Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
File:                     4UYAGfiAaeNhThUQkhzH5E0cq-I.mft (raw, json)
Hash identifier:          BZaymzbTgVAOvDueiTdihy/69ocr2CRhZf+U2oX0V1s=
Subject key identifier:   88:E8:5D:82:1D:99:F8:ED:3A:8B:C0:A2:88:98:E3:B9:76:23:9F:6D
Authority key identifier: E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2
Certificate issuer:       /CN=e1460019f88069e3614e1510921cc7e44d1cabe2
Certificate serial:       0196B85A1C1BC12918F7FC28049DC62CD896
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 04:00:35 +0000
Manifest this update:     Sat 10 May 2025 04:00:35 +0000
Manifest next update:     Sun 11 May 2025 04:00:35 +0000
Files and hashes:         1: 4UYAGfiAaeNhThUQkhzH5E0cq-I.crl (hash: sZwa7aJ3VtXMUQJf/I6dVmPJzyU3PHzYFpECFDK1DMs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:5a:1c:1b:c1:29:18:f7:fc:28:04:9d:c6:2c:d8:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1460019f88069e3614e1510921cc7e44d1cabe2
        Validity
            Not Before: May 10 04:00:35 2025 GMT
            Not After : May 11 04:00:35 2025 GMT
        Subject: CN=88e85d821d99f8ed3a8bc0a28898e3b976239f6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d5:24:86:5e:97:68:1d:02:35:ec:8b:89:2b:
                    03:21:1e:d4:1f:2f:84:81:16:6f:2c:46:41:48:6b:
                    b2:4f:12:45:c7:7a:f1:c3:3c:17:13:68:74:63:5d:
                    81:d6:8f:a1:1c:e4:3f:50:2f:ec:15:58:34:c9:91:
                    12:b4:77:21:9a:e1:1d:9f:0f:31:44:85:1a:07:c0:
                    0f:2d:80:9b:45:97:1e:6b:2a:22:86:e2:75:c3:3e:
                    94:d5:e8:38:f1:d0:22:e7:f3:cd:2f:95:25:9f:79:
                    a7:eb:f7:b1:e0:4e:f7:ff:e9:b8:f9:a0:30:5f:83:
                    e7:87:4d:49:6d:51:2e:50:f8:ca:73:4d:55:fb:a9:
                    7d:76:da:ad:9c:9a:70:32:4b:57:44:d8:d7:46:b4:
                    3b:c7:f0:7e:3d:54:e9:d6:d2:08:7c:6d:c0:0c:2c:
                    1d:aa:1e:d0:86:d3:b6:6e:d4:16:31:5a:12:c7:07:
                    85:e8:e0:e1:96:c9:d8:bd:2f:73:96:ce:7e:46:bd:
                    35:c9:1d:2e:e1:57:93:e2:6d:61:99:6c:ef:d3:63:
                    47:b0:d2:34:36:cb:b4:e1:02:38:4c:f6:44:bf:46:
                    60:31:cf:a9:fc:33:69:01:ce:42:7f:97:b4:f5:35:
                    cd:7f:cd:59:33:a7:3a:93:d4:f1:60:b1:99:8d:c8:
                    46:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E8:5D:82:1D:99:F8:ED:3A:8B:C0:A2:88:98:E3:B9:76:23:9F:6D
            X509v3 Authority Key Identifier:
                keyid:E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:4d:b7:7a:54:55:7a:7b:78:b5:45:87:09:4a:09:d2:38:6c:
         84:b3:e5:16:37:36:9d:05:b6:3d:8d:fd:f9:a2:56:dc:db:2f:
         65:b5:dc:63:66:5b:35:da:e5:4c:0d:60:b6:70:8d:f9:8c:07:
         97:d8:e7:06:93:42:c1:63:37:8b:9a:03:81:1c:c3:8d:49:33:
         a9:4b:18:f3:f6:1d:bb:72:3b:b8:06:bb:1f:4c:81:e5:38:d2:
         0e:63:f3:a7:4c:17:91:19:d4:6e:06:2c:3c:1a:62:96:cf:83:
         eb:e0:d2:cd:51:c0:1f:ab:37:7c:a0:2d:95:5c:b3:95:f9:0e:
         7b:94:eb:ec:7b:a2:0c:7d:22:ea:6d:a7:4c:23:a9:b2:e4:78:
         1e:89:09:6e:59:d0:2b:db:f8:e4:ed:35:99:2f:a0:b8:e8:94:
         f6:a1:9f:d3:b2:da:0c:26:e4:36:15:06:a7:e0:4e:54:5a:94:
         05:76:43:3b:43:8d:9f:ae:ea:3f:9b:1e:c7:d8:07:c8:d8:60:
         32:76:bb:39:31:bb:11:eb:67:33:c8:59:38:fc:13:a8:08:9c:
         43:a7:22:5c:95:c1:49:d5:d1:01:77:ed:55:29:ea:68:d0:e6:
         3e:e8:ed:0c:5e:a3:08:ad:b8:67:aa:88:cf:d1:20:93:ec:05:
         c3:b2:c7:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4WhwbwSkY9/woBJ3GLNiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDYwMDE5Zjg4MDY5ZTM2MTRlMTUxMDkyMWNjN2U0NGQx
Y2FiZTIwHhcNMjUwNTEwMDQwMDM1WhcNMjUwNTExMDQwMDM1WjAzMTEwLwYDVQQD
Eyg4OGU4NWQ4MjFkOTlmOGVkM2E4YmMwYTI4ODk4ZTNiOTc2MjM5ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dUkhl6XaB0CNeyLiSsDIR7UHy+E
gRZvLEZBSGuyTxJFx3rxwzwXE2h0Y12B1o+hHOQ/UC/sFVg0yZEStHchmuEdnw8x
RIUaB8APLYCbRZceayoihuJ1wz6U1eg48dAi5/PNL5Uln3mn6/ex4E73/+m4+aAw
X4Pnh01JbVEuUPjKc01V+6l9dtqtnJpwMktXRNjXRrQ7x/B+PVTp1tIIfG3ADCwd
qh7QhtO2btQWMVoSxweF6ODhlsnYvS9zls5+Rr01yR0u4VeT4m1hmWzv02NHsNI0
Nsu04QI4TPZEv0ZgMc+p/DNpAc5Cf5e09TXNf81ZM6c6k9TxYLGZjchG7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjoXYIdmfjtOovAooiY47l2I59tMB8GA1UdIwQY
MBaAFOFGABn4gGnjYU4VEJIcx+RNHKviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQt
ZmNkMWE2M2M1YzQ1LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQtZmNkMWE2M2M1YzQ1
LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATk23elRV
ent4tUWHCUoJ0jhshLPlFjc2nQW2PY39+aJW3NsvZbXcY2ZbNdrlTA1gtnCN+YwH
l9jnBpNCwWM3i5oDgRzDjUkzqUsY8/Ydu3I7uAa7H0yB5TjSDmPzp0wXkRnUbgYs
PBpils+D6+DSzVHAH6s3fKAtlVyzlfkOe5Tr7HuiDH0i6m2nTCOpsuR4HokJblnQ
K9v45O01mS+guOiU9qGf07LaDCbkNhUGp+BOVFqUBXZDO0ONn67qP5sex9gHyNhg
Mna7OTG7EetnM8hZOPwTqAicQ6ciXJXBSdXRAXftVSnqaNDmPujtDF6jCK24Z6qI
z9Egk+wFw7LHpg==
-----END CERTIFICATE-----