Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
File:                     G_A9uL9mABk75I-xDm4xa4tfiOM.mft (raw, json)
Hash identifier:          hHz/yNRi439O6alYiptJmY9iLp+GqQNrf8+d6T2URUM=
Subject key identifier:   CB:69:60:5E:A8:7B:91:89:11:86:2E:87:82:57:C8:AC:78:4B:13:24
Authority key identifier: 1B:F0:3D:B8:BF:66:00:19:3B:E4:8F:B1:0E:6E:31:6B:8B:5F:88:E3
Certificate issuer:       /CN=1bf03db8bf6600193be48fb10e6e316b8b5f88e3
Certificate serial:       0196A98BD7AC8BF50DE80B0F549DE2D5DD65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
Manifest number:          0471
Signing time:             Wed 07 May 2025 07:00:36 +0000
Manifest this update:     Wed 07 May 2025 07:00:36 +0000
Manifest next update:     Thu 08 May 2025 07:00:36 +0000
Files and hashes:         1: G_A9uL9mABk75I-xDm4xa4tfiOM.crl (hash: 0973758kXhFbV7mmrb4O2gtA28fcPDL5drHlrgOiFvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a9:8b:d7:ac:8b:f5:0d:e8:0b:0f:54:9d:e2:d5:dd:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf03db8bf6600193be48fb10e6e316b8b5f88e3
        Validity
            Not Before: May  7 07:00:36 2025 GMT
            Not After : May  8 07:00:36 2025 GMT
        Subject: CN=cb69605ea87b918911862e878257c8ac784b1324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a1:94:e8:84:51:19:10:e4:1b:e5:f1:14:f1:
                    b5:ea:e3:e9:9e:36:02:43:d0:85:d3:18:09:2b:76:
                    d8:7d:ee:85:11:c3:1e:8d:16:5e:8b:9b:38:cc:00:
                    3e:0c:b3:ec:06:64:4e:66:ad:6e:de:5d:bb:24:56:
                    3d:02:46:64:2a:02:df:52:be:89:f4:4d:a5:bb:8b:
                    68:09:c9:fe:3e:fa:d4:f8:36:38:af:c4:0a:6e:ee:
                    55:4e:10:7d:e9:15:c4:94:6a:20:24:3e:32:85:94:
                    cd:37:8a:67:59:c5:74:df:96:f3:67:02:52:81:57:
                    56:26:d8:75:01:3d:e6:63:ed:cf:79:d6:88:6e:3d:
                    f0:c8:96:b4:b1:d3:8e:51:86:66:51:7b:c6:1a:52:
                    37:91:45:28:d5:55:aa:36:69:c5:8d:fc:a1:be:e5:
                    07:62:e2:3f:86:24:d7:7a:0f:e5:f1:02:03:16:bf:
                    a5:70:10:84:13:6c:aa:23:d5:2d:b9:5d:cd:c7:14:
                    e2:f9:23:68:6c:c3:6b:95:14:ee:44:7a:9a:f3:69:
                    e1:99:43:c9:e0:c8:42:03:52:1a:bd:fb:34:27:e9:
                    df:d5:b0:fa:27:70:b0:44:40:38:1a:ed:20:c4:ae:
                    3d:15:e5:2c:32:b4:b3:d5:e7:82:3d:eb:0a:f2:6d:
                    4c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:69:60:5E:A8:7B:91:89:11:86:2E:87:82:57:C8:AC:78:4B:13:24
