Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          BHkSfM5/TS53aGXbcDbvUauqXCtTEIW6Dr66Bu36lNM=
Subject key identifier:   CF:0A:07:38:10:64:F5:2D:CD:EA:E4:17:E8:F2:AC:72:A8:59:A2:D7
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       0196B85A3EF2693F96B8EA9696113091E036
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          0445
Signing time:             Sat 10 May 2025 04:00:44 +0000
Manifest this update:     Sat 10 May 2025 04:00:44 +0000
Manifest next update:     Sun 11 May 2025 04:00:44 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: EhrF2Dkfg5geNG9eF8P7w59cg4a+mvdSleAIEQWkmvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:5a:3e:f2:69:3f:96:b8:ea:96:96:11:30:91:e0:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: May 10 04:00:44 2025 GMT
            Not After : May 11 04:00:44 2025 GMT
        Subject: CN=cf0a07381064f52dcdeae417e8f2ac72a859a2d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:88:99:2d:ed:54:7d:96:f8:fa:02:88:6a:72:
                    f6:e3:90:89:01:b1:6c:25:11:5c:22:05:31:21:7a:
                    3d:0c:a2:bd:5b:dc:a4:9b:6a:6e:5a:17:f6:aa:ad:
                    a0:19:76:77:e6:a6:80:a5:9c:ad:3d:36:e1:4f:f7:
                    b1:1a:eb:e2:6c:eb:85:32:5d:bd:00:7d:59:87:8c:
                    c5:d9:e9:46:9b:a4:9b:2d:23:8d:59:4b:83:5b:17:
                    cf:ad:e5:a2:29:9c:68:00:3c:de:ec:87:a1:c8:69:
                    1c:7d:8c:17:89:be:b7:30:47:b6:3a:c7:2c:0c:ad:
                    20:eb:1d:b5:ff:f8:89:0b:64:a5:86:71:92:96:09:
                    ed:27:0b:b5:bb:14:19:7f:7b:f2:b2:c3:7f:cd:c4:
                    c5:fd:87:d9:3b:69:e0:f7:cf:a0:a2:f9:99:e3:22:
                    09:62:72:10:8f:8b:3d:8a:37:65:1a:d9:8c:ff:03:
                    5f:df:43:7e:1b:d7:c1:04:ee:ec:f4:66:ed:39:a6:
                    c9:05:09:1c:c1:d8:14:ee:7f:d8:1a:20:dc:04:fc:
                    30:8e:8e:d9:2d:e5:b1:6c:9a:c5:53:f0:6a:6c:60:
                    b6:0e:3b:6e:36:00:b1:c8:61:c0:2c:0b:b6:f9:58:
                    d0:0e:b5:67:51:0e:ec:35:c1:46:f2:9c:fa:e2:bd:
                    92:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:0A:07:38:10:64:F5:2D:CD:EA:E4:17:E8:F2:AC:72:A8:59:A2:D7
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:c9:0b:a4:93:56:b6:ca:fd:33:19:6e:4b:18:47:df:c8:7d:
         51:b0:8e:28:db:49:99:b2:47:be:f0:d0:46:26:de:c5:6e:2c:
         37:94:55:44:cf:94:4a:9d:ba:4c:f8:91:09:4e:50:84:c0:17:
         4f:c5:e1:47:18:24:34:ae:6f:e7:a0:68:b7:66:b9:c0:f6:7c:
         a0:66:a7:60:c4:80:12:b8:51:4c:b8:29:fd:57:ad:81:51:84:
         e6:34:ea:d4:3f:6b:7f:ef:d7:c5:f4:82:a7:c7:19:6c:a7:26:
         99:c3:68:ce:54:65:37:f1:9a:42:a9:3f:0a:4a:30:fc:98:0b:
         3e:87:33:e5:b5:04:09:6c:d6:2d:cc:34:08:bb:5f:91:05:37:
         ee:5d:a6:f0:7c:51:3c:ac:27:0c:63:98:a9:6a:c2:0e:c4:fa:
         b3:a8:ee:cb:86:c8:d8:cb:70:46:a0:a3:3f:dd:bc:d0:8d:08:
         5b:97:e2:99:8b:31:60:99:d5:d3:ff:95:f6:e4:82:53:cf:b3:
         1b:17:5e:5f:e9:e2:68:7c:14:73:fb:22:4a:3d:8e:90:21:a4:
         c6:f1:fd:66:ea:52:a2:6b:84:40:7a:be:f4:bf:b1:40:32:6c:
         5e:95:99:ee:6b:34:0b:36:36:17:50:cb:6c:a2:c7:1e:6b:69:
         65:e5:a6:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4Wj7yaT+WuOqWlhEwkeA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwNTEwMDQwMDQ0WhcNMjUwNTExMDQwMDQ0WjAzMTEwLwYDVQQD
EyhjZjBhMDczODEwNjRmNTJkY2RlYWU0MTdlOGYyYWM3MmE4NTlhMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIiZLe1UfZb4+gKIanL245CJAbFs
JRFcIgUxIXo9DKK9W9ykm2puWhf2qq2gGXZ35qaApZytPTbhT/exGuvibOuFMl29
AH1Zh4zF2elGm6SbLSONWUuDWxfPreWiKZxoADze7IehyGkcfYwXib63MEe2Oscs
DK0g6x21//iJC2SlhnGSlgntJwu1uxQZf3vyssN/zcTF/YfZO2ng98+govmZ4yIJ
YnIQj4s9ijdlGtmM/wNf30N+G9fBBO7s9GbtOabJBQkcwdgU7n/YGiDcBPwwjo7Z
LeWxbJrFU/BqbGC2DjtuNgCxyGHALAu2+VjQDrVnUQ7sNcFG8pz64r2SJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8KBzgQZPUtzerkF+jyrHKoWaLXMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtskLpJNW
tsr9MxluSxhH38h9UbCOKNtJmbJHvvDQRibexW4sN5RVRM+USp26TPiRCU5QhMAX
T8XhRxgkNK5v56Bot2a5wPZ8oGanYMSAErhRTLgp/VetgVGE5jTq1D9rf+/XxfSC
p8cZbKcmmcNozlRlN/GaQqk/Ckow/JgLPocz5bUECWzWLcw0CLtfkQU37l2m8HxR
PKwnDGOYqWrCDsT6s6juy4bI2MtwRqCjP9280I0IW5fimYsxYJnV0/+V9uSCU8+z
GxdeX+niaHwUc/siSj2OkCGkxvH9ZupSomuEQHq+9L+xQDJsXpWZ7ms0CzY2F1DL
bKLHHmtpZeWmbw==
-----END CERTIFICATE-----