Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          U3hbqxEp1gmQ25/o//L6VuY9RwZkC1URbX6yWU5+6ws=
Subject key identifier:   1F:0D:58:5D:CE:08:B0:82:B0:26:71:09:D6:C0:4A:C2:16:24:CA:2D
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       01951210C8C9AC8E2A7E96E0DB288C6C15E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          054B
Signing time:             Mon 17 Feb 2025 04:00:44 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:44 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:44 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: 5pQpHsjdBZXi3/Cavm4urBXlJQGmKyycsZZ/X5IK7qM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:c8:c9:ac:8e:2a:7e:96:e0:db:28:8c:6c:15:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Feb 17 04:00:44 2025 GMT
            Not After : Feb 18 04:00:44 2025 GMT
        Subject: CN=1f0d585dce08b082b0267109d6c04ac21624ca2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4a:92:7c:67:d8:27:5f:32:94:46:39:2e:64:
                    46:fa:52:4b:2b:b0:e3:33:66:0f:9e:0a:2b:45:f4:
                    35:7d:a3:01:1e:44:0f:16:01:d0:67:c3:f8:ec:78:
                    8a:1b:85:e3:ed:d9:2f:a9:43:06:b5:c8:e8:08:38:
                    7a:36:3d:1c:fb:a3:49:ea:8d:19:fa:ec:05:46:ea:
                    17:e8:48:81:a2:b2:71:44:4d:0b:13:b2:e9:8d:ba:
                    be:5d:7e:95:c0:15:7a:18:24:88:a0:b4:ef:70:61:
                    d3:b8:a0:42:d8:52:9b:39:d4:8a:c0:fa:b4:bd:16:
                    35:f4:97:e3:52:b1:c7:b1:81:d5:01:4b:53:25:2e:
                    c0:80:12:d5:32:5d:4b:0f:47:0c:05:82:f5:fb:9e:
                    9a:0a:c0:d1:0c:10:2d:5c:f0:07:13:37:ec:3a:9b:
                    25:7b:f3:a3:77:6e:79:d3:09:81:b9:e4:7c:c4:98:
                    3b:92:07:84:51:7f:ac:13:a1:20:98:69:18:92:26:
                    8b:f8:36:6e:6c:83:7f:6e:46:02:2a:75:6c:7f:e5:
                    36:a9:57:65:82:80:65:61:4c:f5:58:8a:e3:2c:65:
                    1a:e3:1c:f0:66:4e:ba:c1:2d:7d:41:b8:62:11:ee:
                    0a:d7:58:29:77:a5:7d:80:29:e8:2a:44:7c:b1:78:
                    3d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:0D:58:5D:CE:08:B0:82:B0:26:71:09:D6:C0:4A:C2:16:24:CA:2D
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:7a:fa:b6:98:4f:5d:66:4e:49:12:0c:d8:92:37:a1:73:40:
         ba:28:6f:af:4d:a8:49:bd:8d:36:8e:d3:56:ff:77:81:e3:e6:
         4c:ff:c3:45:f9:86:6e:24:90:a2:4a:72:73:22:9e:44:f8:43:
         ee:bb:20:d3:dc:82:45:e0:c5:43:6b:0b:e0:d5:48:42:9b:63:
         b5:46:ed:7a:66:da:d7:37:ca:a4:5f:24:31:e2:98:4f:3a:d7:
         19:0f:98:8d:28:9f:c0:25:5c:2b:6c:88:07:f1:46:08:5f:58:
         02:17:1d:4d:3d:7a:e5:ba:aa:a1:57:e0:35:40:97:e5:e2:66:
         34:0a:3a:20:46:78:c0:05:c6:78:99:95:d5:f3:95:80:e5:4f:
         a8:20:a8:15:4f:72:1e:3e:92:6b:a6:21:41:30:8b:39:59:f6:
         3d:d6:ac:86:e3:1c:95:f3:7c:2e:86:f4:33:b2:b2:d5:db:d7:
         84:d5:6a:41:b8:e1:33:d6:f8:5c:44:1b:3f:cd:10:aa:f2:f2:
         41:c2:a9:8d:d0:4a:d7:26:fe:e9:92:cc:94:e1:f0:10:81:47:
         71:49:2a:61:2e:00:fd:28:13:25:b9:b7:eb:40:6b:b8:53:c5:
         56:ca:78:92:87:e6:74:4a:f6:74:33:c0:fd:5e:2d:0b:f1:4b:
         6a:de:83:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEMjJrI4qfpbg2yiMbBXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwMjE3MDQwMDQ0WhcNMjUwMjE4MDQwMDQ0WjAzMTEwLwYDVQQD
EygxZjBkNTg1ZGNlMDhiMDgyYjAyNjcxMDlkNmMwNGFjMjE2MjRjYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkqSfGfYJ18ylEY5LmRG+lJLK7Dj
M2YPngorRfQ1faMBHkQPFgHQZ8P47HiKG4Xj7dkvqUMGtcjoCDh6Nj0c+6NJ6o0Z
+uwFRuoX6EiBorJxRE0LE7Lpjbq+XX6VwBV6GCSIoLTvcGHTuKBC2FKbOdSKwPq0
vRY19JfjUrHHsYHVAUtTJS7AgBLVMl1LD0cMBYL1+56aCsDRDBAtXPAHEzfsOpsl
e/Ojd2550wmBueR8xJg7kgeEUX+sE6EgmGkYkiaL+DZubIN/bkYCKnVsf+U2qVdl
goBlYUz1WIrjLGUa4xzwZk66wS19QbhiEe4K11gpd6V9gCnoKkR8sXg9XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8NWF3OCLCCsCZxCdbASsIWJMotMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGXr6tphP
XWZOSRIM2JI3oXNAuihvr02oSb2NNo7TVv93gePmTP/DRfmGbiSQokpycyKeRPhD
7rsg09yCReDFQ2sL4NVIQptjtUbtemba1zfKpF8kMeKYTzrXGQ+YjSifwCVcK2yI
B/FGCF9YAhcdTT165bqqoVfgNUCX5eJmNAo6IEZ4wAXGeJmV1fOVgOVPqCCoFU9y
Hj6Sa6YhQTCLOVn2PdashuMclfN8Lob0M7Ky1dvXhNVqQbjhM9b4XEQbP80QqvLy
QcKpjdBK1yb+6ZLMlOHwEIFHcUkqYS4A/SgTJbm360BruFPFVsp4kofmdEr2dDPA
/V4tC/FLat6Dcg==
-----END CERTIFICATE-----