            X509v3 Authority Key Identifier:
                keyid:1B:F0:3D:B8:BF:66:00:19:3B:E4:8F:B1:0E:6E:31:6B:8B:5F:88:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e7:6f:90:53:b1:10:73:89:b8:9f:81:83:9d:50:f7:fb:c5:4b:
         bb:e3:c1:4e:74:26:d3:1b:57:30:03:13:7b:c0:b3:03:19:a0:
         31:03:af:48:22:57:eb:a9:dc:8b:0c:8d:64:f7:0d:97:52:55:
         c4:a8:a8:bd:8c:ef:2f:6c:27:99:82:68:8e:74:e2:31:78:fc:
         32:41:c7:42:7f:0b:5b:79:f7:fc:0a:00:a2:bc:c4:1b:ee:f5:
         df:7d:da:c9:38:28:c9:26:e9:d6:df:f3:4c:5a:28:fe:fc:98:
         ef:bf:38:6a:75:81:c5:c3:7f:37:4b:4b:1a:91:f7:14:d4:7c:
         a5:ed:a3:df:30:29:a8:02:9b:39:9f:45:c7:69:5b:7b:11:c5:
         9e:a3:d2:12:fc:72:29:56:25:bc:04:6e:2f:a4:83:b4:ee:9d:
         42:65:b0:4e:11:92:69:fd:1b:9f:b0:ed:e5:0d:48:3f:d6:9e:
         e6:21:4c:e4:2d:f9:e4:ca:27:10:45:b3:de:0a:56:b7:17:a3:
         b4:ec:c4:af:2d:b8:47:31:74:4d:5c:0f:81:54:de:27:3b:85:
         3e:58:28:ba:95:2a:92:a4:d0:b7:c9:49:00:2b:52:04:02:3a:
         33:e0:b3:b9:f7:90:d7:90:d3:4b:f3:80:bb:e4:f3:af:2f:90:
         c6:0b:75:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZapi9esi/UN6AsPVJ3i1d1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjAzZGI4YmY2NjAwMTkzYmU0OGZiMTBlNmUzMTZiOGI1
Zjg4ZTMwHhcNMjUwNTA3MDcwMDM2WhcNMjUwNTA4MDcwMDM2WjAzMTEwLwYDVQQD
EyhjYjY5NjA1ZWE4N2I5MTg5MTE4NjJlODc4MjU3YzhhYzc4NGIxMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqGU6IRRGRDkG+XxFPG16uPpnjYC
Q9CF0xgJK3bYfe6FEcMejRZei5s4zAA+DLPsBmROZq1u3l27JFY9AkZkKgLfUr6J
9E2lu4toCcn+PvrU+DY4r8QKbu5VThB96RXElGogJD4yhZTNN4pnWcV035bzZwJS
gVdWJth1AT3mY+3PedaIbj3wyJa0sdOOUYZmUXvGGlI3kUUo1VWqNmnFjfyhvuUH
YuI/hiTXeg/l8QIDFr+lcBCEE2yqI9UtuV3NxxTi+SNobMNrlRTuRHqa82nhmUPJ
4MhCA1Iavfs0J+nf1bD6J3CwREA4Gu0gxK49FeUsMrSz1eeCPesK8m1MiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtpYF6oe5GJEYYuh4JXyKx4SxMkMB8GA1UdIwQY
MBaAFBvwPbi/ZgAZO+SPsQ5uMWuLX4jjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNjA3NTItY2E3ZS00YWNmLThjZDEt
ZWU1OTg4ZTg3M2UxLzEvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNjA3NTItY2E3ZS00YWNmLThjZDEtZWU1OTg4ZTg3M2Ux
LzEvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA52+QU7EQ
c4m4n4GDnVD3+8VLu+PBTnQm0xtXMAMTe8CzAxmgMQOvSCJX66nciwyNZPcNl1JV
xKiovYzvL2wnmYJojnTiMXj8MkHHQn8LW3n3/AoAorzEG+71333ayTgoySbp1t/z
TFoo/vyY7784anWBxcN/N0tLGpH3FNR8pe2j3zApqAKbOZ9Fx2lbexHFnqPSEvxy
KVYlvARuL6SDtO6dQmWwThGSaf0bn7Dt5Q1IP9ae5iFM5C355MonEEWz3gpWtxej
tOzEry24RzF0TVwPgVTeJzuFPlgoupUqkqTQt8lJACtSBAI6M+CzufeQ15DTS/OA
u+Tzry+Qxgt15A==
-----END CERTIFICATE-----