Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          XNTJT67FsrnwD3PNct9tCZLfkF8eJx6YsuqILxpPi3Y=
Subject key identifier:   6F:82:EC:87:B2:A3:F5:CB:47:A9:A9:FA:AB:97:DD:4A:8B:2D:4A:69
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       0196DB1CEA4DAAC81ABBAB12DC48A0A6974E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0147
Signing time:             Fri 16 May 2025 22:00:27 +0000
Manifest this update:     Fri 16 May 2025 22:00:27 +0000
Manifest next update:     Sat 17 May 2025 22:00:27 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: po9zznlLHrRbup6lDUB6JndIEfP87D9it81hz9jk9VU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:db:1c:ea:4d:aa:c8:1a:bb:ab:12:dc:48:a0:a6:97:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: May 16 22:00:27 2025 GMT
            Not After : May 17 22:00:27 2025 GMT
        Subject: CN=6f82ec87b2a3f5cb47a9a9faab97dd4a8b2d4a69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fb:c6:4e:8e:df:dc:02:7a:38:a2:1c:94:ab:
                    cc:58:4d:a2:ca:41:ef:bf:44:8d:d7:ac:0d:8f:80:
                    90:2d:e1:04:f6:ca:dc:26:be:8b:e2:06:d6:b2:1a:
                    ff:52:36:4d:ac:04:19:53:c8:71:7e:31:53:52:72:
                    54:13:bb:65:83:4c:a5:8d:40:c5:79:bd:d3:18:96:
                    a7:90:7a:86:ce:5a:b0:aa:d1:7b:67:f1:ad:d5:40:
                    70:51:05:46:15:e8:9f:a7:38:e5:b7:0f:a3:56:69:
                    c7:ab:03:70:28:ae:d4:6f:61:b6:0f:56:13:71:74:
                    4a:3a:1c:9a:7e:5e:11:1e:cf:dc:d8:4e:2c:eb:0c:
                    96:d1:89:f8:fc:4f:f1:43:15:1c:a0:e5:1d:ee:5c:
                    fb:fa:cb:9b:4b:dd:04:2f:9c:87:1a:5e:a4:54:5d:
                    ec:43:85:e3:07:0d:6e:d4:c4:cc:0b:6d:09:76:31:
                    80:a9:13:ad:58:96:5c:91:13:82:2c:9a:b4:f2:be:
                    6b:0d:49:c9:3e:a8:76:16:6e:23:be:23:cb:da:5f:
                    95:95:0d:67:2f:7a:2a:39:6d:b9:d4:37:68:11:bc:
                    fd:64:39:a3:b7:8e:c2:0f:02:fe:33:33:1c:ed:f3:
                    a0:46:38:4b:18:b4:95:8b:fd:eb:be:e5:b0:6f:63:
                    3b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:82:EC:87:B2:A3:F5:CB:47:A9:A9:FA:AB:97:DD:4A:8B:2D:4A:69
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:ba:82:5d:ce:7a:ae:dd:a7:5e:5d:f9:ce:31:75:a2:33:3f:
         85:9a:b3:20:c9:3d:5b:8e:92:7d:9e:d0:0c:21:c4:8f:1c:1c:
         b8:88:8e:41:8a:06:bb:ae:1e:4f:d3:5c:bf:39:3b:34:ca:b3:
         82:4f:c3:d1:22:00:ff:7b:f5:da:06:e6:6e:c2:85:40:7c:bc:
         0d:58:aa:eb:ce:65:04:4f:ab:f2:46:ba:79:eb:58:99:28:75:
         21:63:75:84:ca:cc:2d:d9:2f:28:cc:a9:ff:36:8d:d9:71:3f:
         b4:f6:48:a4:65:d3:4a:db:9c:11:0d:c3:c0:69:0e:7b:ba:b1:
         6a:79:f8:51:66:e2:b6:46:04:4b:c7:ec:1d:b5:c5:63:7a:95:
         70:cb:a7:0f:64:9f:67:cd:81:52:cb:a2:be:9a:6a:32:f7:88:
         64:98:98:8b:47:1a:59:7e:ac:4a:ea:b1:26:bd:c1:1a:86:f0:
         f6:4a:24:9e:bd:51:6b:a2:64:6c:d7:f7:2d:45:32:f5:a1:ef:
         0a:a2:a8:b1:0a:80:e2:01:a5:e8:94:a7:69:ee:37:95:85:60:
         f9:4e:a9:0b:67:20:ec:37:38:f9:f7:c5:13:33:2d:8b:46:a5:
         57:c3:1b:21:86:7f:e3:5d:3b:1b:43:f2:52:36:fd:40:4b:c7:
         08:dd:6f:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbbHOpNqsgau6sS3EigppdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwNTE2MjIwMDI3WhcNMjUwNTE3MjIwMDI3WjAzMTEwLwYDVQQD
Eyg2ZjgyZWM4N2IyYTNmNWNiNDdhOWE5ZmFhYjk3ZGQ0YThiMmQ0YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfvGTo7f3AJ6OKIclKvMWE2iykHv
v0SN16wNj4CQLeEE9srcJr6L4gbWshr/UjZNrAQZU8hxfjFTUnJUE7tlg0yljUDF
eb3TGJankHqGzlqwqtF7Z/Gt1UBwUQVGFeifpzjltw+jVmnHqwNwKK7Ub2G2D1YT
cXRKOhyafl4RHs/c2E4s6wyW0Yn4/E/xQxUcoOUd7lz7+subS90EL5yHGl6kVF3s
Q4XjBw1u1MTMC20JdjGAqROtWJZckROCLJq08r5rDUnJPqh2Fm4jviPL2l+VlQ1n
L3oqOW251DdoEbz9ZDmjt47CDwL+MzMc7fOgRjhLGLSVi/3rvuWwb2M7tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+C7Ieyo/XLR6mp+quX3UqLLUppMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAobqCXc56
rt2nXl35zjF1ojM/hZqzIMk9W46SfZ7QDCHEjxwcuIiOQYoGu64eT9Ncvzk7NMqz
gk/D0SIA/3v12gbmbsKFQHy8DViq685lBE+r8ka6eetYmSh1IWN1hMrMLdkvKMyp
/zaN2XE/tPZIpGXTStucEQ3DwGkOe7qxann4UWbitkYES8fsHbXFY3qVcMunD2Sf
Z82BUsuivppqMveIZJiYi0caWX6sSuqxJr3BGobw9koknr1Ra6JkbNf3LUUy9aHv
CqKosQqA4gGl6JSnae43lYVg+U6pC2cg7Dc4+ffFEzMti0alV8MbIYZ/4107G0Py
Ujb9QEvHCN1vEg==
-----END CERTIFICATE-----