Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
File:                     S4UouKy8h0J2SlgajZeaGEKVZj4.mft (raw, json)
Hash identifier:          WZJD2RelIDEFSTkSSTl6rzJtYLXEtylPrWBjanJpq60=
Subject key identifier:   EA:95:74:3C:57:27:AB:C2:DA:A4:DA:C6:AC:3C:3B:82:0F:21:79:DA
Authority key identifier: 4B:85:28:B8:AC:BC:87:42:76:4A:58:1A:8D:97:9A:18:42:95:66:3E
Certificate issuer:       /CN=4b8528b8acbc8742764a581a8d979a184295663e
Certificate serial:       0197B6D7311C06629C4A04675F3C2B82A49F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
Manifest number:          0364
Signing time:             Sat 28 Jun 2025 14:00:45 +0000
Manifest this update:     Sat 28 Jun 2025 14:00:45 +0000
Manifest next update:     Sun 29 Jun 2025 14:00:45 +0000
Files and hashes:         1: S4UouKy8h0J2SlgajZeaGEKVZj4.crl (hash: 35MQSZygMK8ebLfC4JpcojI0ZDHT4oF0krUvhPT/Uf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:31:1c:06:62:9c:4a:04:67:5f:3c:2b:82:a4:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b8528b8acbc8742764a581a8d979a184295663e
        Validity
            Not Before: Jun 28 14:00:45 2025 GMT
            Not After : Jun 29 14:00:45 2025 GMT
        Subject: CN=ea95743c5727abc2daa4dac6ac3c3b820f2179da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:06:bc:41:30:03:d3:78:55:bb:56:6a:10:8f:
                    84:d3:1b:24:9c:28:ae:74:76:12:17:d8:b6:0b:04:
                    fc:73:f4:4a:1a:71:f5:1d:23:b3:0f:2c:16:3c:7f:
                    68:de:d1:e8:a4:16:73:9c:32:69:c6:9c:d9:7d:f7:
                    92:69:67:e4:36:04:51:da:5d:69:92:19:74:b6:87:
                    6c:8e:22:e3:f6:74:69:39:39:86:11:67:37:3d:90:
                    72:1b:07:9b:f0:60:3f:71:ac:5e:88:33:1e:7f:ca:
                    28:21:3f:cc:c7:23:77:1d:77:2b:b0:2d:bb:d3:a7:
                    1b:d4:88:71:ea:83:b8:2f:1b:c8:11:1e:ac:05:4e:
                    cd:43:53:b0:50:37:6d:7e:8e:75:f0:5e:22:2a:63:
                    15:8a:52:c4:92:52:75:5b:7e:26:6c:14:92:1a:9b:
                    64:b4:81:d1:c1:ff:d5:27:ab:8f:7e:be:e8:d4:d8:
                    38:d2:f1:1c:f6:e0:d4:e1:e3:98:61:9b:22:86:ab:
                    5a:c0:22:67:a1:4b:aa:c9:15:fa:17:1a:e5:86:81:
                    1f:fa:32:a7:24:c1:1a:ad:d1:ba:9d:d2:81:60:9b:
                    59:8f:6d:7a:94:71:30:96:2a:5b:3c:7f:a8:b0:49:
                    20:46:6e:33:2d:75:ef:93:c0:47:83:0a:d9:07:1c:
                    a0:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:95:74:3C:57:27:AB:C2:DA:A4:DA:C6:AC:3C:3B:82:0F:21:79:DA
