Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          VOAMHMehGobAWB+jmBfYwmj16CtmulF/TNUWb3KVtl8=
Subject key identifier:   37:70:EC:E4:7C:75:DA:10:88:3C:CB:50:59:42:E5:F1:56:32:8C:80
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       0194C3875BDC25BF35EE83CAC2A3458E7433
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:15 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:15 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:15 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: QfjbHCIqCvDOqlpid8ZZbKjD7pU/MrkncvMCK5r6u9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:5b:dc:25:bf:35:ee:83:ca:c2:a3:45:8e:74:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Feb  1 22:00:15 2025 GMT
            Not After : Feb  2 22:00:15 2025 GMT
        Subject: CN=3770ece47c75da10883ccb505942e5f156328c80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d7:6e:2f:0a:9f:87:d0:fc:ae:b7:3c:3f:b6:
                    85:3c:f9:92:2c:09:00:17:c9:70:ad:1c:db:46:21:
                    b5:3f:93:99:df:7b:ea:ab:29:e2:5e:83:94:77:ef:
                    f2:56:9f:88:19:74:9a:c1:a5:d7:31:0f:5b:b5:c2:
                    67:6f:fb:f5:b4:ed:0c:19:98:0f:81:3d:37:b2:49:
                    68:53:1d:15:10:3b:0d:cc:fa:12:3b:58:4c:c4:1c:
                    62:f1:74:25:52:d9:d8:82:3e:9a:59:9e:0a:b7:4b:
                    44:d4:3e:27:7b:3d:62:d8:f1:7e:b8:88:e5:47:24:
                    c3:56:a3:e4:c4:71:59:2e:5e:e4:5f:90:38:73:3e:
                    ca:a5:b4:a8:af:16:6c:09:da:29:e7:e7:e3:49:d6:
                    7e:c1:37:02:37:cc:7b:d4:bb:f9:f4:40:e3:ce:bc:
                    8f:1b:b1:56:69:5b:ef:55:4a:b5:67:00:28:82:ad:
                    b0:a6:a6:d0:96:05:23:bc:3d:f0:41:24:cd:69:a1:
                    00:6e:67:13:7a:16:5d:de:d4:c1:97:8a:e4:80:54:
                    41:56:d4:e0:84:3f:bb:f6:0f:03:c4:3c:e2:f5:30:
                    80:18:a2:ab:46:e0:ce:81:fc:00:bd:bb:47:db:50:
                    7b:b9:50:b6:f0:76:c0:8d:44:e2:60:0b:aa:47:c6:
                    4d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:70:EC:E4:7C:75:DA:10:88:3C:CB:50:59:42:E5:F1:56:32:8C:80
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:87:56:1d:66:f8:bb:67:12:aa:c1:31:8f:71:27:4b:2c:27:
         b1:8d:db:65:a9:90:77:c5:58:59:91:5e:1b:ee:5c:72:6b:b7:
         35:8a:69:30:c9:9e:24:ef:19:67:88:60:30:9c:ef:30:31:ea:
         5b:1d:52:a1:2f:7d:e2:8e:5f:80:40:6a:56:7e:ae:eb:eb:4e:
         d7:9a:ff:5e:a1:f6:2e:92:a7:ac:93:9b:80:26:04:aa:93:a0:
         06:d7:90:00:fe:b9:74:dc:df:c5:f7:8b:25:91:71:e1:7b:ce:
         bf:96:9b:cf:6c:2a:0f:44:a4:df:7e:3e:35:a0:41:91:9e:25:
         f0:06:78:05:16:84:4c:d6:42:4e:33:0a:2f:84:77:f7:9d:78:
         fc:a0:97:c0:a0:b7:aa:4a:b5:c2:f8:4d:7c:65:35:79:94:8a:
         c2:79:bb:98:b2:37:42:24:51:a2:45:b1:ff:cb:12:5d:70:25:
         0d:39:09:38:5d:0c:ca:ab:c1:e4:79:4d:a2:38:78:d3:0f:e0:
         5e:7f:73:d9:52:79:8a:28:d8:e3:32:55:54:5c:6c:3e:be:9e:
         ba:f9:2c:db:9a:04:ca:02:b9:ae:32:7c:12:f9:e2:20:6d:5b:
         5d:6a:56:50:8b:6c:f5:47:92:89:6b:5c:9e:6a:95:31:c0:b7:
         e2:b9:12:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh1vcJb817oPKwqNFjnQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjUwMjAxMjIwMDE1WhcNMjUwMjAyMjIwMDE1WjAzMTEwLwYDVQQD
EygzNzcwZWNlNDdjNzVkYTEwODgzY2NiNTA1OTQyZTVmMTU2MzI4YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNduLwqfh9D8rrc8P7aFPPmSLAkA
F8lwrRzbRiG1P5OZ33vqqyniXoOUd+/yVp+IGXSawaXXMQ9btcJnb/v1tO0MGZgP
gT03skloUx0VEDsNzPoSO1hMxBxi8XQlUtnYgj6aWZ4Kt0tE1D4nez1i2PF+uIjl
RyTDVqPkxHFZLl7kX5A4cz7KpbSorxZsCdop5+fjSdZ+wTcCN8x71Lv59EDjzryP
G7FWaVvvVUq1ZwAogq2wpqbQlgUjvD3wQSTNaaEAbmcTehZd3tTBl4rkgFRBVtTg
hD+79g8DxDzi9TCAGKKrRuDOgfwAvbtH21B7uVC28HbAjUTiYAuqR8ZNAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdw7OR8ddoQiDzLUFlC5fFWMoyAMB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFYdWHWb4
u2cSqsExj3EnSywnsY3bZamQd8VYWZFeG+5ccmu3NYppMMmeJO8ZZ4hgMJzvMDHq
Wx1SoS994o5fgEBqVn6u6+tO15r/XqH2LpKnrJObgCYEqpOgBteQAP65dNzfxfeL
JZFx4XvOv5abz2wqD0Sk334+NaBBkZ4l8AZ4BRaETNZCTjMKL4R39514/KCXwKC3
qkq1wvhNfGU1eZSKwnm7mLI3QiRRokWx/8sSXXAlDTkJOF0MyqvB5HlNojh40w/g
Xn9z2VJ5iijY4zJVVFxsPr6euvks25oEygK5rjJ8EvniIG1bXWpWUIts9UeSiWtc
nmqVMcC34rkS4w==
-----END CERTIFICATE-----