Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          CWt2QOyTETciK8wUe2G2ZlFKTz3pl/QPwYAKE/UIkqY=
Subject key identifier:   DD:9A:DC:2F:1B:36:F0:63:BC:C3:3E:7D:E0:B1:97:BF:80:2A:19:EC
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       019674C24DD167020B006D3EF5F2DA96F85E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 01:00:12 +0000
Manifest this update:     Sun 27 Apr 2025 01:00:12 +0000
Manifest next update:     Mon 28 Apr 2025 01:00:12 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: EMs2hI4/72WX2uwryGCeWx+89ugl3eAVBHuVgLEclFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 01:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:c2:4d:d1:67:02:0b:00:6d:3e:f5:f2:da:96:f8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Apr 27 01:00:12 2025 GMT
            Not After : Apr 28 01:00:12 2025 GMT
        Subject: CN=dd9adc2f1b36f063bcc33e7de0b197bf802a19ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:85:5f:1c:de:1c:f4:b8:ef:02:8d:dd:82:10:
                    d8:56:b2:d0:b2:f9:74:77:5d:c5:3c:9c:cc:1b:d0:
                    4d:33:75:d5:59:55:15:9f:30:00:66:5c:df:9d:a9:
                    e9:fe:40:6f:d4:2a:61:ae:a0:19:9f:c7:5e:20:08:
                    f8:b7:5a:82:62:29:c1:f5:5c:bf:de:2b:c1:3d:7a:
                    71:8d:0f:07:78:0a:29:4f:82:ec:95:cb:9d:4e:d5:
                    23:9e:6a:97:31:74:f8:12:9f:dd:b3:79:90:4c:31:
                    68:bb:a6:07:ed:ed:ce:c1:42:84:ab:63:f0:fd:8c:
                    85:4d:89:2a:a9:f7:74:d3:52:fd:b7:98:f7:ca:f5:
                    54:4a:50:88:b2:76:cd:a4:31:3f:98:b8:60:a7:b3:
                    ca:0b:69:db:49:79:23:a5:50:81:11:3e:08:93:2c:
                    68:31:ee:2b:aa:e4:8f:ac:1c:77:18:21:f2:97:05:
                    e7:ac:02:c7:62:39:3f:ed:b6:0d:a0:83:dc:d4:e0:
                    6d:46:ef:c6:52:bb:ac:c2:d2:53:f3:f1:5c:94:bd:
                    ba:c1:18:07:8a:5a:b5:20:4c:85:3e:a1:a9:9c:bd:
                    70:5e:13:7b:1b:46:94:ca:e9:4e:86:ae:4e:92:3c:
                    cc:17:96:8d:ea:3a:2b:da:67:e5:37:6b:9f:54:0f:
                    6e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:9A:DC:2F:1B:36:F0:63:BC:C3:3E:7D:E0:B1:97:BF:80:2A:19:EC
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:37:94:5b:c9:18:d4:00:b8:b1:fb:b8:da:45:b2:40:3a:50:
         69:7e:d5:7f:f3:05:7f:d3:2a:11:57:92:dc:c3:bf:ea:aa:82:
         44:7b:8a:27:54:c9:7a:43:40:ae:bb:ba:7a:41:1d:8e:a4:f4:
         8f:42:b0:99:7f:21:e7:26:3d:c1:d0:6c:56:06:e1:16:a8:2a:
         51:15:68:98:e2:aa:d0:f5:43:cc:f1:96:eb:f9:89:72:b7:c2:
         1d:8f:8a:47:e4:f1:2d:4e:33:12:61:d7:13:eb:1b:32:2e:4a:
         b0:e3:8f:12:72:be:8a:81:66:cc:58:d3:30:7c:4f:97:74:96:
         88:c0:c8:6f:bf:ad:23:72:1d:3c:62:b7:13:95:d8:1e:8f:5b:
         95:9c:81:48:99:5c:0f:98:3f:f9:3d:00:be:12:ba:48:af:37:
         cd:5a:3d:b9:ad:57:aa:29:b5:38:17:87:74:b1:ed:1b:b1:61:
         34:62:3f:dc:3a:52:44:d9:fa:c6:62:19:cb:1e:6f:43:ec:21:
         36:ba:9f:0a:29:29:3a:4b:26:f8:c4:5d:a7:3b:0c:db:62:ca:
         41:f1:96:a0:a3:d8:28:d8:f8:68:d7:3b:d9:08:1f:1f:44:48:
         bc:0d:31:93:e2:89:bd:fa:27:36:b4:9a:bb:cb:03:fa:5c:4b:
         21:95:21:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0wk3RZwILAG0+9fLalvheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUwNDI3MDEwMDEyWhcNMjUwNDI4MDEwMDEyWjAzMTEwLwYDVQQD
EyhkZDlhZGMyZjFiMzZmMDYzYmNjMzNlN2RlMGIxOTdiZjgwMmExOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4VfHN4c9LjvAo3dghDYVrLQsvl0
d13FPJzMG9BNM3XVWVUVnzAAZlzfnanp/kBv1CphrqAZn8deIAj4t1qCYinB9Vy/
3ivBPXpxjQ8HeAopT4LslcudTtUjnmqXMXT4Ep/ds3mQTDFou6YH7e3OwUKEq2Pw
/YyFTYkqqfd001L9t5j3yvVUSlCIsnbNpDE/mLhgp7PKC2nbSXkjpVCBET4Ikyxo
Me4rquSPrBx3GCHylwXnrALHYjk/7bYNoIPc1OBtRu/GUruswtJT8/FclL26wRgH
ilq1IEyFPqGpnL1wXhN7G0aUyulOhq5OkjzMF5aN6jor2mflN2ufVA9u4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2a3C8bNvBjvMM+feCxl7+AKhnsMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTeUW8kY
1AC4sfu42kWyQDpQaX7Vf/MFf9MqEVeS3MO/6qqCRHuKJ1TJekNArru6ekEdjqT0
j0KwmX8h5yY9wdBsVgbhFqgqURVomOKq0PVDzPGW6/mJcrfCHY+KR+TxLU4zEmHX
E+sbMi5KsOOPEnK+ioFmzFjTMHxPl3SWiMDIb7+tI3IdPGK3E5XYHo9blZyBSJlc
D5g/+T0AvhK6SK83zVo9ua1Xqim1OBeHdLHtG7FhNGI/3DpSRNn6xmIZyx5vQ+wh
NrqfCikpOksm+MRdpzsM22LKQfGWoKPYKNj4aNc72QgfH0RIvA0xk+KJvfonNrSa
u8sD+lxLIZUhGQ==
-----END CERTIFICATE-----