Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          CVPNuQ793upnhWMcYTolMZdyWXuaFRi5cbmA6xyJWRk=
Subject key identifier:   99:41:1D:0A:38:EF:CF:1A:A0:AD:24:0B:DE:44:59:79:0B:5F:8C:F4
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       019679E961C00220ECD2C2E4B3A61BDEB9D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          1211
Signing time:             Mon 28 Apr 2025 01:01:00 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:00 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:00 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: OZ/MXocY1VMuCOTIEPiouYUDa8eHkQ7/tPBEv/7sg0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:61:c0:02:20:ec:d2:c2:e4:b3:a6:1b:de:b9:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Apr 28 01:01:00 2025 GMT
            Not After : Apr 29 01:01:00 2025 GMT
        Subject: CN=99411d0a38efcf1aa0ad240bde4459790b5f8cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:93:0b:f1:bb:fb:d4:7d:22:49:e0:7e:c5:88:
                    a7:02:61:db:77:af:0a:6f:14:dd:e3:38:4b:bc:77:
                    dd:e6:4f:b5:ff:37:e8:30:68:ee:2c:96:76:11:6c:
                    a3:e0:43:1c:ba:5c:0c:64:8b:a2:ec:3f:4b:b8:a3:
                    1d:bd:15:ad:ae:56:82:ab:2b:b3:36:54:c5:a8:8f:
                    9d:bf:01:04:2d:24:20:48:48:9b:25:47:4e:5a:9d:
                    c9:33:5c:d6:ad:bf:7b:09:8e:ef:03:bf:a3:07:ae:
                    57:da:02:97:18:df:7a:ac:1e:22:fa:8e:1d:21:c5:
                    4c:dd:23:f1:1c:ec:c5:92:74:65:e3:92:61:69:c2:
                    4c:3f:48:00:54:89:a2:06:c8:66:74:d8:4b:1e:20:
                    52:97:b4:70:42:3e:31:e3:22:82:66:09:11:50:08:
                    f6:df:58:08:4c:bd:67:7a:c1:0e:21:d7:94:ea:15:
                    cc:58:72:c7:b6:5e:29:f9:f0:a4:86:17:ad:0b:07:
                    6e:cc:c2:4a:43:a0:95:e5:80:67:1d:cc:56:1e:45:
                    0b:2e:6f:e8:92:47:f7:49:c2:3c:7f:4b:d3:89:70:
                    5b:e4:3a:d9:89:90:a0:8a:a3:00:4b:9c:b1:42:d6:
                    c1:e1:9e:8a:50:8d:23:f2:9f:df:6b:2f:64:5f:66:
                    ce:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:41:1D:0A:38:EF:CF:1A:A0:AD:24:0B:DE:44:59:79:0B:5F:8C:F4
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:04:11:47:2e:c3:f3:17:86:2a:07:ce:a6:1e:d9:cd:60:13:
         5c:a5:27:46:8c:c5:e1:7a:1c:d2:5d:94:4a:14:9e:66:95:8f:
         d1:2b:f8:ad:57:be:75:11:0b:36:ca:08:e4:df:c7:7d:9e:61:
         b9:c9:48:f9:ba:57:f6:54:16:b7:33:66:c3:ba:24:62:69:57:
         b9:0e:15:97:aa:27:f0:56:24:f2:33:5a:4e:8d:bb:aa:c0:a5:
         0a:b7:a1:b7:d2:ac:56:cb:4f:88:bc:d9:9a:aa:5f:f1:02:5a:
         6c:0e:d2:7f:6f:8b:a5:7b:42:77:e1:62:f6:df:5d:2d:e4:60:
         74:17:cd:c3:56:b2:5e:fe:73:9d:84:30:1a:5b:92:33:cb:b5:
         c6:40:39:a8:ab:94:e3:55:e9:fe:fb:f6:b0:19:2c:93:1a:0f:
         86:0f:29:3e:db:6d:8f:0f:5b:59:61:2d:c8:05:6f:d0:18:71:
         6d:3d:14:b9:06:1e:f3:47:d0:df:e8:84:c5:83:66:74:23:3c:
         02:4d:cf:50:b0:0e:db:65:01:03:47:a5:7d:e0:19:db:80:0a:
         71:27:11:6d:78:97:6c:02:40:43:fb:f1:80:14:44:a5:51:e7:
         af:93:da:ea:0b:f2:07:b1:aa:5c:60:a9:b2:3c:cc:ba:ad:93:
         98:1d:f0:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56WHAAiDs0sLks6Yb3rnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUwNDI4MDEwMTAwWhcNMjUwNDI5MDEwMTAwWjAzMTEwLwYDVQQD
Eyg5OTQxMWQwYTM4ZWZjZjFhYTBhZDI0MGJkZTQ0NTk3OTBiNWY4Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ML8bv71H0iSeB+xYinAmHbd68K
bxTd4zhLvHfd5k+1/zfoMGjuLJZ2EWyj4EMculwMZIui7D9LuKMdvRWtrlaCqyuz
NlTFqI+dvwEELSQgSEibJUdOWp3JM1zWrb97CY7vA7+jB65X2gKXGN96rB4i+o4d
IcVM3SPxHOzFknRl45JhacJMP0gAVImiBshmdNhLHiBSl7RwQj4x4yKCZgkRUAj2
31gITL1nesEOIdeU6hXMWHLHtl4p+fCkhhetCwduzMJKQ6CV5YBnHcxWHkULLm/o
kkf3ScI8f0vTiXBb5DrZiZCgiqMAS5yxQtbB4Z6KUI0j8p/fay9kX2bO3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlBHQo4788aoK0kC95EWXkLX4z0MB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwQRRy7D
8xeGKgfOph7ZzWATXKUnRozF4Xoc0l2UShSeZpWP0Sv4rVe+dRELNsoI5N/HfZ5h
uclI+bpX9lQWtzNmw7okYmlXuQ4Vl6on8FYk8jNaTo27qsClCreht9KsVstPiLzZ
mqpf8QJabA7Sf2+LpXtCd+Fi9t9dLeRgdBfNw1ayXv5znYQwGluSM8u1xkA5qKuU
41Xp/vv2sBkskxoPhg8pPtttjw9bWWEtyAVv0BhxbT0UuQYe80fQ3+iExYNmdCM8
Ak3PULAO22UBA0elfeAZ24AKcScRbXiXbAJAQ/vxgBREpVHnr5Pa6gvyB7GqXGCp
sjzMuq2TmB3wBw==
-----END CERTIFICATE-----