Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
File:                     MU0IhXjsDimwS0PpAUk1hnJjZP0.mft (raw, json)
Hash identifier:          mNzhvKkFgktN5THFtHB7WSQAnxNlBfkG8ytQLJBNEKM=
Subject key identifier:   9D:AB:1B:4F:DF:3D:47:0F:D9:C9:54:6A:63:07:EB:2E:86:4D:F1:C3
Authority key identifier: 31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD
Certificate issuer:       /CN=314d088578ec0e29b04b43e901493586726364fd
Certificate serial:       0196741E1FED7225300DFB3C75FD8760020A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
Manifest number:          1246
Signing time:             Sat 26 Apr 2025 22:00:53 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:53 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:53 +0000
Files and hashes:         1: MU0IhXjsDimwS0PpAUk1hnJjZP0.crl (hash: XT0fmq1Afzzu7IORsXJKW7Xj1UfKijIMlBxChTTIJPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:1f:ed:72:25:30:0d:fb:3c:75:fd:87:60:02:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314d088578ec0e29b04b43e901493586726364fd
        Validity
            Not Before: Apr 26 22:00:53 2025 GMT
            Not After : Apr 27 22:00:53 2025 GMT
        Subject: CN=9dab1b4fdf3d470fd9c9546a6307eb2e864df1c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:50:67:f8:56:c0:9e:71:a6:7a:3c:1f:b9:d7:
                    de:3a:5d:5c:9b:ce:bd:86:36:c0:47:5e:74:07:15:
                    62:4c:96:6e:73:51:cf:db:26:42:c9:2e:e1:6b:51:
                    db:42:e3:a8:e9:30:b7:6a:47:d8:09:94:8a:84:3b:
                    66:da:cf:00:00:c0:72:bb:6d:fa:67:a0:99:b4:52:
                    4e:34:0d:50:43:1f:14:54:4a:24:00:3f:4e:d6:4c:
                    7a:2e:03:53:fd:68:2f:36:ae:e4:58:8e:1c:4a:60:
                    1d:8e:c0:3f:67:a4:fb:17:75:69:fb:78:f4:4f:62:
                    1c:e9:50:a3:8b:e3:91:48:0c:f2:ed:35:c9:e8:4a:
                    af:b1:89:32:5a:64:7a:f5:67:05:e8:65:5c:e4:56:
                    a5:1c:0a:44:3d:e8:5b:fb:85:af:2e:1a:5e:81:45:
                    4c:cd:53:a3:26:92:b8:30:90:a7:0d:39:32:bb:c5:
                    f7:4f:ff:47:4a:e5:c4:4c:f4:02:39:db:41:8f:b7:
                    c8:e0:d2:bc:40:07:c8:ec:ea:af:99:46:67:f1:62:
                    d5:00:4e:aa:85:06:f0:d7:08:22:f5:b2:ca:a4:c1:
                    4e:05:f4:92:2c:7c:36:75:72:af:a4:cf:f8:4f:ed:
                    d8:c1:c9:6b:f1:d8:69:0f:c0:d2:5c:c2:cb:5b:15:
                    19:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AB:1B:4F:DF:3D:47:0F:D9:C9:54:6A:63:07:EB:2E:86:4D:F1:C3
            X509v3 Authority Key Identifier:
                keyid:31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:f2:80:0c:9e:1e:47:9e:e3:8c:e0:71:27:54:97:79:36:b7:
         f8:eb:1e:28:db:f5:3a:0b:ba:f1:d0:a5:dd:aa:47:91:a9:20:
         9a:d7:00:c7:c6:ce:f5:17:5f:ce:15:07:9b:3a:6a:52:d4:66:
         15:9c:ef:69:76:fc:5a:0b:8f:b9:4f:b5:47:00:7f:4f:10:33:
         6f:d3:00:a9:ac:5e:97:53:aa:2f:5c:d4:9c:76:eb:e8:f5:14:
         c6:3a:91:45:f0:6f:9c:51:3d:59:03:e4:51:35:74:38:a5:47:
         04:ee:1f:8b:c3:ec:e8:8a:04:c7:92:ba:c9:90:5c:a9:66:d5:
         c0:41:ff:57:b6:c8:73:d6:8c:6e:9a:4e:c0:ae:b8:47:a5:d8:
         11:58:a7:6f:f2:b5:31:04:1f:b5:e3:06:4b:a6:b0:55:d5:79:
         8f:df:ba:7f:07:71:ff:32:02:d2:16:39:5e:4e:00:57:3a:98:
         25:31:09:55:a6:d9:bc:6b:93:74:4b:01:79:94:40:74:0b:e7:
         e9:14:58:d1:fb:8f:d2:3a:d4:a3:b3:7e:4e:77:84:43:25:3a:
         e7:8e:38:f1:4b:f3:34:fb:52:37:df:6e:17:3d:c9:ab:90:fa:
         b6:a1:9a:0e:1c:90:92:33:8d:2c:46:ae:ce:ce:4b:60:31:62:
         49:4e:fa:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0Hh/tciUwDfs8df2HYAIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGQwODg1NzhlYzBlMjliMDRiNDNlOTAxNDkzNTg2NzI2
MzY0ZmQwHhcNMjUwNDI2MjIwMDUzWhcNMjUwNDI3MjIwMDUzWjAzMTEwLwYDVQQD
Eyg5ZGFiMWI0ZmRmM2Q0NzBmZDljOTU0NmE2MzA3ZWIyZTg2NGRmMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVBn+FbAnnGmejwfudfeOl1cm869
hjbAR150BxViTJZuc1HP2yZCyS7ha1HbQuOo6TC3akfYCZSKhDtm2s8AAMByu236
Z6CZtFJONA1QQx8UVEokAD9O1kx6LgNT/WgvNq7kWI4cSmAdjsA/Z6T7F3Vp+3j0
T2Ic6VCji+ORSAzy7TXJ6EqvsYkyWmR69WcF6GVc5FalHApEPehb+4WvLhpegUVM
zVOjJpK4MJCnDTkyu8X3T/9HSuXETPQCOdtBj7fI4NK8QAfI7OqvmUZn8WLVAE6q
hQbw1wgi9bLKpMFOBfSSLHw2dXKvpM/4T+3Ywclr8dhpD8DSXMLLWxUZXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2rG0/fPUcP2clUamMH6y6GTfHDMB8GA1UdIwQY
MBaAFDFNCIV47A4psEtD6QFJNYZyY2T9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTkt
MTgwMDZiNjY0M2FmLzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTktMTgwMDZiNjY0M2Fm
LzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvKADJ4e
R57jjOBxJ1SXeTa3+OseKNv1Ogu68dCl3apHkakgmtcAx8bO9RdfzhUHmzpqUtRm
FZzvaXb8WguPuU+1RwB/TxAzb9MAqaxel1OqL1zUnHbr6PUUxjqRRfBvnFE9WQPk
UTV0OKVHBO4fi8Ps6IoEx5K6yZBcqWbVwEH/V7bIc9aMbppOwK64R6XYEVinb/K1
MQQfteMGS6awVdV5j9+6fwdx/zIC0hY5Xk4AVzqYJTEJVabZvGuTdEsBeZRAdAvn
6RRY0fuP0jrUo7N+TneEQyU654448UvzNPtSN99uFz3Jq5D6tqGaDhyQkjONLEau
zs5LYDFiSU76Zw==
-----END CERTIFICATE-----