Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
File:                     l0mtdlnaE07UgHT025NBzodRffQ.mft (raw, json)
Hash identifier:          zU4WH/v2eZ+onprcMs0jdTKMGwWlOFXDM4dlUuwKEac=
Subject key identifier:   52:25:F8:48:C7:13:54:63:80:37:B1:BC:F6:E1:A4:D1:89:89:90:F7
Authority key identifier: 97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4
Certificate issuer:       /CN=9749ad7659da134ed48074f4db9341ce87517df4
Certificate serial:       01967FB40F2DB7C9CE67F86CA8A94949151D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
Manifest number:          1216
Signing time:             Tue 29 Apr 2025 04:00:28 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:28 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:28 +0000
Files and hashes:         1: l0mtdlnaE07UgHT025NBzodRffQ.crl (hash: BxEZSLRGbkk49rZcG955bhxHOfpWIrgwfnD6h9qln40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:0f:2d:b7:c9:ce:67:f8:6c:a8:a9:49:49:15:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9749ad7659da134ed48074f4db9341ce87517df4
        Validity
            Not Before: Apr 29 04:00:28 2025 GMT
            Not After : Apr 30 04:00:28 2025 GMT
        Subject: CN=5225f848c71354638037b1bcf6e1a4d1898990f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:82:a4:0f:95:81:59:27:26:db:54:5f:ee:84:
                    f1:8d:a4:fd:0a:60:66:f0:df:7b:f5:23:5f:d0:35:
                    5e:04:1b:98:2e:12:d3:d5:8c:ca:93:2f:eb:48:ff:
                    4f:dd:1f:a3:05:d5:71:01:d2:2a:c7:49:c4:fc:d3:
                    91:35:9e:0f:12:3e:c9:cc:52:60:c2:57:08:ce:16:
                    50:56:55:b5:9f:7d:2b:ed:02:40:f0:d1:9b:17:f4:
                    75:cc:f7:c3:85:45:da:09:15:29:14:37:ed:45:0b:
                    06:27:a1:a4:91:90:e8:cc:4b:f3:d3:26:3e:a6:1e:
                    c0:9f:ad:fe:96:64:59:c9:d5:83:39:5b:90:fd:68:
                    29:ac:48:35:62:5b:b1:fa:3e:c4:88:42:68:0a:88:
                    3a:17:e0:b9:e6:f4:ba:c2:6b:6a:3a:ac:3d:db:ec:
                    7f:ee:d9:bd:46:44:ee:ae:cc:c0:a8:0f:30:f4:55:
                    ba:16:e3:bb:2d:b5:f2:45:96:1f:58:60:b0:1f:9b:
                    45:3c:80:d7:60:99:fe:e2:e0:59:2b:7a:f5:b3:c7:
                    d5:db:cf:4e:67:3f:62:57:5c:24:8b:20:e5:db:73:
                    83:bb:6f:b9:27:37:9c:10:e0:61:09:a7:ab:cc:09:
                    8a:86:78:cb:2b:11:7c:c6:1d:d3:66:5e:38:dd:64:
                    6d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:25:F8:48:C7:13:54:63:80:37:B1:BC:F6:E1:A4:D1:89:89:90:F7
            X509v3 Authority Key Identifier:
                keyid:97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:42:db:8f:79:e9:e6:48:89:d7:f4:5a:31:3e:e2:9b:6c:a4:
         47:f8:a1:e2:c8:98:b7:19:77:75:99:1f:ba:2a:26:04:fa:f0:
         ec:ea:18:bf:13:cb:82:53:ea:31:43:15:e2:bf:83:2b:df:3e:
         69:4e:c6:da:44:db:88:00:3b:ff:c4:4f:ff:73:6f:cd:c6:a1:
         e4:55:f8:9f:41:de:3d:61:de:05:47:f7:0d:a4:47:4e:3e:ce:
         ba:ef:67:36:80:5f:7e:3c:8c:38:e0:ba:2b:4a:98:1e:ca:28:
         28:50:bc:d3:41:75:d7:1a:be:c7:e2:3a:09:05:9d:30:34:bd:
         30:32:6a:94:ee:38:21:50:4e:1c:c9:bd:f1:00:da:8a:4c:3d:
         f0:47:ce:46:e6:12:12:05:1e:57:cc:8c:f2:da:49:ba:6f:fd:
         5d:25:a6:ee:4b:65:df:1c:de:69:c5:d2:e6:f5:10:cd:15:d8:
         e4:1f:1c:96:d8:e2:00:f2:92:3f:6c:b4:ac:d2:85:57:ce:bf:
         a5:5b:a0:ff:6b:10:62:6d:3c:b9:45:bc:10:92:97:71:73:6e:
         50:d0:47:d1:a9:e0:7a:f1:ca:a4:6b:a2:53:67:af:33:ba:d8:
         e7:ef:bd:1e:f2:32:e4:d0:aa:36:71:77:27:69:d5:29:19:f1:
         07:81:74:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tA8tt8nOZ/hsqKlJSRUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDlhZDc2NTlkYTEzNGVkNDgwNzRmNGRiOTM0MWNlODc1
MTdkZjQwHhcNMjUwNDI5MDQwMDI4WhcNMjUwNDMwMDQwMDI4WjAzMTEwLwYDVQQD
Eyg1MjI1Zjg0OGM3MTM1NDYzODAzN2IxYmNmNmUxYTRkMTg5ODk5MGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoKkD5WBWScm21Rf7oTxjaT9CmBm
8N979SNf0DVeBBuYLhLT1YzKky/rSP9P3R+jBdVxAdIqx0nE/NORNZ4PEj7JzFJg
wlcIzhZQVlW1n30r7QJA8NGbF/R1zPfDhUXaCRUpFDftRQsGJ6GkkZDozEvz0yY+
ph7An63+lmRZydWDOVuQ/WgprEg1Ylux+j7EiEJoCog6F+C55vS6wmtqOqw92+x/
7tm9RkTurszAqA8w9FW6FuO7LbXyRZYfWGCwH5tFPIDXYJn+4uBZK3r1s8fV289O
Zz9iV1wkiyDl23ODu2+5JzecEOBhCaerzAmKhnjLKxF8xh3TZl443WRtkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIl+EjHE1RjgDexvPbhpNGJiZD3MB8GA1UdIwQY
MBaAFJdJrXZZ2hNO1IB09NuTQc6HUX30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUt
MzJkNzljYzQ5ZjIyLzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUtMzJkNzljYzQ5ZjIy
LzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtkLbj3np
5kiJ1/RaMT7im2ykR/ih4siYtxl3dZkfuiomBPrw7OoYvxPLglPqMUMV4r+DK98+
aU7G2kTbiAA7/8RP/3Nvzcah5FX4n0HePWHeBUf3DaRHTj7Ouu9nNoBffjyMOOC6
K0qYHsooKFC800F11xq+x+I6CQWdMDS9MDJqlO44IVBOHMm98QDaikw98EfORuYS
EgUeV8yM8tpJum/9XSWm7ktl3xzeacXS5vUQzRXY5B8cltjiAPKSP2y0rNKFV86/
pVug/2sQYm08uUW8EJKXcXNuUNBH0angevHKpGuiU2evM7rY5++9HvIy5NCqNnF3
J2nVKRnxB4F0cw==
-----END CERTIFICATE-----