a0:ea:55:94:39:0a:7e:3c:23:43:78:
         64:bc:64:fc:36:80:b7:f9:74:1d:e8:a5:21:29:9e:d7:56:b5:
         ca:2b:2c:74:0f:fa:20:7f:eb:ad:17:20:b7:c5:fc:a1:80:6d:
         bc:bf:dc:16:5a:36:55:ef:f6:51:24:e3:95:e3:43:fb:0e:0b:
         98:12:65:0e:35:e1:04:62:fc:63:e4:e2:44:c1:81:3f:db:ab:
         9a:32:49:bd:bf:a7:8b:11:cc:e7:dc:fe:6a:03:91:69:3e:e9:
         72:3a:5f:70:1e:37:6a:07:a8:11:b2:e5:91:77:91:e6:56:11:
         67:86:f5:27:df:49:5f:b8:c5:f3:d1:13:ad:cb:8a:9e:1f:78:
         f4:b3:fb:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZahmznmmQB7nzgtJt8SGCKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwNTA1MTgwMDI2WhcNMjUwNTA2MTgwMDI2WjAzMTEwLwYDVQQD
Eyg3OGI2MDhhMWRhNGVmZjY3Yzg4ZTJhNTA3NjJlZWMxMDUwNWFhNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZr/T5S/xIY6mrnl4Rv0jShZIvj4
jYOTwpwxLQLhbHxbVDtFSVKnzg2Ud2XzDLggOl5LLKio7KJkk/8JQn7EB45sfTK9
m363yiUrqvQL4lVsepIMKlNXRmwt7qXuycF/acx8Sx2w6DhcJL1iS9mrQI9T+YEO
Oha33L5lHJXxFinLsbQfG+pvJG8+BL77Sb8hnmZZ3h2G0kwDb9YFNAWZaQVDint4
6zGTooZKyPnZxR5rcZwUxywmdmPGbMFzoHI+n/08SgyBo63jQaiDWYVjOcFt4/Vw
te41uADd5tHOzLdrpJXacOwJBhmNNzvRMLrX2UWCjDBGTI86q2+GTD7OjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHi2CKHaTv9nyI4qUHYu7BBQWqbeMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1HPb4YJ
fftIVjQ7mYjXJYxra+1PMmDeCcMdHxP5EKERlsud/110L+3lShkl4ukzPLU/+le+
oO59vLB3LKk2SHVfR00DgS3yPXgjbJI2IxM4EL4VKI9fYCQa/34EFWBtqDOC6j56
zhYvQ+qw7esZ6BYxcaDqVZQ5Cn48I0N4ZLxk/DaAt/l0HeilISme11a1yissdA/6
IH/rrRcgt8X8oYBtvL/cFlo2Ve/2USTjleND+w4LmBJlDjXhBGL8Y+TiRMGBP9ur
mjJJvb+nixHM59z+agORaT7pcjpfcB43ageoEbLlkXeR5lYRZ4b1J99JX7jF89ET
rcuKnh949LP7pg==
-----END CERTIFICATE-----