Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          a8fhQsPA1uXe606cRbpCviYGNtHodKV40a3EkmsgyOc=
Subject key identifier:   34:F3:59:24:5C:F9:05:FD:BD:D6:BC:8B:51:6E:7A:2D:61:E0:0A:B5
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       01967E3415BCBE367B4E04F5BF2B3D22EABA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          0474
Signing time:             Mon 28 Apr 2025 21:01:04 +0000
Manifest this update:     Mon 28 Apr 2025 21:01:04 +0000
Manifest next update:     Tue 29 Apr 2025 21:01:04 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: hoKN3U3jCfrHGN3HTPrlHd/2+U/aVQ7hRK7FKTqMy24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:34:15:bc:be:36:7b:4e:04:f5:bf:2b:3d:22:ea:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Apr 28 21:01:04 2025 GMT
            Not After : Apr 29 21:01:04 2025 GMT
        Subject: CN=34f359245cf905fdbdd6bc8b516e7a2d61e00ab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:2a:a6:fd:38:b4:7c:47:a8:ab:9d:56:68:50:
                    88:3a:e9:4a:c5:90:3f:fd:6d:53:7e:67:e9:40:a6:
                    4d:f5:82:41:c8:78:79:6e:58:96:6f:5d:12:43:2d:
                    76:61:6a:9f:28:12:87:ed:0b:d7:46:e0:10:a3:67:
                    92:b5:16:d7:d7:1a:aa:e4:76:c5:75:db:2e:82:e6:
                    1a:23:4c:09:51:3a:80:04:26:e9:db:6d:19:1e:16:
                    0c:cd:5c:20:04:2c:6e:09:f5:0c:89:08:63:50:54:
                    95:70:d5:7e:0b:ab:d3:04:5a:22:52:5f:d2:a5:6a:
                    cc:45:6f:f8:ed:ce:24:27:29:f4:c4:bf:7a:84:d4:
                    b0:96:12:46:65:d3:b7:63:85:b8:81:3d:52:0d:04:
                    1c:63:31:b2:14:14:de:63:72:a1:ff:f8:86:4a:b2:
                    89:2e:6f:b8:48:a5:12:67:8b:9d:2c:b2:ae:6c:3f:
                    16:a1:74:81:81:ea:13:ad:a2:fb:17:31:1d:bd:a1:
                    10:b5:62:86:d0:31:54:84:9f:24:bd:fe:01:d5:ac:
                    3a:7b:5c:2f:05:a7:e5:dc:93:b9:ea:79:07:40:4d:
                    52:76:0a:13:9d:b1:72:9c:7a:17:bd:86:85:21:5f:
                    a6:9d:d4:e8:d5:9d:cc:52:37:de:da:bf:7e:23:b9:
                    c8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F3:59:24:5C:F9:05:FD:BD:D6:BC:8B:51:6E:7A:2D:61:E0:0A:B5
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:f5:43:93:d8:e7:d4:33:4a:c4:0a:7e:6d:99:6a:9d:24:00:
         a5:c2:4c:22:5f:66:ec:34:05:82:b7:ed:61:eb:7d:d9:5d:8f:
         c2:7d:fb:25:06:9a:09:29:20:b3:8c:af:e1:67:68:8f:bd:74:
         d2:d4:1c:19:7c:22:1d:c5:43:31:5e:c7:c9:77:a0:a6:af:92:
         0b:e8:f9:eb:a0:12:84:3f:4e:75:a4:ee:d2:7f:a1:b0:d5:ce:
         a2:8a:65:92:1b:66:f9:90:43:fc:fd:50:fd:8c:be:78:de:4d:
         54:c2:1a:2b:a3:3a:47:3f:ad:9a:01:bf:2d:7d:75:7d:64:09:
         59:15:d0:87:ec:aa:82:a8:da:f1:d0:51:59:f9:51:2f:81:ad:
         c9:77:1d:10:16:40:20:71:e0:c8:22:34:c3:b8:81:99:f6:64:
         49:bf:88:c4:cc:ca:e1:ee:8b:f5:7c:7d:63:6f:74:19:21:51:
         3e:fe:e4:60:71:05:5a:fe:ac:69:d4:8d:b9:0c:83:89:4f:a7:
         6c:98:c9:85:50:d2:4c:5b:b9:7b:8e:6f:ad:bf:5f:5e:7b:e3:
         f2:9f:36:0d:f3:99:0b:1b:3e:5b:eb:d0:de:19:a9:62:80:bc:
         6d:62:96:bf:55:f9:dd:ad:3c:8b:7a:f3:d6:07:06:0b:b5:47:
         c6:8f:59:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+NBW8vjZ7TgT1vys9Iuq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjUwNDI4MjEwMTA0WhcNMjUwNDI5MjEwMTA0WjAzMTEwLwYDVQQD
EygzNGYzNTkyNDVjZjkwNWZkYmRkNmJjOGI1MTZlN2EyZDYxZTAwYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyqm/Ti0fEeoq51WaFCIOulKxZA/
/W1TfmfpQKZN9YJByHh5bliWb10SQy12YWqfKBKH7QvXRuAQo2eStRbX1xqq5HbF
ddsuguYaI0wJUTqABCbp220ZHhYMzVwgBCxuCfUMiQhjUFSVcNV+C6vTBFoiUl/S
pWrMRW/47c4kJyn0xL96hNSwlhJGZdO3Y4W4gT1SDQQcYzGyFBTeY3Kh//iGSrKJ
Lm+4SKUSZ4udLLKubD8WoXSBgeoTraL7FzEdvaEQtWKG0DFUhJ8kvf4B1aw6e1wv
Bafl3JO56nkHQE1SdgoTnbFynHoXvYaFIV+mndTo1Z3MUjfe2r9+I7nIRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTzWSRc+QX9vda8i1Fuei1h4Aq1MB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPVDk9jn
1DNKxAp+bZlqnSQApcJMIl9m7DQFgrftYet92V2Pwn37JQaaCSkgs4yv4Wdoj710
0tQcGXwiHcVDMV7HyXegpq+SC+j566AShD9OdaTu0n+hsNXOooplkhtm+ZBD/P1Q
/Yy+eN5NVMIaK6M6Rz+tmgG/LX11fWQJWRXQh+yqgqja8dBRWflRL4GtyXcdEBZA
IHHgyCI0w7iBmfZkSb+IxMzK4e6L9Xx9Y290GSFRPv7kYHEFWv6sadSNuQyDiU+n
bJjJhVDSTFu5e45vrb9fXnvj8p82DfOZCxs+W+vQ3hmpYoC8bWKWv1X53a08i3rz
1gcGC7VHxo9Z+g==
-----END CERTIFICATE-----