Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          Pcvia5XagPHVpxxKjGIn+/47zZdLYS+oV1eLb/SiMdk=
Subject key identifier:   35:97:D1:07:BE:67:C2:AA:E1:07:03:77:AC:A7:3B:A0:EE:D3:61:7B
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       0194C3882A5E10466DAACF71149D084A1C7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          0295
Signing time:             Sat 01 Feb 2025 22:01:08 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:08 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:08 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: pUrAWxThXG2uIXeN08mqAR2zEGib1xd+Qt2vSwzQcVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:2a:5e:10:46:6d:aa:cf:71:14:9d:08:4a:1c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Feb  1 22:01:08 2025 GMT
            Not After : Feb  2 22:01:08 2025 GMT
        Subject: CN=3597d107be67c2aae1070377aca73ba0eed3617b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:87:a5:a7:d6:1a:de:bf:f6:92:0c:ca:d3:2a:
                    63:f6:e0:95:92:2f:ec:b3:e8:a8:3f:2a:eb:11:45:
                    92:78:57:7b:ef:b3:09:4d:03:db:10:b2:2b:a8:c5:
                    ef:0c:d7:a8:be:dc:6f:07:a2:fb:8b:b1:c1:18:7e:
                    8f:23:26:51:5e:3e:4b:99:ba:f3:68:7d:49:ad:71:
                    49:63:0c:0d:a2:c8:8b:ec:3f:9a:6b:41:f8:df:bc:
                    bf:ff:2c:f2:fc:ac:6c:99:4b:f9:59:1e:1e:75:72:
                    e7:4f:58:f2:9d:31:94:30:bc:6a:9f:64:0b:41:8d:
                    14:9c:f2:c2:75:d9:54:74:2d:00:7f:1f:a1:1d:4a:
                    3b:60:47:c4:73:17:5f:ae:d7:09:59:12:69:3f:ef:
                    de:05:4b:db:93:1c:35:69:ea:7c:9a:a3:8a:c3:51:
                    98:c5:1a:d9:f6:69:9b:8d:28:2a:2e:cb:b5:b6:e3:
                    20:00:aa:5e:19:78:1f:8a:7f:3e:17:68:24:00:50:
                    44:13:c5:bc:2e:08:81:b1:c8:48:e7:a3:e3:b0:da:
                    ab:6e:3f:f6:26:85:98:b4:87:54:b7:c2:bd:dd:50:
                    ea:0e:74:52:e2:a5:44:6b:c7:29:5a:99:36:8b:e2:
                    eb:5e:93:d5:57:ac:bc:a0:76:85:b5:73:98:ea:1c:
                    17:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:97:D1:07:BE:67:C2:AA:E1:07:03:77:AC:A7:3B:A0:EE:D3:61:7B
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:f0:f7:af:03:67:3d:36:e4:05:56:32:55:30:28:f9:cb:44:
         97:49:4a:71:bf:45:ad:ef:95:4d:bd:68:92:b4:8b:2a:eb:9e:
         8c:20:c7:ef:56:56:1a:8d:93:f5:05:ef:d7:c6:4a:f3:45:99:
         3b:be:0f:28:f6:e3:c6:33:08:ef:69:7e:de:6d:26:e9:b2:f2:
         3b:ec:67:b7:46:83:cb:4f:4e:94:59:e0:4e:5c:e5:76:a1:e5:
         c5:7f:85:af:0d:2a:c2:7b:51:d8:26:2d:14:03:b2:d7:1c:b7:
         c7:07:6d:c6:ee:74:be:a5:dc:fb:50:05:5c:7d:20:11:6a:d3:
         c7:e3:3e:67:14:cc:60:5d:26:cb:f8:29:4c:da:20:4e:5d:48:
         f0:8b:26:11:82:ab:72:30:03:a4:23:14:4a:8c:c0:98:ac:8e:
         52:21:b7:c4:c2:87:cd:64:82:57:0c:fb:0d:7b:e3:5d:c9:87:
         57:f2:a8:3f:b4:21:e8:74:9b:a9:be:4d:2d:66:b1:1e:c5:05:
         34:70:3f:3d:e4:9d:49:2a:06:05:02:6b:8e:4c:ef:05:c2:c7:
         30:4b:6e:69:f6:94:a5:3c:74:62:55:3f:85:4b:76:6f:06:ec:
         c7:b0:87:22:32:a8:73:74:51:72:6f:7d:c4:0d:fb:7f:e2:b1:
         16:d8:89:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiCpeEEZtqs9xFJ0IShx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjUwMjAxMjIwMTA4WhcNMjUwMjAyMjIwMTA4WjAzMTEwLwYDVQQD
EygzNTk3ZDEwN2JlNjdjMmFhZTEwNzAzNzdhY2E3M2JhMGVlZDM2MTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4elp9Ya3r/2kgzK0ypj9uCVki/s
s+ioPyrrEUWSeFd777MJTQPbELIrqMXvDNeovtxvB6L7i7HBGH6PIyZRXj5Lmbrz
aH1JrXFJYwwNosiL7D+aa0H437y//yzy/KxsmUv5WR4edXLnT1jynTGUMLxqn2QL
QY0UnPLCddlUdC0Afx+hHUo7YEfEcxdfrtcJWRJpP+/eBUvbkxw1aep8mqOKw1GY
xRrZ9mmbjSgqLsu1tuMgAKpeGXgfin8+F2gkAFBEE8W8LgiBschI56PjsNqrbj/2
JoWYtIdUt8K93VDqDnRS4qVEa8cpWpk2i+LrXpPVV6y8oHaFtXOY6hwXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWX0Qe+Z8Kq4QcDd6ynO6Du02F7MB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPD3rwNn
PTbkBVYyVTAo+ctEl0lKcb9Fre+VTb1okrSLKuuejCDH71ZWGo2T9QXv18ZK80WZ
O74PKPbjxjMI72l+3m0m6bLyO+xnt0aDy09OlFngTlzldqHlxX+Frw0qwntR2CYt
FAOy1xy3xwdtxu50vqXc+1AFXH0gEWrTx+M+ZxTMYF0my/gpTNogTl1I8IsmEYKr
cjADpCMUSozAmKyOUiG3xMKHzWSCVwz7DXvjXcmHV/KoP7Qh6HSbqb5NLWaxHsUF
NHA/PeSdSSoGBQJrjkzvBcLHMEtuafaUpTx0YlU/hUt2bwbsx7CHIjKoc3RRcm99
xA37f+KxFtiJaQ==
-----END CERTIFICATE-----