Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          5wcKusm6xifvekj1YGMpaguNa/xtW4+iG1k6OXiGJiw=
Subject key identifier:   1B:69:7F:90:47:39:6E:D1:59:19:2B:EF:23:25:2A:25:E7:9A:22:CA
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       01976D3E55A790766E062CF94AF3157F03DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          0A31
Signing time:             Sat 14 Jun 2025 07:01:31 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:31 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:31 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: Le0Uaoq5OQCSboOA2RM863u+WkVsbcwAKQKps9TLEWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:55:a7:90:76:6e:06:2c:f9:4a:f3:15:7f:03:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Jun 14 07:01:31 2025 GMT
            Not After : Jun 15 07:01:31 2025 GMT
        Subject: CN=1b697f9047396ed159192bef23252a25e79a22ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:19:94:88:48:e2:42:44:b4:f2:a8:18:c1:1e:
                    fd:fa:c4:ee:05:b9:45:7c:68:3e:26:36:5f:bc:90:
                    a3:bb:c7:48:28:99:c5:1a:0f:76:ce:32:8c:94:1d:
                    b7:3e:54:e3:a4:33:2a:86:36:4c:9a:be:3c:03:e8:
                    29:a4:98:c7:fd:89:6f:c3:6f:6c:9a:c9:7f:3a:27:
                    ea:66:3e:ed:4f:17:65:60:ab:3b:f1:d0:4a:b1:44:
                    c8:79:67:90:21:ae:5e:8b:99:5f:b9:55:89:0f:3a:
                    9b:84:83:76:cc:8b:ed:1f:78:5b:9d:07:ec:23:ac:
                    07:28:23:71:61:14:de:4a:02:d6:e7:6a:1f:13:80:
                    e3:d6:ca:8f:ca:5d:3b:3a:01:30:43:a6:ad:3a:c9:
                    e6:3c:1f:f3:a1:32:0e:b2:0a:21:2f:62:8e:66:39:
                    1b:28:a4:02:fc:01:6b:4b:e9:e8:3f:41:3d:17:a4:
                    b5:b4:c4:7c:35:eb:c3:e9:89:25:bd:ca:25:b1:a2:
                    b3:cf:78:05:f9:46:82:2b:34:ac:a1:96:c5:5a:0c:
                    84:3f:6d:30:73:83:8b:57:76:ac:89:fb:e2:89:23:
                    5a:e6:39:f9:8f:1f:ee:06:c8:09:74:a5:00:0c:e7:
                    39:39:a7:75:62:dc:17:50:47:76:b0:0c:1d:bd:49:
                    d3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:69:7F:90:47:39:6E:D1:59:19:2B:EF:23:25:2A:25:E7:9A:22:CA
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:fe:dd:25:54:73:6e:76:b4:2e:f0:9c:d9:f1:b9:90:0d:c6:
         d8:db:21:89:ca:0e:83:99:ef:0a:5d:73:8f:6c:90:83:b6:77:
         6a:e5:f3:47:b3:8a:1f:a7:29:03:11:59:6b:b8:f2:be:c7:49:
         ce:b3:fe:65:6d:57:06:1f:c3:bd:ee:0f:d5:66:e7:3e:f8:68:
         ea:7e:80:44:c8:dc:51:a3:fe:bb:cd:e9:53:64:17:f8:6d:c4:
         5f:d5:b9:a0:75:28:19:9e:28:3c:d0:04:d9:bf:70:b4:bf:7a:
         d8:24:89:e8:02:12:08:c8:90:29:66:2d:a5:61:2e:86:57:c5:
         0e:49:ae:89:85:9f:0d:7f:9c:3e:82:86:6d:86:03:8e:25:40:
         d9:49:93:6b:95:48:35:2b:1c:e3:7a:3f:17:7e:ba:ce:96:dc:
         88:ff:85:dd:fa:97:ca:6d:4d:c0:59:3e:a1:ec:a1:80:de:06:
         98:df:b3:3d:d6:66:2a:b6:dd:9a:2a:1e:df:94:74:83:e3:e2:
         50:ab:04:85:c6:5a:67:80:f1:83:43:66:35:d3:10:3b:6f:f9:
         31:a3:86:70:aa:d4:68:b7:78:52:06:17:98:92:e2:42:a2:9f:
         89:7d:5e:71:42:35:a0:86:bd:fc:a4:30:f7:01:b2:e2:69:bf:
         90:6b:11:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPlWnkHZuBiz5SvMVfwPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjUwNjE0MDcwMTMxWhcNMjUwNjE1MDcwMTMxWjAzMTEwLwYDVQQD
EygxYjY5N2Y5MDQ3Mzk2ZWQxNTkxOTJiZWYyMzI1MmEyNWU3OWEyMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRmUiEjiQkS08qgYwR79+sTuBblF
fGg+JjZfvJCju8dIKJnFGg92zjKMlB23PlTjpDMqhjZMmr48A+gppJjH/Ylvw29s
msl/OifqZj7tTxdlYKs78dBKsUTIeWeQIa5ei5lfuVWJDzqbhIN2zIvtH3hbnQfs
I6wHKCNxYRTeSgLW52ofE4Dj1sqPyl07OgEwQ6atOsnmPB/zoTIOsgohL2KOZjkb
KKQC/AFrS+noP0E9F6S1tMR8NevD6YklvcolsaKzz3gF+UaCKzSsoZbFWgyEP20w
c4OLV3asifviiSNa5jn5jx/uBsgJdKUADOc5Oad1YtwXUEd2sAwdvUnTJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtpf5BHOW7RWRkr7yMlKiXnmiLKMB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo/7dJVRz
bna0LvCc2fG5kA3G2NshicoOg5nvCl1zj2yQg7Z3auXzR7OKH6cpAxFZa7jyvsdJ
zrP+ZW1XBh/Dve4P1WbnPvho6n6ARMjcUaP+u83pU2QX+G3EX9W5oHUoGZ4oPNAE
2b9wtL962CSJ6AISCMiQKWYtpWEuhlfFDkmuiYWfDX+cPoKGbYYDjiVA2UmTa5VI
NSsc43o/F366zpbciP+F3fqXym1NwFk+oeyhgN4GmN+zPdZmKrbdmioe35R0g+Pi
UKsEhcZaZ4Dxg0NmNdMQO2/5MaOGcKrUaLd4UgYXmJLiQqKfiX1ecUI1oIa9/KQw
9wGy4mm/kGsRBA==
-----END CERTIFICATE-----