Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          82B74aDheu1A996VB+M+CTP+sK3W/Isbh5m3YrC2gZs=
Subject key identifier:   9C:D1:5F:EF:D7:FD:DB:70:FA:65:16:F2:88:88:5C:15:46:86:23:03
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       0196760C6B5D510BC479D2DE1C5BF38E8EDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 07:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:47 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: kD4IkyX/KDenaBlvUF+9e1acJuIOXvJF4dQ3IOq3y8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:6b:5d:51:0b:c4:79:d2:de:1c:5b:f3:8e:8e:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Apr 27 07:00:47 2025 GMT
            Not After : Apr 28 07:00:47 2025 GMT
        Subject: CN=9cd15fefd7fddb70fa6516f288885c1546862303
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c9:31:d6:97:7b:4b:37:9b:9e:fa:a6:8f:80:
                    46:d5:f2:e8:e3:9c:8e:e6:00:ed:93:2d:aa:b9:fa:
                    dc:11:1a:76:ba:5e:14:6c:58:59:27:a7:fd:ee:a2:
                    f7:42:4d:38:df:c5:55:ef:2b:51:04:59:ea:7d:fd:
                    93:5e:99:ca:a3:57:8c:9a:73:07:17:4a:4d:80:ae:
                    fe:bf:f0:cf:33:91:a9:16:1e:f1:78:03:f4:4d:e2:
                    64:c2:6e:aa:9e:d9:5e:56:ac:2a:65:5b:65:06:f2:
                    f7:e6:c6:ab:ef:8b:f4:89:4e:24:a8:fd:ef:c6:1e:
                    da:26:f4:02:61:8e:cf:68:fa:6b:ea:5d:dc:f1:c0:
                    bf:b9:2f:0a:92:ca:f5:e9:40:f8:b7:3a:84:12:c1:
                    58:6c:08:b9:c3:bd:23:0f:48:95:e3:bc:7e:56:7a:
                    2c:92:44:21:85:35:26:9d:0b:97:4f:25:c2:10:45:
                    8d:7a:5b:d8:46:b3:55:06:66:3d:af:4d:3f:50:db:
                    34:bb:f0:ed:c6:da:91:cb:35:b1:54:03:5d:1f:d1:
                    c6:a2:39:c3:e0:f6:f1:e1:ba:2d:4f:fe:70:44:72:
                    58:f1:7e:9d:e3:a1:9f:d0:a1:4d:db:d5:9b:6f:66:
                    f8:5b:68:1a:9d:81:3e:fa:22:bf:3d:0a:1d:fb:2a:
                    25:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:D1:5F:EF:D7:FD:DB:70:FA:65:16:F2:88:88:5C:15:46:86:23:03
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:13:80:24:45:17:2c:38:7e:60:6c:f0:f6:8e:28:dc:73:b3:
         43:19:e5:ad:28:73:95:91:c1:5d:f5:27:0a:1d:94:b6:7b:30:
         1d:2e:72:42:b2:95:fe:d2:8d:a8:d7:d3:41:1a:ef:e7:b4:aa:
         a6:bf:08:ed:4b:a9:b2:09:44:97:2b:53:51:ef:74:b4:f1:a2:
         62:77:79:72:92:07:05:d6:a2:f9:4a:7e:7a:78:5f:3a:e9:2e:
         f1:dc:91:8c:e2:ff:a3:37:1c:44:86:e4:bf:eb:ab:d0:35:e0:
         a3:93:10:f7:94:a5:1e:76:e2:ca:d4:f1:4f:c4:36:5b:fd:2d:
         29:11:e6:41:c1:a6:f6:84:b2:28:33:c7:b0:5b:81:8a:74:39:
         2f:a6:12:c0:ee:7d:dc:f8:fb:97:d4:87:25:12:ab:2f:f2:15:
         85:47:70:5f:4a:58:68:33:07:75:66:e6:52:3b:e6:bd:41:3d:
         30:45:f4:8e:fb:e9:85:7e:24:51:ca:8a:20:64:7f:cd:96:ff:
         f4:a1:21:29:3a:d5:d4:81:a1:af:fe:d1:b4:ca:4d:3b:e6:5f:
         ef:11:0d:bc:0f:d7:4e:70:4c:78:0a:6b:e0:94:aa:ce:ed:35:
         3d:e8:66:4e:53:70:0b:5b:46:46:d4:c5:95:95:1a:23:cb:55:
         2e:f3:ff:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DGtdUQvEedLeHFvzjo7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUwNDI3MDcwMDQ3WhcNMjUwNDI4MDcwMDQ3WjAzMTEwLwYDVQQD
Eyg5Y2QxNWZlZmQ3ZmRkYjcwZmE2NTE2ZjI4ODg4NWMxNTQ2ODYyMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyckx1pd7Szebnvqmj4BG1fLo45yO
5gDtky2qufrcERp2ul4UbFhZJ6f97qL3Qk0438VV7ytRBFnqff2TXpnKo1eMmnMH
F0pNgK7+v/DPM5GpFh7xeAP0TeJkwm6qntleVqwqZVtlBvL35sar74v0iU4kqP3v
xh7aJvQCYY7PaPpr6l3c8cC/uS8Kksr16UD4tzqEEsFYbAi5w70jD0iV47x+Vnos
kkQhhTUmnQuXTyXCEEWNelvYRrNVBmY9r00/UNs0u/DtxtqRyzWxVANdH9HGojnD
4Pbx4botT/5wRHJY8X6d46Gf0KFN29Wbb2b4W2ganYE++iK/PQod+yolLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzRX+/X/dtw+mUW8oiIXBVGhiMDMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBOAJEUX
LDh+YGzw9o4o3HOzQxnlrShzlZHBXfUnCh2UtnswHS5yQrKV/tKNqNfTQRrv57Sq
pr8I7UupsglElytTUe90tPGiYnd5cpIHBdai+Up+enhfOuku8dyRjOL/ozccRIbk
v+ur0DXgo5MQ95SlHnbiytTxT8Q2W/0tKRHmQcGm9oSyKDPHsFuBinQ5L6YSwO59
3Pj7l9SHJRKrL/IVhUdwX0pYaDMHdWbmUjvmvUE9MEX0jvvphX4kUcqKIGR/zZb/
9KEhKTrV1IGhr/7RtMpNO+Zf7xENvA/XTnBMeApr4JSqzu01PehmTlNwC1tGRtTF
lZUaI8tVLvP/gw==
-----END CERTIFICATE-----