Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          UNFKyIvQ7kJQFkEx2pXRb2mO4OLHBmlvingXvwFJGpA=
Subject key identifier:   29:61:C6:27:79:E0:6F:1F:5D:5A:4A:51:5E:5B:32:70:1E:45:E3:E7
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0197820DAC8AEB8D14C79C01FED8794E656A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          036B
Signing time:             Wed 18 Jun 2025 08:00:23 +0000
Manifest this update:     Wed 18 Jun 2025 08:00:23 +0000
Manifest next update:     Thu 19 Jun 2025 08:00:23 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: Pa2VTLfpV3GPIl3J1li2I0XKDX7KyEFXkv62DeGfGZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:82:0d:ac:8a:eb:8d:14:c7:9c:01:fe:d8:79:4e:65:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Jun 18 08:00:23 2025 GMT
            Not After : Jun 19 08:00:23 2025 GMT
        Subject: CN=2961c62779e06f1f5d5a4a515e5b32701e45e3e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8e:84:10:d4:4c:81:2c:2e:c5:75:50:2d:e9:
                    90:d3:1c:98:49:e4:ab:ad:43:c1:4a:84:16:2f:a7:
                    47:85:ba:a3:fd:2d:75:34:c4:b7:eb:94:4c:19:73:
                    37:c3:3d:f4:da:c6:57:4a:9a:ed:4f:82:99:3b:59:
                    e1:c0:61:02:ca:7d:2d:f7:01:1f:84:54:f5:26:87:
                    ae:9e:df:22:d0:f0:d0:d3:c7:19:d6:2c:73:7d:e7:
                    6c:76:00:e3:63:aa:5e:42:f1:0a:86:83:19:28:f7:
                    79:08:0b:b8:ea:3e:c7:2c:1c:e9:fb:68:ba:f6:cd:
                    26:95:55:f0:a0:ed:9d:88:cd:89:42:6f:2f:59:2d:
                    8a:65:b6:bc:46:fa:96:7e:8a:b4:15:4b:1a:cc:62:
                    7b:9f:4b:11:7b:3c:a6:dd:2f:38:6f:54:0b:32:99:
                    a9:74:ab:05:4f:ba:ce:d0:1d:98:7e:d5:63:22:76:
                    4a:77:89:e3:e7:e9:48:bb:be:f0:43:0d:23:7f:47:
                    ad:7b:4b:42:11:1d:bc:e2:4a:33:45:f8:6b:77:e7:
                    1b:a2:f5:bd:26:cc:11:bf:10:50:58:85:99:23:e5:
                    7d:6f:36:dd:33:dc:35:6d:29:5f:09:60:36:ca:72:
                    a3:92:92:eb:59:05:69:f2:2c:19:85:df:2c:c2:a6:
                    d5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:61:C6:27:79:E0:6F:1F:5D:5A:4A:51:5E:5B:32:70:1E:45:E3:E7
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:38:cc:14:51:59:55:01:99:98:bb:b2:08:fc:de:a9:3c:5a:
         8c:17:5a:a1:15:62:4e:75:36:3f:4d:99:49:e3:da:75:59:76:
         e8:44:cf:b5:98:50:3e:18:a1:6a:6d:d0:97:c6:f0:a2:10:f8:
         b0:2c:7e:49:71:f7:c4:b1:3f:e7:0d:fe:52:6f:0d:33:42:27:
         df:97:6a:1c:ee:97:da:68:11:07:03:06:6b:85:f1:a5:74:a5:
         e1:b1:0f:7d:29:25:4c:5e:09:cb:63:30:d1:a5:1b:71:4f:de:
         db:18:54:09:2e:1e:fa:d9:59:8c:7e:c1:7f:55:f7:93:c1:38:
         d1:06:df:61:26:3d:48:eb:fc:cb:c7:c7:fb:7e:43:7b:26:75:
         9a:90:e3:25:82:1a:17:80:bf:f9:00:c2:34:70:1c:7a:f0:d2:
         b7:85:41:7e:82:49:c4:ff:61:b5:50:15:3e:bd:3b:ba:c7:87:
         3b:6f:54:d4:5b:3b:c8:aa:6d:79:99:d3:74:9c:14:1d:dc:ee:
         3d:0d:53:4f:3c:99:2f:14:f5:2c:1e:1d:32:3f:64:68:71:33:
         44:08:d4:b7:03:58:b3:e0:3d:71:7c:c5:f7:1a:6d:4f:80:d2:
         19:22:0c:af:ac:73:30:c8:72:34:6b:6f:b2:85:c1:7b:ea:61:
         aa:94:45:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeCDayK640Ux5wB/th5TmVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwNjE4MDgwMDIzWhcNMjUwNjE5MDgwMDIzWjAzMTEwLwYDVQQD
EygyOTYxYzYyNzc5ZTA2ZjFmNWQ1YTRhNTE1ZTViMzI3MDFlNDVlM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio6EENRMgSwuxXVQLemQ0xyYSeSr
rUPBSoQWL6dHhbqj/S11NMS365RMGXM3wz302sZXSprtT4KZO1nhwGECyn0t9wEf
hFT1Joeunt8i0PDQ08cZ1ixzfedsdgDjY6peQvEKhoMZKPd5CAu46j7HLBzp+2i6
9s0mlVXwoO2diM2JQm8vWS2KZba8RvqWfoq0FUsazGJ7n0sRezym3S84b1QLMpmp
dKsFT7rO0B2YftVjInZKd4nj5+lIu77wQw0jf0ete0tCER284kozRfhrd+cbovW9
JswRvxBQWIWZI+V9bzbdM9w1bSlfCWA2ynKjkpLrWQVp8iwZhd8swqbVpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClhxid54G8fXVpKUV5bMnAeRePnMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTjMFFFZ
VQGZmLuyCPzeqTxajBdaoRViTnU2P02ZSePadVl26ETPtZhQPhiham3Ql8bwohD4
sCx+SXH3xLE/5w3+Um8NM0In35dqHO6X2mgRBwMGa4XxpXSl4bEPfSklTF4Jy2Mw
0aUbcU/e2xhUCS4e+tlZjH7Bf1X3k8E40QbfYSY9SOv8y8fH+35DeyZ1mpDjJYIa
F4C/+QDCNHAcevDSt4VBfoJJxP9htVAVPr07useHO29U1Fs7yKpteZnTdJwUHdzu
PQ1TTzyZLxT1LB4dMj9kaHEzRAjUtwNYs+A9cXzF9xptT4DSGSIMr6xzMMhyNGtv
soXBe+phqpRFIA==
-----END CERTIFICATE-----