Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
File:                     MFKpUR4ZpULAuyN4td6PT7RSHb4.mft (raw, json)
Hash identifier:          Bh4MpDWl9JIBMhvkEWbwQA5rODPYaryQ6Qk9RG9SvbI=
Subject key identifier:   F5:FB:89:02:67:34:37:BE:6E:91:99:92:C0:90:FB:FA:C7:93:4E:47
Authority key identifier: 30:52:A9:51:1E:19:A5:42:C0:BB:23:78:B5:DE:8F:4F:B4:52:1D:BE
Certificate issuer:       /CN=3052a9511e19a542c0bb2378b5de8f4fb4521dbe
Certificate serial:       0196741E045248BBE73C25F467AD37ED4B2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
Manifest number:          149D
Signing time:             Sat 26 Apr 2025 22:00:46 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:46 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:46 +0000
Files and hashes:         1: MFKpUR4ZpULAuyN4td6PT7RSHb4.crl (hash: WkzE6wEnhxzwDFfGwKd8eEWG+LTIaA1j3U9r/CGOBWI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:04:52:48:bb:e7:3c:25:f4:67:ad:37:ed:4b:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3052a9511e19a542c0bb2378b5de8f4fb4521dbe
        Validity
            Not Before: Apr 26 22:00:46 2025 GMT
            Not After : Apr 27 22:00:46 2025 GMT
        Subject: CN=f5fb8902673437be6e919992c090fbfac7934e47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:46:18:51:8a:2b:a9:2f:e3:84:55:87:35:d5:
                    44:c6:ec:c1:7b:22:68:2f:65:34:ce:f0:6a:5d:1a:
                    a3:e5:1a:c1:aa:93:23:ad:2f:6a:6f:73:9d:eb:2a:
                    c5:83:7e:75:03:7c:77:60:b1:d9:8e:bd:af:84:53:
                    eb:e1:b5:e4:c0:b4:93:49:df:6a:38:3e:d3:2d:4a:
                    30:4e:d0:70:8a:75:2f:2e:aa:51:d8:e2:cf:da:01:
                    88:7d:da:96:0a:05:d2:74:58:9c:dd:87:41:9b:c3:
                    86:6e:b2:14:58:82:88:60:39:7e:05:58:64:d3:d0:
                    ac:dc:b0:ca:a5:f8:57:68:f8:04:74:b9:65:a6:37:
                    ec:4b:14:42:50:a7:03:5c:a9:09:3f:d6:1a:91:aa:
                    ed:c9:aa:3a:e6:a9:c6:11:d1:8f:d1:93:7c:58:36:
                    a9:3a:47:24:67:57:46:ba:d2:44:64:63:4c:71:7e:
                    a9:67:13:89:9d:5d:60:4c:fb:f7:3a:74:99:87:92:
                    d7:da:76:49:99:f2:f0:cb:ff:95:47:52:d7:1d:a8:
                    ed:dc:87:03:a0:90:32:5c:15:1e:bd:bc:e7:13:ee:
                    d1:dc:3d:f0:98:5a:97:62:13:11:57:fc:c4:19:cf:
                    a9:0c:9c:36:22:da:5c:25:bc:4e:d5:97:3b:a1:50:
                    0a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:FB:89:02:67:34:37:BE:6E:91:99:92:C0:90:FB:FA:C7:93:4E:47
