Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          rqCTc7asQT3EOhpBWyOEQUzGqHcp9CTaY7GI3JX5YEc=
Subject key identifier:   41:DA:EC:F9:B4:D8:F3:D5:98:53:11:8B:45:FF:2C:0A:4B:9C:4C:60
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       0196D02B3CACD25846D16FA8ABAB4EDFF0A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          099C
Signing time:             Wed 14 May 2025 19:00:16 +0000
Manifest this update:     Wed 14 May 2025 19:00:16 +0000
Manifest next update:     Thu 15 May 2025 19:00:16 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: 4If2QYlEIEd3/M0vw9qCoJJMR7HvvVWDtmPt1k9kVyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d0:2b:3c:ac:d2:58:46:d1:6f:a8:ab:ab:4e:df:f0:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: May 14 19:00:16 2025 GMT
            Not After : May 15 19:00:16 2025 GMT
        Subject: CN=41daecf9b4d8f3d59853118b45ff2c0a4b9c4c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:99:3e:c2:80:55:0f:b0:be:b9:4a:b8:96:ce:
                    f6:2d:8d:8c:42:0c:12:c1:4f:de:32:9e:c1:99:1e:
                    e2:98:fe:8e:af:e8:0b:cc:2e:3e:99:55:c8:77:8b:
                    5b:fc:ad:3a:55:06:db:17:45:cb:ae:7d:cd:63:d8:
                    3f:1e:b8:2e:1d:02:a6:99:c3:d0:a6:07:20:71:d5:
                    7d:d1:dd:bf:66:9d:a5:57:c6:2a:4a:da:e0:81:4d:
                    22:19:43:77:34:f6:02:62:46:6e:71:db:f3:1a:a2:
                    a6:25:0a:c3:a8:a9:de:4a:60:69:a9:62:11:4e:5e:
                    72:70:f2:9d:a3:3a:54:1a:2b:56:cb:5f:05:d0:7e:
                    45:7e:98:c8:23:a4:4f:bb:36:e7:83:18:17:9e:43:
                    35:6c:0f:50:9e:47:61:eb:83:7a:81:0c:ec:aa:1f:
                    ac:9d:4e:29:46:f0:e7:df:0d:d8:ce:1b:9d:61:f0:
                    b3:bc:68:02:6a:3b:d4:1a:bb:31:a8:f7:d3:33:39:
                    49:5b:74:ee:8a:f7:70:b0:5a:de:1f:26:49:ef:98:
                    f6:8a:7d:68:d0:17:38:44:24:41:5e:3e:30:85:09:
                    a3:76:f2:75:e2:86:3c:4b:9a:fd:e2:e5:0b:ce:4b:
                    ee:38:34:ba:08:5c:9e:11:f4:c4:72:74:20:93:8d:
                    f1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:DA:EC:F9:B4:D8:F3:D5:98:53:11:8B:45:FF:2C:0A:4B:9C:4C:60
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:4f:8f:f6:82:54:44:33:a9:cb:c5:0a:f9:d8:06:5b:ef:72:
         06:db:aa:38:64:32:d0:18:65:4f:09:eb:7b:a2:fa:10:3a:78:
         13:5b:c8:03:ec:be:2f:3f:93:04:f6:6d:5d:af:ee:05:9f:67:
         7c:ae:0f:d4:26:e8:c0:a4:d9:cb:e6:e5:46:b1:d9:21:b7:6b:
         87:f3:56:b7:cb:02:19:51:22:ab:31:73:79:3e:2b:ea:4e:31:
         d3:7f:f3:fe:3e:ea:67:77:f7:9b:8c:26:ae:7c:f8:9d:c4:de:
         cf:6c:86:a2:54:b8:e5:7f:2d:d1:e7:89:05:98:b5:5e:5a:cc:
         32:96:0e:1b:62:32:5a:6c:04:25:10:46:0c:de:84:e8:50:b0:
         d0:3b:ee:f0:04:fd:14:97:cb:d4:28:ca:ab:ad:e9:75:cf:cc:
         5e:5c:8f:af:9d:d3:e3:56:2c:9a:3c:8a:9d:9f:79:eb:86:7b:
         40:8a:28:80:39:3a:aa:1e:36:c9:1f:4c:2c:c6:56:ff:fc:c4:
         79:80:9f:33:0d:60:30:9d:91:9e:f9:b6:5a:70:a9:d5:a7:d0:
         86:65:9d:41:f4:0c:60:9f:87:4e:cd:97:ca:f6:7f:a8:80:b7:
         dc:af:cb:5d:cd:05:fe:23:db:44:1c:37:65:6a:88:54:ac:c6:
         77:01:71:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbQKzys0lhG0W+oq6tO3/CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwNTE0MTkwMDE2WhcNMjUwNTE1MTkwMDE2WjAzMTEwLwYDVQQD
Eyg0MWRhZWNmOWI0ZDhmM2Q1OTg1MzExOGI0NWZmMmMwYTRiOWM0YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJk+woBVD7C+uUq4ls72LY2MQgwS
wU/eMp7BmR7imP6Or+gLzC4+mVXId4tb/K06VQbbF0XLrn3NY9g/HrguHQKmmcPQ
pgcgcdV90d2/Zp2lV8YqStrggU0iGUN3NPYCYkZucdvzGqKmJQrDqKneSmBpqWIR
Tl5ycPKdozpUGitWy18F0H5FfpjII6RPuzbngxgXnkM1bA9Qnkdh64N6gQzsqh+s
nU4pRvDn3w3YzhudYfCzvGgCajvUGrsxqPfTMzlJW3TuivdwsFreHyZJ75j2in1o
0Bc4RCRBXj4whQmjdvJ14oY8S5r94uULzkvuODS6CFyeEfTEcnQgk43xywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHa7Pm02PPVmFMRi0X/LApLnExgMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0+P9oJU
RDOpy8UK+dgGW+9yBtuqOGQy0BhlTwnre6L6EDp4E1vIA+y+Lz+TBPZtXa/uBZ9n
fK4P1CbowKTZy+blRrHZIbdrh/NWt8sCGVEiqzFzeT4r6k4x03/z/j7qZ3f3m4wm
rnz4ncTez2yGolS45X8t0eeJBZi1XlrMMpYOG2IyWmwEJRBGDN6E6FCw0Dvu8AT9
FJfL1CjKq63pdc/MXlyPr53T41YsmjyKnZ9564Z7QIoogDk6qh42yR9MLMZW//zE
eYCfMw1gMJ2Rnvm2WnCp1afQhmWdQfQMYJ+HTs2XyvZ/qIC33K/LXc0F/iPbRBw3
ZWqIVKzGdwFx5w==
-----END CERTIFICATE-----