Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          gJ2nhNQCAywnHViQlJoCOV0B/lewbevYJNYc3ORNpAs=
Subject key identifier:   5F:2A:D2:C8:F3:F9:CB:02:FE:03:33:92:AF:02:D8:75:78:EE:40:B7
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       0196A08911DEFE25E6E1F4A13D12AE295149
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0AAF
Signing time:             Mon 05 May 2025 13:00:59 +0000
Manifest this update:     Mon 05 May 2025 13:00:59 +0000
Manifest next update:     Tue 06 May 2025 13:00:59 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: 75LDNdsTlTHK/Zdbc0v4MGQHX5tdNXT0j08i7qTvCz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:89:11:de:fe:25:e6:e1:f4:a1:3d:12:ae:29:51:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: May  5 13:00:59 2025 GMT
            Not After : May  6 13:00:59 2025 GMT
        Subject: CN=5f2ad2c8f3f9cb02fe033392af02d87578ee40b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:68:db:45:96:33:bc:1c:2d:b9:4b:e6:32:50:
                    cf:c6:f3:69:a8:70:63:e9:77:19:d7:80:fa:ac:66:
                    64:2c:d4:50:21:91:fe:26:b8:07:2d:03:33:c8:9d:
                    c4:5b:ed:b9:ee:80:09:d9:d3:cb:52:7b:43:d8:11:
                    90:77:e8:e1:3d:08:71:a9:6b:77:83:66:35:1d:60:
                    f1:74:92:68:81:4b:83:32:fc:13:a8:d6:bf:c7:fe:
                    24:e5:5c:75:ab:4d:f3:0d:ce:a8:3b:b5:89:62:bc:
                    35:c8:bd:fc:12:3a:0b:86:80:32:eb:a6:e5:d5:6d:
                    23:4e:d1:2b:d7:fb:23:4b:1f:e8:34:b8:9a:7c:54:
                    79:b4:28:da:18:85:52:b7:8c:d2:d6:50:a9:48:fc:
                    de:4f:eb:7a:8c:b5:52:a7:07:f0:53:ed:1e:8a:e6:
                    46:b9:4b:db:c3:d7:bc:6e:0f:fc:61:87:af:d9:af:
                    63:4f:9b:e5:ec:ee:3e:98:47:d1:f9:14:e9:63:77:
                    b6:04:06:5f:f3:a5:e0:56:5c:54:57:25:85:65:df:
                    b0:18:3d:7e:4d:b5:da:a5:73:97:21:fd:01:23:0f:
                    38:68:6f:ff:39:b2:bd:02:4f:3c:9d:0f:fe:cb:a6:
                    23:99:e6:bb:88:2a:de:51:0e:f2:28:03:75:85:6a:
                    aa:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:2A:D2:C8:F3:F9:CB:02:FE:03:33:92:AF:02:D8:75:78:EE:40:B7
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:7a:eb:77:74:4a:1a:b5:b2:38:39:6b:42:1c:1d:14:7c:ee:
         d9:58:9d:e8:4a:2e:fc:ed:79:92:6d:ee:92:12:88:33:17:17:
         f9:bd:b3:1a:a4:51:c6:a5:8a:94:b3:22:ce:9a:e1:1d:3c:9d:
         44:0f:e8:7f:ea:29:b2:e6:5e:b3:1d:28:fc:8a:9b:24:5c:e9:
         cd:30:b5:d7:b7:60:94:21:32:e8:81:26:8a:ea:42:6c:d3:cf:
         91:7b:75:3f:31:8d:75:98:ee:bc:f6:7a:d0:14:96:da:ec:c7:
         79:06:92:b3:c4:0c:d7:7d:b6:f2:f3:0b:2a:aa:f4:fc:a6:ce:
         f1:13:2a:ce:0b:18:54:a2:cd:4a:72:a5:c9:b4:92:91:30:fb:
         88:11:d4:d0:18:19:0a:09:67:8c:3c:b4:4a:c9:84:1e:f6:08:
         48:17:9b:b2:d8:7d:b2:a5:51:0c:03:00:e3:64:cb:2c:b2:39:
         50:b8:fa:7f:f2:79:1f:83:49:b1:04:00:56:e7:52:b5:45:dc:
         53:e4:2d:f9:4a:5f:d5:ba:97:89:68:5a:06:4f:ad:69:63:cf:
         68:96:83:0d:a8:a9:4a:55:62:9a:10:05:c0:f1:ca:ec:d5:3a:
         c4:b7:de:ba:97:99:50:e8:2a:b4:69:72:a5:46:b3:06:5d:21:
         47:f6:12:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiRHe/iXm4fShPRKuKVFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwNTA1MTMwMDU5WhcNMjUwNTA2MTMwMDU5WjAzMTEwLwYDVQQD
Eyg1ZjJhZDJjOGYzZjljYjAyZmUwMzMzOTJhZjAyZDg3NTc4ZWU0MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+WjbRZYzvBwtuUvmMlDPxvNpqHBj
6XcZ14D6rGZkLNRQIZH+JrgHLQMzyJ3EW+257oAJ2dPLUntD2BGQd+jhPQhxqWt3
g2Y1HWDxdJJogUuDMvwTqNa/x/4k5Vx1q03zDc6oO7WJYrw1yL38EjoLhoAy66bl
1W0jTtEr1/sjSx/oNLiafFR5tCjaGIVSt4zS1lCpSPzeT+t6jLVSpwfwU+0eiuZG
uUvbw9e8bg/8YYev2a9jT5vl7O4+mEfR+RTpY3e2BAZf86XgVlxUVyWFZd+wGD1+
TbXapXOXIf0BIw84aG//ObK9Ak88nQ/+y6Yjmea7iCreUQ7yKAN1hWqqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8q0sjz+csC/gMzkq8C2HV47kC3MB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHrrd3RK
GrWyODlrQhwdFHzu2Vid6Eou/O15km3ukhKIMxcX+b2zGqRRxqWKlLMizprhHTyd
RA/of+opsuZesx0o/IqbJFzpzTC117dglCEy6IEmiupCbNPPkXt1PzGNdZjuvPZ6
0BSW2uzHeQaSs8QM13228vMLKqr0/KbO8RMqzgsYVKLNSnKlybSSkTD7iBHU0BgZ
CglnjDy0SsmEHvYISBebsth9sqVRDAMA42TLLLI5ULj6f/J5H4NJsQQAVudStUXc
U+Qt+Upf1bqXiWhaBk+taWPPaJaDDaipSlVimhAFwPHK7NU6xLfeupeZUOgqtGly
pUazBl0hR/YSpw==
-----END CERTIFICATE-----