Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          4QMGkKSeNU1N3zeQQvv0/6Uz+RAdlDF/Ragn2PorVa4=
Subject key identifier:   E9:EF:46:5A:AC:BF:16:8F:FF:ED:04:24:8B:F5:9C:ED:C6:0E:FF:D5
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       01968390BE61EE5EA3DD5A3D28414B58CA09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          1013
Signing time:             Tue 29 Apr 2025 22:00:23 +0000
Manifest this update:     Tue 29 Apr 2025 22:00:23 +0000
Manifest next update:     Wed 30 Apr 2025 22:00:23 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: EoH40qZPuxkourMhYTcjq4HEd9p9bbpxSS7d8OTZSQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:90:be:61:ee:5e:a3:dd:5a:3d:28:41:4b:58:ca:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Apr 29 22:00:23 2025 GMT
            Not After : Apr 30 22:00:23 2025 GMT
        Subject: CN=e9ef465aacbf168fffed04248bf59cedc60effd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:19:87:f3:32:2f:18:6a:5d:5d:f1:4c:53:bf:
                    25:48:a9:38:4e:51:55:19:46:47:47:ca:7e:64:98:
                    2f:77:20:b9:27:5d:8d:2d:10:39:f8:04:20:66:eb:
                    93:f3:2e:9e:c5:76:ff:5b:a1:72:6e:c2:1f:87:9f:
                    da:d8:89:f6:39:d9:19:f2:c5:d1:eb:c8:4e:4a:27:
                    09:64:89:48:f1:19:1c:5c:43:9e:8c:43:78:2b:ba:
                    f6:77:32:e9:95:1c:79:43:d8:df:08:3f:23:e4:1f:
                    a6:36:47:ab:cb:d8:14:43:8f:8b:69:d5:4f:62:65:
                    54:fd:d4:83:b8:7b:29:ce:aa:98:e4:7a:aa:1c:8a:
                    a5:87:10:a6:94:8c:66:d8:72:fc:4e:ed:93:3c:00:
                    c4:54:93:06:88:35:29:8f:b2:cd:5a:26:68:fa:7e:
                    ea:b6:7a:aa:a7:bd:b4:e5:96:4f:13:c0:68:49:4e:
                    b8:67:03:7d:d1:05:8a:7e:05:14:18:53:25:d6:9b:
                    93:e3:f7:8f:c2:18:5f:24:f5:23:98:9b:9c:50:62:
                    27:6b:24:04:80:be:95:b9:d1:5f:42:95:6f:86:87:
                    e2:ce:98:de:17:88:83:f8:7b:13:1e:61:f3:73:8a:
                    83:b0:a2:74:ac:b4:70:38:61:6d:64:78:40:ec:8a:
                    b4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:EF:46:5A:AC:BF:16:8F:FF:ED:04:24:8B:F5:9C:ED:C6:0E:FF:D5
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:88:41:78:39:a5:5b:3a:27:92:06:54:56:1a:ca:1f:b0:80:
         50:b5:90:0c:b7:1f:1b:a9:97:3f:62:ad:63:56:fc:53:ae:47:
         7d:7b:47:83:55:86:b6:81:6a:60:3e:31:55:47:f0:d6:be:4a:
         85:f4:f3:08:c0:19:83:4e:af:f7:fe:69:6a:f7:ce:45:15:00:
         f4:b7:bc:14:3e:f7:56:eb:bb:bb:34:85:8f:ce:01:77:86:ee:
         3b:6f:c2:cc:92:89:9b:01:6b:c7:c3:21:b5:ac:cc:3d:1e:6c:
         46:75:3b:55:31:85:09:92:bc:09:19:71:95:0e:9a:3c:18:89:
         57:f9:67:dd:9f:d0:d4:43:f2:83:cb:44:96:ad:a4:a2:0e:4d:
         5e:af:f6:b8:13:ee:d5:27:88:1c:d2:d6:68:86:c2:a7:39:b4:
         0b:00:b7:49:e0:b5:a0:f5:d2:ba:21:0e:ce:51:77:00:84:77:
         07:96:f9:60:b7:1b:35:ed:28:c1:61:0a:c9:ee:de:ba:07:9b:
         c0:60:d8:c7:97:16:f0:6e:7c:70:14:48:30:a2:b2:bf:94:2f:
         83:9b:ae:f7:6f:e2:72:36:60:e0:de:4e:36:76:42:bf:81:d6:
         74:cf:6a:3d:ff:5a:4b:5c:d6:a7:32:07:8f:87:98:c5:64:fe:
         d8:2c:c6:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkL5h7l6j3Vo9KEFLWMoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUwNDI5MjIwMDIzWhcNMjUwNDMwMjIwMDIzWjAzMTEwLwYDVQQD
EyhlOWVmNDY1YWFjYmYxNjhmZmZlZDA0MjQ4YmY1OWNlZGM2MGVmZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBmH8zIvGGpdXfFMU78lSKk4TlFV
GUZHR8p+ZJgvdyC5J12NLRA5+AQgZuuT8y6exXb/W6FybsIfh5/a2In2OdkZ8sXR
68hOSicJZIlI8RkcXEOejEN4K7r2dzLplRx5Q9jfCD8j5B+mNkery9gUQ4+LadVP
YmVU/dSDuHspzqqY5HqqHIqlhxCmlIxm2HL8Tu2TPADEVJMGiDUpj7LNWiZo+n7q
tnqqp7205ZZPE8BoSU64ZwN90QWKfgUUGFMl1puT4/ePwhhfJPUjmJucUGInayQE
gL6VudFfQpVvhofizpjeF4iD+HsTHmHzc4qDsKJ0rLRwOGFtZHhA7Iq07wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnvRlqsvxaP/+0EJIv1nO3GDv/VMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbIhBeDml
WzonkgZUVhrKH7CAULWQDLcfG6mXP2KtY1b8U65HfXtHg1WGtoFqYD4xVUfw1r5K
hfTzCMAZg06v9/5pavfORRUA9Le8FD73Vuu7uzSFj84Bd4buO2/CzJKJmwFrx8Mh
tazMPR5sRnU7VTGFCZK8CRlxlQ6aPBiJV/ln3Z/Q1EPyg8tElq2kog5NXq/2uBPu
1SeIHNLWaIbCpzm0CwC3SeC1oPXSuiEOzlF3AIR3B5b5YLcbNe0owWEKye7eugeb
wGDYx5cW8G58cBRIMKKyv5Qvg5uu92/icjZg4N5ONnZCv4HWdM9qPf9aS1zWpzIH
j4eYxWT+2CzGIQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 02:48:52 2025 by rpki-client