Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          GazZb0Joti/OsohFWYAD3gnkRMPp7sJS/+mQk/LAV/I=
Subject key identifier:   14:54:61:B0:93:1A:45:77:7D:0C:B4:F8:AD:77:54:C5:D2:09:01:03
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       019675678E54F7CA6A34D373C14E7C1FBB16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          119F
Signing time:             Sun 27 Apr 2025 04:00:42 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:42 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:42 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: 1IlELEdAYmUn7k28S+oaahhV2qixf4g5X9imv1GuFvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:8e:54:f7:ca:6a:34:d3:73:c1:4e:7c:1f:bb:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Apr 27 04:00:42 2025 GMT
            Not After : Apr 28 04:00:42 2025 GMT
        Subject: CN=145461b0931a45777d0cb4f8ad7754c5d2090103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:74:b5:8c:9a:d1:69:79:65:e3:df:49:d7:ca:
                    4d:51:c1:46:6d:01:92:74:b5:44:75:98:44:41:08:
                    dc:24:9c:41:13:af:b0:50:c7:7f:84:cf:a3:35:46:
                    dc:85:5a:7f:ee:ea:38:ba:b7:55:24:da:dc:d3:0e:
                    bb:21:07:29:ec:ca:9d:53:aa:5b:53:6d:45:f7:05:
                    b5:6b:d4:30:d6:e6:ff:24:60:f8:dc:74:56:05:fc:
                    d0:16:34:3c:37:3f:a7:49:5a:f9:69:44:3e:a8:bc:
                    a5:0f:42:2d:ef:a5:dd:99:63:0c:63:f8:8b:bb:7c:
                    44:fa:c7:51:eb:c2:32:64:7e:2e:57:f6:c0:b6:a8:
                    36:12:f9:76:20:42:42:a9:8d:31:ed:ed:5e:8d:7f:
                    77:43:35:ec:8c:62:9a:a6:c3:a1:16:98:ff:3a:36:
                    f5:9b:3f:e8:70:e2:a7:09:bb:5f:49:9a:b5:04:29:
                    7c:fc:4d:78:08:c1:79:8c:b7:f2:45:9f:ef:4f:6f:
                    44:43:93:9e:5d:cd:2d:62:48:19:6a:23:3b:17:9e:
                    14:88:43:2f:76:0a:0e:8e:c7:aa:d1:68:df:52:80:
                    43:d8:41:06:d8:a8:6c:57:02:cf:08:4d:64:66:9a:
                    60:bb:6f:51:f2:36:09:13:59:34:48:e0:4f:7c:75:
                    c6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:54:61:B0:93:1A:45:77:7D:0C:B4:F8:AD:77:54:C5:D2:09:01:03
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:ec:ff:27:5e:67:f5:68:4e:44:16:ab:1b:47:e4:3d:e0:14:
         dd:44:1f:5e:4e:44:ab:29:84:94:c3:03:65:17:e2:27:30:b8:
         ea:f0:22:09:d0:fc:9b:d3:db:e3:50:80:57:f6:ba:58:54:00:
         97:2d:8c:93:a5:08:a5:2a:fe:ce:03:8a:d9:a1:7e:22:61:9e:
         18:bd:53:1d:95:4a:56:01:0a:37:e1:d1:32:32:89:c1:d0:dc:
         07:fd:50:8d:4d:e3:8a:d6:23:dc:85:d4:e7:c1:2c:dd:17:c0:
         08:ec:1e:6e:72:75:75:6e:e7:7a:9d:51:7d:6e:40:49:58:bb:
         56:f7:33:37:8a:62:2a:66:8f:08:42:b3:8e:f0:f0:a5:87:95:
         f2:8b:00:55:e9:f8:6c:e4:91:af:54:24:39:bf:0e:b0:16:a0:
         f7:c9:e4:ea:37:4c:81:b9:00:d4:7c:d4:38:c7:4c:09:e1:d2:
         b2:e4:ed:a3:a8:b4:97:e5:f7:bc:e0:06:bf:e4:76:7f:00:2b:
         04:c8:48:d6:79:f2:4a:0f:67:3e:8b:71:9b:24:ce:1f:8a:86:
         66:8b:42:de:4d:5c:0a:c7:03:ff:a4:8b:76:2c:a2:3b:11:a1:
         88:32:dd:2c:3e:e4:e5:eb:e0:96:8a:fc:89:58:70:0a:1a:2d:
         8a:62:aa:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z45U98pqNNNzwU58H7sWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjUwNDI3MDQwMDQyWhcNMjUwNDI4MDQwMDQyWjAzMTEwLwYDVQQD
EygxNDU0NjFiMDkzMWE0NTc3N2QwY2I0ZjhhZDc3NTRjNWQyMDkwMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHS1jJrRaXll499J18pNUcFGbQGS
dLVEdZhEQQjcJJxBE6+wUMd/hM+jNUbchVp/7uo4urdVJNrc0w67IQcp7MqdU6pb
U21F9wW1a9Qw1ub/JGD43HRWBfzQFjQ8Nz+nSVr5aUQ+qLylD0It76XdmWMMY/iL
u3xE+sdR68IyZH4uV/bAtqg2Evl2IEJCqY0x7e1ejX93QzXsjGKapsOhFpj/Ojb1
mz/ocOKnCbtfSZq1BCl8/E14CMF5jLfyRZ/vT29EQ5OeXc0tYkgZaiM7F54UiEMv
dgoOjseq0WjfUoBD2EEG2KhsVwLPCE1kZppgu29R8jYJE1k0SOBPfHXGwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRUYbCTGkV3fQy0+K13VMXSCQEDMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQez/J15n
9WhORBarG0fkPeAU3UQfXk5EqymElMMDZRfiJzC46vAiCdD8m9Pb41CAV/a6WFQA
ly2Mk6UIpSr+zgOK2aF+ImGeGL1THZVKVgEKN+HRMjKJwdDcB/1QjU3jitYj3IXU
58Es3RfACOwebnJ1dW7nep1RfW5ASVi7VvczN4piKmaPCEKzjvDwpYeV8osAVen4
bOSRr1QkOb8OsBag98nk6jdMgbkA1HzUOMdMCeHSsuTto6i0l+X3vOAGv+R2fwAr
BMhI1nnySg9nPotxmyTOH4qGZotC3k1cCscD/6SLdiyiOxGhiDLdLD7k5evglor8
iVhwChotimKqPQ==
-----END CERTIFICATE-----