Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          e4UUEKLTqvoj/ZSyCIEaTJrnCd6JTtq8OtrhS85Dkuk=
Subject key identifier:   5F:D5:76:31:45:0B:47:5D:89:24:E2:4A:F8:D8:34:0A:50:BC:A4:CF
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       01976C98A0339CC153816E380D26620C00DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          13B4
Signing time:             Sat 14 Jun 2025 04:00:31 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:31 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:31 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: oSzJm+4bE2p/9jKfStXhPGXfaepzL7DiJQaneuUPL3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:a0:33:9c:c1:53:81:6e:38:0d:26:62:0c:00:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Jun 14 04:00:31 2025 GMT
            Not After : Jun 15 04:00:31 2025 GMT
        Subject: CN=5fd57631450b475d8924e24af8d8340a50bca4cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:43:3d:2b:22:e1:ef:0c:81:fe:1a:b2:e9:37:
                    a7:59:f3:97:6f:52:d2:13:4a:f1:83:c0:02:d0:f3:
                    c5:29:e4:0e:17:c0:95:83:36:63:09:7f:4f:36:c9:
                    15:26:64:a3:93:5a:7f:62:28:17:8d:a8:39:6d:ff:
                    b3:b6:78:92:4f:24:0f:ec:3f:b6:21:62:06:e4:1f:
                    f3:43:d8:20:f4:ba:cb:47:c8:88:be:67:82:44:10:
                    0c:56:c9:13:6a:2e:91:dc:ef:60:29:b6:ad:46:40:
                    8e:a0:30:93:dc:d9:80:dc:cc:35:aa:07:85:a4:11:
                    f4:1a:0e:a7:7d:1d:de:a2:cc:5c:9f:2d:40:2f:7c:
                    34:37:d5:25:50:23:d8:15:9c:b9:a0:1d:ba:5e:a0:
                    ad:43:11:69:23:3a:13:d6:06:7d:91:cc:f4:f3:f9:
                    3a:b7:02:3f:4b:6d:0e:c7:53:a5:ae:c4:eb:5b:ad:
                    8c:06:31:93:d1:24:dc:84:98:b5:9f:5d:11:dc:e9:
                    23:83:51:4f:e5:8e:e9:fd:fb:83:bc:80:37:3d:2c:
                    3c:ac:c9:08:5f:a3:0d:38:1d:c3:af:99:93:e5:2f:
                    83:d4:c6:03:95:ed:de:47:2e:2d:9e:41:af:f0:bd:
                    39:ac:4b:ee:30:8b:43:f4:8e:9d:c1:5e:40:9a:16:
                    33:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D5:76:31:45:0B:47:5D:89:24:E2:4A:F8:D8:34:0A:50:BC:A4:CF
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c5:9d:6e:5f:1a:91:16:14:6c:bb:33:72:09:3a:0b:b6:3a:
         a3:e7:c6:d6:0b:3d:9c:fe:73:92:d2:43:46:f9:f0:e1:d6:30:
         07:45:dd:b5:75:74:3c:4c:18:52:5e:c0:75:21:07:50:61:93:
         ef:72:38:e9:b9:98:bf:1b:29:61:da:8c:7f:e2:45:1b:10:73:
         0f:d4:0e:d4:13:16:37:d0:6c:89:b2:62:3c:e7:57:f4:00:12:
         3f:c2:fe:be:09:57:87:cd:af:df:bf:fd:0c:3b:d3:7c:af:c6:
         e5:ac:af:10:22:e5:19:ad:79:c9:55:42:9a:29:a8:77:ce:15:
         83:46:56:a7:29:41:94:7a:ab:99:89:25:da:3e:04:e0:ab:b5:
         9a:c5:9a:30:5a:ac:d7:71:80:53:33:46:a2:63:3b:c7:86:f3:
         09:84:ab:9f:6f:2c:cc:b3:eb:33:08:0e:9e:73:ac:85:37:60:
         fd:d5:41:8e:ab:e8:1a:03:27:e4:05:e4:d5:a3:76:a7:21:97:
         c1:49:00:46:9e:55:a6:d2:a1:5a:43:d0:f7:a2:fb:8a:c4:e6:
         f9:46:1d:7c:3d:0d:42:46:46:35:8f:09:6e:d0:22:ae:40:e4:
         b8:d9:5c:c0:b3:f4:de:53:fa:ec:da:46:34:65:8c:c1:39:80:
         b5:ef:2d:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmKAznMFTgW44DSZiDADdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwNjE0MDQwMDMxWhcNMjUwNjE1MDQwMDMxWjAzMTEwLwYDVQQD
Eyg1ZmQ1NzYzMTQ1MGI0NzVkODkyNGUyNGFmOGQ4MzQwYTUwYmNhNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUM9KyLh7wyB/hqy6TenWfOXb1LS
E0rxg8AC0PPFKeQOF8CVgzZjCX9PNskVJmSjk1p/YigXjag5bf+ztniSTyQP7D+2
IWIG5B/zQ9gg9LrLR8iIvmeCRBAMVskTai6R3O9gKbatRkCOoDCT3NmA3Mw1qgeF
pBH0Gg6nfR3eosxcny1AL3w0N9UlUCPYFZy5oB26XqCtQxFpIzoT1gZ9kcz08/k6
twI/S20Ox1OlrsTrW62MBjGT0STchJi1n10R3Okjg1FP5Y7p/fuDvIA3PSw8rMkI
X6MNOB3Dr5mT5S+D1MYDle3eRy4tnkGv8L05rEvuMItD9I6dwV5AmhYzoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/VdjFFC0ddiSTiSvjYNApQvKTPMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsWdbl8a
kRYUbLszcgk6C7Y6o+fG1gs9nP5zktJDRvnw4dYwB0XdtXV0PEwYUl7AdSEHUGGT
73I46bmYvxspYdqMf+JFGxBzD9QO1BMWN9BsibJiPOdX9AASP8L+vglXh82v37/9
DDvTfK/G5ayvECLlGa15yVVCmimod84Vg0ZWpylBlHqrmYkl2j4E4Ku1msWaMFqs
13GAUzNGomM7x4bzCYSrn28szLPrMwgOnnOshTdg/dVBjqvoGgMn5AXk1aN2pyGX
wUkARp5VptKhWkPQ96L7isTm+UYdfD0NQkZGNY8JbtAirkDkuNlcwLP03lP67NpG
NGWMwTmAte8t9Q==
-----END CERTIFICATE-----