Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          X/q+9eB8HbFKzpADV6w2zTCFPTjTM0fWiYVn6eCP8tg=
Subject key identifier:   A4:B3:DF:DC:C1:38:C5:93:47:57:A9:41:B7:65:CF:8F:0B:9B:63:96
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       0196B9A3B4AD6DF8C5C538FB496162C56801
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0A3E
Signing time:             Sat 10 May 2025 10:00:35 +0000
Manifest this update:     Sat 10 May 2025 10:00:35 +0000
Manifest next update:     Sun 11 May 2025 10:00:35 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: dHb3JFCnYdF9jZb8TLcMIKA53Kk9+7BppANcU3M2KHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:b4:ad:6d:f8:c5:c5:38:fb:49:61:62:c5:68:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: May 10 10:00:35 2025 GMT
            Not After : May 11 10:00:35 2025 GMT
        Subject: CN=a4b3dfdcc138c5934757a941b765cf8f0b9b6396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c3:1b:df:46:77:db:36:e1:5f:dd:c1:ab:36:
                    17:4c:d7:84:ce:9a:54:4d:96:fa:97:7d:42:f5:a3:
                    db:3e:42:18:b7:8f:e3:c2:a3:de:52:32:6f:44:94:
                    f1:80:a3:d2:17:50:f1:df:1e:b6:13:f9:cd:74:f8:
                    10:48:99:2d:25:46:70:21:8a:1c:b5:06:f5:fb:c5:
                    9b:03:4a:34:e2:e6:08:28:7a:61:a3:b1:54:56:a8:
                    8c:67:f8:3a:66:3a:61:88:65:a8:4c:90:49:2d:ec:
                    5e:4d:ab:7c:53:c7:0d:d5:59:74:8e:77:24:f9:f2:
                    44:b7:11:74:8c:19:fa:88:96:c0:2d:eb:09:f5:12:
                    51:57:f5:28:2d:45:94:a0:3b:79:79:3b:93:e3:cc:
                    d6:b2:9a:aa:de:b8:dc:c8:40:1b:47:19:b8:1f:d3:
                    88:97:d8:a5:86:c7:c5:db:fc:07:05:7d:7d:2c:d4:
                    a0:0d:f1:cb:82:b2:29:96:dd:91:17:d4:d0:52:82:
                    99:29:43:b1:96:91:5d:08:61:96:51:59:43:8e:56:
                    64:4b:77:6f:74:21:c7:35:09:51:68:81:16:62:ed:
                    33:be:8f:71:bc:b7:ff:b2:dd:85:51:5e:ea:cc:2b:
                    56:0d:f0:df:cf:12:ff:32:ba:10:ca:4f:8c:58:42:
                    e1:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B3:DF:DC:C1:38:C5:93:47:57:A9:41:B7:65:CF:8F:0B:9B:63:96
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:47:61:3e:5c:07:5a:fe:cd:ed:e0:98:14:4e:a6:47:68:ed:
         48:b5:da:81:55:1a:80:48:cc:f9:4b:cc:f4:95:6f:a4:48:82:
         5c:7e:5b:91:81:37:a7:94:08:56:54:f9:ec:a7:b5:2b:a3:4d:
         b4:a3:27:e8:31:a0:f8:77:0a:fe:29:c6:45:ed:fe:4c:56:64:
         c5:03:0a:81:e0:6f:66:0e:a8:bb:aa:2c:4e:62:06:1b:c8:55:
         76:13:f4:bf:3b:30:55:02:be:aa:1a:66:71:a8:8f:e7:5b:3c:
         2c:33:44:bb:bf:2c:be:aa:bb:27:83:11:d3:83:3b:f1:88:1e:
         08:04:5b:03:2b:fd:c9:92:df:04:0e:14:8a:a0:b6:86:e5:32:
         34:e1:9e:59:2b:d4:a3:37:e6:7b:56:14:3e:10:f8:f9:b2:7e:
         4d:2b:df:13:58:de:7e:13:cf:e4:5f:31:6f:b3:3f:37:ad:7c:
         1e:c4:80:d2:c3:4d:18:65:12:f3:ba:b4:16:dc:c8:a4:12:07:
         37:94:6c:58:65:33:7c:04:85:9c:ac:d7:82:91:44:10:8a:7e:
         5b:27:2c:40:81:c1:74:31:3f:bd:a5:64:b9:f0:1e:01:b0:91:
         f5:d3:10:0a:13:4e:7f:8f:27:0c:73:13:f0:a5:65:5c:cd:e3:
         5c:ab:f0:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o7StbfjFxTj7SWFixWgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjUwNTEwMTAwMDM1WhcNMjUwNTExMTAwMDM1WjAzMTEwLwYDVQQD
EyhhNGIzZGZkY2MxMzhjNTkzNDc1N2E5NDFiNzY1Y2Y4ZjBiOWI2Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsMb30Z32zbhX93BqzYXTNeEzppU
TZb6l31C9aPbPkIYt4/jwqPeUjJvRJTxgKPSF1Dx3x62E/nNdPgQSJktJUZwIYoc
tQb1+8WbA0o04uYIKHpho7FUVqiMZ/g6ZjphiGWoTJBJLexeTat8U8cN1Vl0jnck
+fJEtxF0jBn6iJbALesJ9RJRV/UoLUWUoDt5eTuT48zWspqq3rjcyEAbRxm4H9OI
l9ilhsfF2/wHBX19LNSgDfHLgrIplt2RF9TQUoKZKUOxlpFdCGGWUVlDjlZkS3dv
dCHHNQlRaIEWYu0zvo9xvLf/st2FUV7qzCtWDfDfzxL/MroQyk+MWELhiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSz39zBOMWTR1epQbdlz48Lm2OWMB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUdhPlwH
Wv7N7eCYFE6mR2jtSLXagVUagEjM+UvM9JVvpEiCXH5bkYE3p5QIVlT57Ke1K6NN
tKMn6DGg+HcK/inGRe3+TFZkxQMKgeBvZg6ou6osTmIGG8hVdhP0vzswVQK+qhpm
caiP51s8LDNEu78svqq7J4MR04M78YgeCARbAyv9yZLfBA4UiqC2huUyNOGeWSvU
ozfme1YUPhD4+bJ+TSvfE1jefhPP5F8xb7M/N618HsSA0sNNGGUS87q0FtzIpBIH
N5RsWGUzfASFnKzXgpFEEIp+WycsQIHBdDE/vaVkufAeAbCR9dMQChNOf48nDHMT
8KVlXM3jXKvwPQ==
-----END CERTIFICATE-----