            X509v3 Authority Key Identifier:
                keyid:4B:85:28:B8:AC:BC:87:42:76:4A:58:1A:8D:97:9A:18:42:95:66:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:4f:09:e0:cb:f0:84:0e:b7:c8:b8:52:74:c6:4b:c5:ab:d4:
         24:cc:9a:f7:9d:ae:29:ab:ef:60:59:63:db:d6:2d:50:a9:d8:
         36:72:3d:7f:b9:7a:a6:a2:e1:48:b5:bb:6d:22:e1:ee:ca:b6:
         51:25:0c:cf:da:cd:24:a9:80:2d:2d:3e:77:d4:bf:0b:7f:bc:
         1a:d8:98:f7:a8:64:1d:f4:a4:c6:7b:ea:1b:df:31:b0:68:4d:
         90:c8:23:ab:d8:89:58:0f:42:3a:f1:80:97:23:66:6b:4e:80:
         58:01:32:8e:59:87:29:4a:f8:f5:61:02:6d:19:11:bd:8d:0d:
         0c:c9:65:2c:e2:8f:80:9d:e3:d4:27:f8:57:7a:99:c4:b0:72:
         82:9d:62:24:14:f6:d4:83:eb:b7:0f:e0:a4:0c:6f:54:31:e5:
         c9:40:95:c9:7e:84:3d:8a:ee:85:98:90:6f:0c:4b:f6:91:12:
         f2:33:7a:58:d3:59:7f:11:55:fd:71:89:43:77:30:97:70:cb:
         75:41:e6:28:ba:14:2e:bc:c5:f6:46:62:af:1d:2d:b3:14:07:
         3b:88:50:bb:9b:b6:eb:d2:96:a1:6b:54:85:70:3f:9c:8e:4a:
         e1:78:27:08:81:fb:5e:c8:79:c0:37:7e:34:0e:b1:dd:71:db:
         44:4a:cb:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe21zEcBmKcSgRnXzwrgqSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiODUyOGI4YWNiYzg3NDI3NjRhNTgxYThkOTc5YTE4NDI5
NTY2M2UwHhcNMjUwNjI4MTQwMDQ1WhcNMjUwNjI5MTQwMDQ1WjAzMTEwLwYDVQQD
EyhlYTk1NzQzYzU3MjdhYmMyZGFhNGRhYzZhYzNjM2I4MjBmMjE3OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQa8QTAD03hVu1ZqEI+E0xsknCiu
dHYSF9i2CwT8c/RKGnH1HSOzDywWPH9o3tHopBZznDJpxpzZffeSaWfkNgRR2l1p
khl0todsjiLj9nRpOTmGEWc3PZByGweb8GA/caxeiDMef8ooIT/MxyN3HXcrsC27
06cb1Ihx6oO4LxvIER6sBU7NQ1OwUDdtfo518F4iKmMVilLEklJ1W34mbBSSGptk
tIHRwf/VJ6uPfr7o1Ng40vEc9uDU4eOYYZsihqtawCJnoUuqyRX6FxrlhoEf+jKn
JMEardG6ndKBYJtZj216lHEwlipbPH+osEkgRm4zLXXvk8BHgwrZBxygrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqVdDxXJ6vC2qTaxqw8O4IPIXnaMB8GA1UdIwQY
MBaAFEuFKLisvIdCdkpYGo2XmhhClWY+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzc3ZTYtMGU1OC00MzQ1LWIwYTQt
NGNiZDIyOTE3ZDY1LzEvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzc3ZTYtMGU1OC00MzQ1LWIwYTQtNGNiZDIyOTE3ZDY1
LzEvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe08J4Mvw
hA63yLhSdMZLxavUJMya952uKavvYFlj29YtUKnYNnI9f7l6pqLhSLW7bSLh7sq2
USUMz9rNJKmALS0+d9S/C3+8GtiY96hkHfSkxnvqG98xsGhNkMgjq9iJWA9COvGA
lyNma06AWAEyjlmHKUr49WECbRkRvY0NDMllLOKPgJ3j1Cf4V3qZxLBygp1iJBT2
1IPrtw/gpAxvVDHlyUCVyX6EPYruhZiQbwxL9pES8jN6WNNZfxFV/XGJQ3cwl3DL
dUHmKLoULrzF9kZirx0tsxQHO4hQu5u269KWoWtUhXA/nI5K4XgnCIH7Xsh5wDd+
NA6x3XHbRErLag==
-----END CERTIFICATE-----