Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          31HFZcOpM7c5SuQMFILxzli7oZDyBhZIFYZ4tXCbHxk=
Subject key identifier:   80:69:3B:29:28:C1:75:C7:66:C0:B6:2F:EC:58:44:15:F7:D3:CF:38
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       0194C3876D1D29B3F61BA38AE903EDE356C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          05AD
Signing time:             Sat 01 Feb 2025 22:00:19 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:19 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:19 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: 6MukpNvyQmQYBpHDNYOLNGi19rmKhYkYgp4KrutlUwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:6d:1d:29:b3:f6:1b:a3:8a:e9:03:ed:e3:56:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: Feb  1 22:00:19 2025 GMT
            Not After : Feb  2 22:00:19 2025 GMT
        Subject: CN=80693b2928c175c766c0b62fec584415f7d3cf38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:20:bf:7d:a8:0f:eb:d0:98:3e:fd:ae:17:3c:
                    92:ac:76:29:12:83:a6:3d:5f:2f:b4:19:40:84:1f:
                    20:0a:c0:c8:35:f7:ba:60:c7:11:b2:e5:3d:c3:b2:
                    bb:a1:44:1d:53:23:19:c6:f4:52:d4:40:86:b2:e7:
                    57:31:4f:47:ca:34:69:27:81:ef:94:c9:13:9e:c8:
                    ea:dd:01:13:82:03:03:0e:31:ef:40:77:77:a2:00:
                    92:78:fd:14:4e:0b:c4:ba:3f:a4:9c:f2:37:dd:95:
                    a3:77:c6:0b:6a:35:88:c0:fc:00:f3:23:e6:b8:f5:
                    e4:c5:f7:83:46:3a:9e:cd:bc:b5:42:ce:d5:bd:ac:
                    20:d9:30:31:29:a3:c7:e4:ca:cc:df:93:ee:8a:58:
                    80:a5:32:02:c3:74:a1:8e:a1:99:26:55:95:4a:db:
                    08:17:7b:38:26:6f:48:54:78:80:18:a3:72:81:a1:
                    cb:56:f9:a5:09:ee:dd:14:13:b1:0a:1a:b8:55:f4:
                    04:0e:e5:4f:74:45:13:71:90:3c:11:b1:ab:94:17:
                    d6:3b:46:17:80:67:a7:49:3c:d0:4e:60:c2:5d:0a:
                    df:ee:4f:35:86:76:b9:43:51:d1:a0:74:ef:28:22:
                    e6:e5:20:33:94:58:8d:82:ed:6e:8d:b6:b3:7c:09:
                    95:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:69:3B:29:28:C1:75:C7:66:C0:B6:2F:EC:58:44:15:F7:D3:CF:38
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:a8:63:67:4f:cf:e3:c5:b1:31:e3:8e:bf:7b:c1:85:e4:6a:
         82:da:9a:2c:3e:d6:6c:9f:c9:77:06:9a:79:27:8b:e6:c1:41:
         af:c6:e8:36:b1:21:04:f9:7f:4f:7a:1c:cd:d9:ba:7c:35:c4:
         c4:14:4e:8c:64:4b:a3:37:61:c0:e3:93:f6:4b:db:87:8a:8f:
         67:2b:11:28:15:f2:0e:00:f5:60:14:65:12:e9:81:d1:3b:5e:
         c6:01:f0:38:65:3c:a7:ba:b5:3f:8f:73:69:54:f7:b0:1a:d7:
         19:e0:b9:3d:11:02:02:bd:17:c2:59:bb:89:15:fb:4e:5b:5b:
         a1:f8:19:ac:1a:08:d2:be:89:45:08:ab:61:83:94:3a:1c:96:
         d5:eb:0d:fd:12:c6:37:55:d9:9a:d3:9c:24:75:12:a3:6f:e0:
         e4:80:e5:5a:8f:23:fd:59:00:b2:cf:56:1e:65:34:77:b2:32:
         67:56:f7:43:13:1f:38:03:6b:ce:92:7b:3d:eb:64:89:a0:67:
         1a:73:bb:a5:88:4f:61:db:e9:31:41:62:12:40:9d:fb:88:37:
         98:db:de:0d:fd:93:d8:d2:25:90:1f:c9:43:e4:aa:26:93:69:
         a6:71:87:9c:6f:d4:67:c1:48:ba:5a:f9:06:41:91:5c:62:c8:
         3c:e2:a8:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh20dKbP2G6OK6QPt41bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjUwMjAxMjIwMDE5WhcNMjUwMjAyMjIwMDE5WjAzMTEwLwYDVQQD
Eyg4MDY5M2IyOTI4YzE3NWM3NjZjMGI2MmZlYzU4NDQxNWY3ZDNjZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCC/fagP69CYPv2uFzySrHYpEoOm
PV8vtBlAhB8gCsDINfe6YMcRsuU9w7K7oUQdUyMZxvRS1ECGsudXMU9HyjRpJ4Hv
lMkTnsjq3QETggMDDjHvQHd3ogCSeP0UTgvEuj+knPI33ZWjd8YLajWIwPwA8yPm
uPXkxfeDRjqezby1Qs7Vvawg2TAxKaPH5MrM35PuiliApTICw3ShjqGZJlWVStsI
F3s4Jm9IVHiAGKNygaHLVvmlCe7dFBOxChq4VfQEDuVPdEUTcZA8EbGrlBfWO0YX
gGenSTzQTmDCXQrf7k81hna5Q1HRoHTvKCLm5SAzlFiNgu1ujbazfAmVxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBpOykowXXHZsC2L+xYRBX30884MB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiKhjZ0/P
48WxMeOOv3vBheRqgtqaLD7WbJ/JdwaaeSeL5sFBr8boNrEhBPl/T3oczdm6fDXE
xBROjGRLozdhwOOT9kvbh4qPZysRKBXyDgD1YBRlEumB0TtexgHwOGU8p7q1P49z
aVT3sBrXGeC5PRECAr0Xwlm7iRX7TltbofgZrBoI0r6JRQirYYOUOhyW1esN/RLG
N1XZmtOcJHUSo2/g5IDlWo8j/VkAss9WHmU0d7IyZ1b3QxMfOANrzpJ7PetkiaBn
GnO7pYhPYdvpMUFiEkCd+4g3mNveDf2T2NIlkB/JQ+SqJpNppnGHnG/UZ8FIulr5
BkGRXGLIPOKo3g==
-----END CERTIFICATE-----