Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
File:                     41wFcLO3dz0eEYgufdLGJVN-sJw.mft (raw, json)
Hash identifier:          EW9hCqsAKjuUk8YF3DnapMWbHICeAYcNJ9X2E558zX0=
Subject key identifier:   51:3A:9D:9E:4C:41:AD:83:A6:62:4A:29:54:79:92:AA:3A:F9:80:09
Authority key identifier: E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C
Certificate issuer:       /CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c
Certificate serial:       0196C916BFF1E02161C75A5395AFB150C06D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
Manifest number:          1272
Signing time:             Tue 13 May 2025 10:00:33 +0000
Manifest this update:     Tue 13 May 2025 10:00:33 +0000
Manifest next update:     Wed 14 May 2025 10:00:33 +0000
Files and hashes:         1: 41wFcLO3dz0eEYgufdLGJVN-sJw.crl (hash: +15D92vVWqqvWmNoVMXGDDPcRYeugsAUxR9b2GJJsEU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:16:bf:f1:e0:21:61:c7:5a:53:95:af:b1:50:c0:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c
        Validity
            Not Before: May 13 10:00:33 2025 GMT
            Not After : May 14 10:00:33 2025 GMT
        Subject: CN=513a9d9e4c41ad83a6624a29547992aa3af98009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:1f:33:2b:27:72:95:54:52:ae:45:ee:18:7d:
                    da:a3:a1:a7:3c:b8:f5:96:15:61:fa:9e:cc:0c:8c:
                    6d:9c:b7:81:e6:b9:15:28:93:ac:81:ed:64:dd:5a:
                    41:df:ba:3a:a7:bf:c0:0c:89:a7:b7:4d:8e:3d:70:
                    2c:dd:43:96:33:2a:57:84:96:ca:e1:ec:e6:dc:4b:
                    e2:08:8e:32:f7:7b:b6:b2:ae:ee:84:1c:63:4b:3e:
                    24:89:f0:d6:37:d9:2f:8d:e5:75:58:99:1c:ac:3e:
                    f9:b1:3f:5c:a0:16:a2:8c:d0:bc:45:a1:d6:e8:eb:
                    2f:78:5e:db:b3:51:10:25:b2:92:a2:67:12:b9:44:
                    07:d9:9d:8e:38:43:bb:87:cc:aa:f3:ab:15:22:46:
                    6e:bd:4d:e0:21:fb:20:49:8a:e4:65:96:2e:0b:33:
                    c1:c5:53:13:72:5b:0b:08:51:cc:ca:4f:97:f7:23:
                    d6:a4:d9:61:5e:18:07:a7:84:d4:da:4b:fb:67:44:
                    85:b8:8d:84:74:e2:53:d2:9b:f8:52:37:fb:33:18:
                    74:82:0a:11:8f:b7:f0:46:13:bf:0f:8f:34:7c:c0:
                    bd:b5:85:98:38:65:e7:3c:29:a1:0d:b0:25:1c:b4:
                    54:7c:d1:35:64:94:b8:bb:30:62:4e:58:df:2f:e3:
                    19:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:3A:9D:9E:4C:41:AD:83:A6:62:4A:29:54:79:92:AA:3A:F9:80:09
            X509v3 Authority Key Identifier:
                keyid:E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:34:78:fb:eb:74:ea:77:73:71:9a:06:5f:4a:ef:fe:a1:bb:
         8e:03:17:93:a0:60:55:2b:3f:11:c5:3f:db:e1:e2:05:95:6e:
         30:31:30:64:b2:f7:dd:c1:4a:54:a0:2c:ad:bc:ca:e1:ba:54:
         7d:cf:15:79:ec:89:05:50:81:ca:0d:ab:b4:ad:6b:29:0a:aa:
         98:b7:58:59:f7:c9:98:dc:4d:55:c5:e3:d9:d3:48:47:2c:b5:
         b7:ec:58:9c:85:5b:8b:94:91:61:8c:79:e6:19:68:d4:52:77:
         36:3e:59:9f:20:a0:c2:a3:20:29:d6:6a:31:1f:95:88:4d:cb:
         75:c2:5b:4d:ab:77:df:3e:3d:18:09:fb:b6:3c:09:fe:16:af:
         8f:1c:f7:7f:d5:3b:72:fc:bd:14:92:4c:09:eb:e8:12:67:a2:
         7c:c1:d8:f9:68:fe:54:8d:12:74:a4:da:44:8b:1f:28:f6:a3:
         b7:25:26:4b:ba:38:10:25:e7:10:11:d0:6d:cd:03:c1:ba:23:
         eb:bc:c7:9c:2c:43:92:55:d0:6f:d2:7c:d7:52:51:46:e9:d9:
         cc:4a:30:a3:38:80:d9:71:2e:1b:69:b0:7f:50:b1:f0:b2:cc:
         d9:92:f2:b2:dd:41:e9:54:25:d7:23:4f:2b:bc:3f:be:13:d5:
         b9:6d:e3:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJFr/x4CFhx1pTla+xUMBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNWMwNTcwYjNiNzc3M2QxZTExODgyZTdkZDJjNjI1NTM3
ZWIwOWMwHhcNMjUwNTEzMTAwMDMzWhcNMjUwNTE0MTAwMDMzWjAzMTEwLwYDVQQD
Eyg1MTNhOWQ5ZTRjNDFhZDgzYTY2MjRhMjk1NDc5OTJhYTNhZjk4MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8x8zKydylVRSrkXuGH3ao6GnPLj1
lhVh+p7MDIxtnLeB5rkVKJOsge1k3VpB37o6p7/ADImnt02OPXAs3UOWMypXhJbK
4ezm3EviCI4y93u2sq7uhBxjSz4kifDWN9kvjeV1WJkcrD75sT9coBaijNC8RaHW
6OsveF7bs1EQJbKSomcSuUQH2Z2OOEO7h8yq86sVIkZuvU3gIfsgSYrkZZYuCzPB
xVMTclsLCFHMyk+X9yPWpNlhXhgHp4TU2kv7Z0SFuI2EdOJT0pv4Ujf7Mxh0ggoR
j7fwRhO/D480fMC9tYWYOGXnPCmhDbAlHLRUfNE1ZJS4uzBiTljfL+MZkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFE6nZ5MQa2DpmJKKVR5kqo6+YAJMB8GA1UdIwQY
MBaAFONcBXCzt3c9HhGILn3SxiVTfrCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDct
ZjY5MTI4YTkxOTgzLzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDctZjY5MTI4YTkxOTgz
LzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDR4++t0
6ndzcZoGX0rv/qG7jgMXk6BgVSs/EcU/2+HiBZVuMDEwZLL33cFKVKAsrbzK4bpU
fc8VeeyJBVCByg2rtK1rKQqqmLdYWffJmNxNVcXj2dNIRyy1t+xYnIVbi5SRYYx5
5hlo1FJ3Nj5ZnyCgwqMgKdZqMR+ViE3LdcJbTat33z49GAn7tjwJ/havjxz3f9U7
cvy9FJJMCevoEmeifMHY+Wj+VI0SdKTaRIsfKPajtyUmS7o4ECXnEBHQbc0Dwboj
67zHnCxDklXQb9J811JRRunZzEowoziA2XEuG2mwf1Cx8LLM2ZLyst1B6VQl1yNP
K7w/vhPVuW3jwg==
-----END CERTIFICATE-----