Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
File:                     L97GcLeAw7-UAe8cEVodh_6PfHo.mft (raw, json)
Hash identifier:          CUQcpkIMqMziDiYK5PuF4WJ5TJgGqoAjTi/HsaIG87U=
Subject key identifier:   A4:56:9A:99:44:98:48:24:31:2F:F0:91:2C:5B:C4:F2:6D:5E:2F:13
Authority key identifier: 2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A
Certificate issuer:       /CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
Certificate serial:       01969F089AA9B1D8E8BA5E772A006EE956B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
Manifest number:          0C04
Signing time:             Mon 05 May 2025 06:01:03 +0000
Manifest this update:     Mon 05 May 2025 06:01:03 +0000
Manifest next update:     Tue 06 May 2025 06:01:03 +0000
Files and hashes:         1: L97GcLeAw7-UAe8cEVodh_6PfHo.crl (hash: mbNXArXrxkjsxeOslx/AeepA7zeBTfhJrqcTXBomZ3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:08:9a:a9:b1:d8:e8:ba:5e:77:2a:00:6e:e9:56:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
        Validity
            Not Before: May  5 06:01:03 2025 GMT
            Not After : May  6 06:01:03 2025 GMT
        Subject: CN=a4569a9944984824312ff0912c5bc4f26d5e2f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:1f:cd:7d:26:8c:2e:e7:a9:8f:46:4d:b4:28:
                    1d:7b:52:98:6e:f3:6f:84:85:28:ba:4f:d2:c5:4f:
                    94:db:06:ff:be:62:f5:67:e8:13:95:ac:09:4c:bc:
                    75:e4:73:08:10:fe:85:9e:3c:d5:91:96:f1:ed:11:
                    8d:26:f7:2c:41:f5:90:2f:9f:27:27:92:92:3e:a5:
                    39:5f:fc:b7:18:2f:fd:9f:0d:5a:b6:84:a5:3c:07:
                    da:8b:94:8b:05:fd:2d:a9:b8:5a:06:2c:0f:66:33:
                    e7:88:65:66:13:51:ca:f5:2a:5f:89:c3:6d:a7:c2:
                    d7:81:8d:7e:89:ea:7a:e7:a3:b4:da:91:a1:f1:30:
                    25:25:f1:4f:ab:2d:be:e8:f0:58:b6:98:8b:4f:05:
                    c8:73:3c:c2:22:26:1c:f5:19:ca:2f:0a:28:1b:74:
                    22:88:40:0f:bc:ac:31:c5:f9:ef:a6:98:81:62:2e:
                    a1:05:9c:7b:63:ba:e1:10:8e:df:1a:cc:d1:89:82:
                    21:d0:73:21:53:55:dd:df:75:cd:ac:8f:7d:25:3c:
                    ac:69:20:9e:a4:1c:ee:80:d2:a4:68:69:fa:f3:42:
                    fa:2b:e5:1b:74:e2:1c:29:62:eb:e2:ee:f1:fb:6d:
                    19:55:89:13:35:09:3d:76:de:95:bd:09:75:19:d0:
                    5b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:56:9A:99:44:98:48:24:31:2F:F0:91:2C:5B:C4:F2:6D:5E:2F:13
            X509v3 Authority Key Identifier:
                keyid:2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:b2:07:46:df:8a:5c:04:85:5f:1b:d3:15:a8:49:df:23:ee:
         65:b3:8c:c1:46:8c:76:72:65:1b:31:0a:53:82:24:16:2e:c2:
         45:8d:6f:a9:c1:3e:ae:ef:c1:70:09:b4:26:1e:cb:2b:f2:e7:
         2d:5d:1e:d5:24:98:32:0e:b6:50:61:55:e4:b7:73:63:1a:58:
         7e:12:dc:4a:1a:e0:af:b5:32:df:69:66:34:05:1d:19:3c:e9:
         f3:f1:99:31:7c:2d:16:62:d4:29:90:92:ad:27:16:86:22:ba:
         4d:2d:67:2a:c8:b0:21:0e:a3:f2:24:fb:51:4f:29:35:ae:52:
         c8:39:b0:a8:a9:78:9d:84:53:d3:2c:a1:27:cb:e5:fa:10:cd:
         cb:8b:db:d9:c8:8c:84:38:48:05:02:10:b8:d4:89:9b:3d:96:
         cd:3a:78:6f:63:91:70:10:db:10:bc:25:3c:3a:20:cf:db:58:
         1b:05:59:dd:aa:6f:f8:c2:ae:5c:32:ce:f7:d8:58:e0:f9:ce:
         32:e7:74:25:92:52:c7:ba:a3:3e:14:de:48:08:e8:5b:e0:ec:
         e1:b1:37:da:6f:57:f8:2e:73:45:d9:d5:2a:a1:b3:f6:ea:a4:
         d1:de:34:af:90:58:76:ba:b9:e1:e7:39:77:24:8a:31:9d:73:
         27:68:a2:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafCJqpsdjoul53KgBu6Va5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZGVjNjcwYjc4MGMzYmY5NDAxZWYxYzExNWExZDg3ZmU4
ZjdjN2EwHhcNMjUwNTA1MDYwMTAzWhcNMjUwNTA2MDYwMTAzWjAzMTEwLwYDVQQD
EyhhNDU2OWE5OTQ0OTg0ODI0MzEyZmYwOTEyYzViYzRmMjZkNWUyZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyx/NfSaMLuepj0ZNtCgde1KYbvNv
hIUouk/SxU+U2wb/vmL1Z+gTlawJTLx15HMIEP6FnjzVkZbx7RGNJvcsQfWQL58n
J5KSPqU5X/y3GC/9nw1atoSlPAfai5SLBf0tqbhaBiwPZjPniGVmE1HK9SpficNt
p8LXgY1+iep656O02pGh8TAlJfFPqy2+6PBYtpiLTwXIczzCIiYc9RnKLwooG3Qi
iEAPvKwxxfnvppiBYi6hBZx7Y7rhEI7fGszRiYIh0HMhU1Xd33XNrI99JTysaSCe
pBzugNKkaGn680L6K+UbdOIcKWLr4u7x+20ZVYkTNQk9dt6VvQl1GdBbRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRWmplEmEgkMS/wkSxbxPJtXi8TMB8GA1UdIwQY
MBaAFC/exnC3gMO/lAHvHBFaHYf+j3x6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQt
YWIxZDhlOTg0NGFmLzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQtYWIxZDhlOTg0NGFm
LzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbIHRt+K
XASFXxvTFahJ3yPuZbOMwUaMdnJlGzEKU4IkFi7CRY1vqcE+ru/BcAm0Jh7LK/Ln
LV0e1SSYMg62UGFV5LdzYxpYfhLcShrgr7Uy32lmNAUdGTzp8/GZMXwtFmLUKZCS
rScWhiK6TS1nKsiwIQ6j8iT7UU8pNa5SyDmwqKl4nYRT0yyhJ8vl+hDNy4vb2ciM
hDhIBQIQuNSJmz2WzTp4b2ORcBDbELwlPDogz9tYGwVZ3apv+MKuXDLO99hY4PnO
Mud0JZJSx7qjPhTeSAjoW+Ds4bE32m9X+C5zRdnVKqGz9uqk0d40r5BYdrq54ec5
dySKMZ1zJ2iiUA==
-----END CERTIFICATE-----