Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          pFK6+NjZjbv/Cj+ItubrgPWw2gfA2hW5bESkX2rfHrA=
Subject key identifier:   1F:56:2B:79:D9:29:A0:B2:91:94:EF:C3:57:3A:71:FF:F3:10:81:03
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019679E96380B4044AF48667D3CAF2F8FADF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          150F
Signing time:             Mon 28 Apr 2025 01:01:00 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:00 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:00 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: hg6CW87MWpWt5u2E4rkfuILzaldmj+tB2nlhIxciH4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:63:80:b4:04:4a:f4:86:67:d3:ca:f2:f8:fa:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Apr 28 01:01:00 2025 GMT
            Not After : Apr 29 01:01:00 2025 GMT
        Subject: CN=1f562b79d929a0b29194efc3573a71fff3108103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:89:01:48:b6:c0:2e:e0:dc:80:83:64:d3:51:
                    c3:4c:5b:66:15:1e:bb:07:9d:ce:91:b2:9e:5a:c8:
                    6f:9a:5e:ed:eb:96:34:15:a2:fd:16:74:11:9b:9b:
                    e0:18:12:c4:27:2e:3b:30:3d:e2:25:ce:8e:31:d6:
                    f4:5d:89:7b:fb:84:d1:18:cd:b8:9a:f9:59:a8:ee:
                    ad:5e:c4:53:1b:71:8e:07:f1:6b:30:29:15:04:5c:
                    2c:9a:4b:b0:2f:c5:92:32:96:0b:93:6c:7c:a6:2d:
                    96:8b:78:0b:71:f9:74:c9:d7:41:2c:1c:2f:ed:c3:
                    16:68:95:d1:3e:5b:c0:60:89:e7:e3:33:3a:7a:e5:
                    d4:56:c0:30:35:2b:8c:b3:a1:21:dc:c8:48:00:46:
                    29:f3:19:c6:52:fd:41:ca:87:48:90:91:bc:46:72:
                    c7:22:39:60:55:3a:45:14:fe:da:0a:4c:e0:c7:47:
                    ac:b4:5c:4d:0f:9d:2d:46:ac:ea:9f:b9:d3:6a:16:
                    f5:d7:48:cb:89:e0:44:d4:93:5f:1b:e0:59:66:a1:
                    d9:31:43:60:64:ce:96:24:4a:40:71:e8:3d:fb:48:
                    e4:f0:d4:aa:79:6e:42:b2:6c:cb:53:7e:e2:cc:3e:
                    52:fc:a1:fb:c4:68:45:8c:27:aa:69:7e:d2:e5:77:
                    cf:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:56:2B:79:D9:29:A0:B2:91:94:EF:C3:57:3A:71:FF:F3:10:81:03
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:b4:23:5b:07:e7:22:9c:05:84:f3:fe:37:5b:56:f2:c3:5c:
         0c:a5:0e:25:17:ce:43:16:56:45:05:93:3e:9c:80:23:27:34:
         3d:1c:c5:e0:37:7b:73:8c:3a:a7:fa:1b:b0:fc:5d:0f:da:f9:
         dc:b4:25:96:c1:3a:72:0b:96:26:19:ae:f1:82:6e:1f:ba:67:
         8e:d2:ef:76:30:58:cb:a5:39:20:04:c8:59:23:2a:05:fb:e9:
         b8:c2:af:5d:74:de:95:5c:e0:e5:f9:64:cc:83:7d:45:cb:1c:
         f3:ba:b4:bc:6d:f4:33:ed:2b:6f:d5:54:09:5f:95:71:f7:bf:
         74:a3:42:00:e5:76:27:72:e4:28:6b:08:ce:1c:93:65:3e:9b:
         8d:0a:d8:5b:3c:55:d1:2e:17:73:92:e1:8d:34:a9:f9:05:dc:
         19:21:0f:fa:82:20:3e:a0:c6:88:17:47:69:a8:3f:cc:ff:16:
         cc:b0:e1:24:8b:a8:2d:64:3a:b3:00:6c:62:19:35:7f:86:64:
         b5:56:c3:78:15:34:da:f9:fa:29:da:41:8a:12:3d:a8:96:84:
         1f:d1:7a:4c:b6:6b:68:75:4e:d3:2b:24:28:e5:be:16:23:bf:
         92:cc:bd:9e:73:e8:0d:a4:cb:fa:e3:25:b6:81:e1:1b:53:17:
         50:ec:bc:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56WOAtARK9IZn08ry+PrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwNDI4MDEwMTAwWhcNMjUwNDI5MDEwMTAwWjAzMTEwLwYDVQQD
EygxZjU2MmI3OWQ5MjlhMGIyOTE5NGVmYzM1NzNhNzFmZmYzMTA4MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYkBSLbALuDcgINk01HDTFtmFR67
B53OkbKeWshvml7t65Y0FaL9FnQRm5vgGBLEJy47MD3iJc6OMdb0XYl7+4TRGM24
mvlZqO6tXsRTG3GOB/FrMCkVBFwsmkuwL8WSMpYLk2x8pi2Wi3gLcfl0yddBLBwv
7cMWaJXRPlvAYInn4zM6euXUVsAwNSuMs6Eh3MhIAEYp8xnGUv1ByodIkJG8RnLH
IjlgVTpFFP7aCkzgx0estFxND50tRqzqn7nTahb110jLieBE1JNfG+BZZqHZMUNg
ZM6WJEpAceg9+0jk8NSqeW5CsmzLU37izD5S/KH7xGhFjCeqaX7S5XfPIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9WK3nZKaCykZTvw1c6cf/zEIEDMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7QjWwfn
IpwFhPP+N1tW8sNcDKUOJRfOQxZWRQWTPpyAIyc0PRzF4Dd7c4w6p/obsPxdD9r5
3LQllsE6cguWJhmu8YJuH7pnjtLvdjBYy6U5IATIWSMqBfvpuMKvXXTelVzg5flk
zIN9Rcsc87q0vG30M+0rb9VUCV+Vcfe/dKNCAOV2J3LkKGsIzhyTZT6bjQrYWzxV
0S4Xc5LhjTSp+QXcGSEP+oIgPqDGiBdHaag/zP8WzLDhJIuoLWQ6swBsYhk1f4Zk
tVbDeBU02vn6KdpBihI9qJaEH9F6TLZraHVO0yskKOW+FiO/ksy9nnPoDaTL+uMl
toHhG1MXUOy8Yw==
-----END CERTIFICATE-----