            X509v3 Authority Key Identifier:
                keyid:30:52:A9:51:1E:19:A5:42:C0:BB:23:78:B5:DE:8F:4F:B4:52:1D:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:85:8d:60:57:9f:83:b8:a6:e4:15:55:7e:1d:39:5a:f0:85:
         86:64:dd:20:9b:a6:ba:42:88:46:80:81:66:60:84:45:a9:81:
         33:4b:09:9d:c8:9b:6e:4e:94:6f:cb:e2:5d:28:59:3b:a2:28:
         08:11:3a:15:c9:48:dc:69:ae:25:6c:58:18:f9:f6:9b:07:88:
         38:3d:91:12:23:2a:5b:ef:ef:8a:c5:11:ab:cf:6b:20:b2:1e:
         07:68:82:1d:c2:9f:6e:73:17:a1:4a:00:05:32:a3:05:f3:53:
         49:6c:15:d6:f9:f8:7f:00:41:ca:96:23:a6:5b:60:a9:2a:e1:
         68:48:5b:63:f5:61:8c:07:92:2b:60:51:8f:73:0a:dd:d5:f1:
         ee:7e:62:1f:d1:7c:bb:10:c2:a4:4d:54:ed:5c:d7:79:f4:4b:
         ac:b9:cb:d9:4b:c8:86:43:d2:ab:34:ae:86:29:95:85:71:67:
         c8:22:b7:10:ec:99:c3:06:06:39:73:ae:0e:c0:2f:7a:c5:b2:
         c4:a7:ca:89:50:3a:d8:a0:6e:ab:67:c2:03:a6:e3:77:59:35:
         ce:45:d3:b3:26:e0:d9:e8:27:87:32:72:30:e7:e0:31:4f:91:
         4b:5f:6a:15:6e:c6:69:51:c6:fe:6d:6b:f6:f5:d5:d9:f8:21:
         26:75:d9:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HgRSSLvnPCX0Z6037UsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTJhOTUxMWUxOWE1NDJjMGJiMjM3OGI1ZGU4ZjRmYjQ1
MjFkYmUwHhcNMjUwNDI2MjIwMDQ2WhcNMjUwNDI3MjIwMDQ2WjAzMTEwLwYDVQQD
EyhmNWZiODkwMjY3MzQzN2JlNmU5MTk5OTJjMDkwZmJmYWM3OTM0ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEYYUYorqS/jhFWHNdVExuzBeyJo
L2U0zvBqXRqj5RrBqpMjrS9qb3Od6yrFg351A3x3YLHZjr2vhFPr4bXkwLSTSd9q
OD7TLUowTtBwinUvLqpR2OLP2gGIfdqWCgXSdFic3YdBm8OGbrIUWIKIYDl+BVhk
09Cs3LDKpfhXaPgEdLllpjfsSxRCUKcDXKkJP9Yakartyao65qnGEdGP0ZN8WDap
OkckZ1dGutJEZGNMcX6pZxOJnV1gTPv3OnSZh5LX2nZJmfLwy/+VR1LXHajt3IcD
oJAyXBUevbznE+7R3D3wmFqXYhMRV/zEGc+pDJw2ItpcJbxO1Zc7oVAKBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPX7iQJnNDe+bpGZksCQ+/rHk05HMB8GA1UdIwQY
MBaAFDBSqVEeGaVCwLsjeLXej0+0Uh2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMzVhMWQtOTRlOS00ZWI0LTgzZjQt
MDIwZTE4NTFlOTQzLzEvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMzVhMWQtOTRlOS00ZWI0LTgzZjQtMDIwZTE4NTFlOTQz
LzEvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv4WNYFef
g7im5BVVfh05WvCFhmTdIJumukKIRoCBZmCERamBM0sJncibbk6Ub8viXShZO6Io
CBE6FclI3GmuJWxYGPn2mweIOD2REiMqW+/visURq89rILIeB2iCHcKfbnMXoUoA
BTKjBfNTSWwV1vn4fwBBypYjpltgqSrhaEhbY/VhjAeSK2BRj3MK3dXx7n5iH9F8
uxDCpE1U7VzXefRLrLnL2UvIhkPSqzSuhimVhXFnyCK3EOyZwwYGOXOuDsAvesWy
xKfKiVA62KBuq2fCA6bjd1k1zkXTsybg2egnhzJyMOfgMU+RS19qFW7GaVHG/m1r
9vXV2fghJnXZrw==
-----END CERTIFICATE-----