Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
File:                     MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft (raw, json)
Hash identifier:          /PIfxIlvfucG1xl4ydLT7dnE4iR5fYxOCo6+nu/x1cw=
Subject key identifier:   DC:86:9B:81:92:19:70:8B:95:16:7F:E2:FD:39:16:C9:A6:26:49:53
Authority key identifier: 30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F
Certificate issuer:       /CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
Certificate serial:       0194C3881C5AD8756222AB64695DA0F8712B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
Manifest number:          07B5
Signing time:             Sat 01 Feb 2025 22:01:04 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:04 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:04 +0000
Files and hashes:         1: MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl (hash: r1LWD7cQDnZOeUXdeUcoyNdLv+Xat1FSF8Esv4Qmvio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:1c:5a:d8:75:62:22:ab:64:69:5d:a0:f8:71:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
        Validity
            Not Before: Feb  1 22:01:04 2025 GMT
            Not After : Feb  2 22:01:04 2025 GMT
        Subject: CN=dc869b819219708b95167fe2fd3916c9a6264953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b9:db:fb:70:5c:71:b2:a6:ca:c4:0d:27:83:
                    6c:7b:bc:4d:03:01:1a:37:4c:4f:64:f9:38:30:cb:
                    42:81:24:4f:77:23:6e:1d:4e:fb:81:d7:55:a0:3f:
                    ed:9e:20:b2:d4:c3:1a:e9:6c:40:10:b2:d3:9d:d7:
                    95:94:ac:03:5f:84:a1:91:59:be:7a:82:3b:a3:08:
                    eb:32:b2:cc:ce:d4:68:c0:58:54:bb:fa:a5:f8:31:
                    a6:2d:dd:6d:8c:cd:70:49:08:2d:d9:34:27:0e:70:
                    2d:09:1c:3c:b2:54:bc:2f:66:60:09:98:30:fb:db:
                    4d:dd:46:b4:3a:b2:4d:1c:02:8e:36:2f:0e:fe:d3:
                    1d:65:1e:a7:8a:c2:7e:6d:ec:9c:90:82:74:47:39:
                    6d:71:0d:d1:61:4e:31:9c:da:6e:e1:5d:35:32:36:
                    64:2f:c2:84:59:ae:6a:66:dd:e0:12:9d:5c:ba:0e:
                    37:83:22:e2:93:27:fd:43:55:67:77:fb:1a:3a:c4:
                    f4:9d:47:fc:c3:9b:72:a4:70:c3:39:3d:2f:d7:cb:
                    61:1b:d9:f6:3f:3f:c0:ac:af:3f:1c:d3:12:c0:4e:
                    1f:b5:c4:f0:93:b0:0f:6e:71:37:6e:ef:3d:ab:0c:
                    17:bd:3d:49:58:75:19:50:96:e7:da:85:37:85:ca:
                    e5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:86:9B:81:92:19:70:8B:95:16:7F:E2:FD:39:16:C9:A6:26:49:53
            X509v3 Authority Key Identifier:
                keyid:30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:81:03:a0:b6:86:5f:81:ba:08:46:95:21:90:ce:2a:02:4c:
         6e:8f:6a:ad:1c:6b:d5:64:c5:6b:1a:fe:42:75:c1:e0:ec:66:
         e1:3d:d7:81:0c:b4:88:68:88:64:a3:34:d1:81:47:d9:7a:b1:
         01:e6:6c:42:74:3c:6d:f8:1f:ff:94:89:9b:ea:55:09:2c:0e:
         5f:48:5d:9c:85:8e:b8:c4:6e:59:e3:bb:1e:a7:b4:92:a9:a0:
         ca:c5:f7:80:42:82:4b:9e:5b:e9:fc:ae:6c:6b:d8:ce:de:a8:
         31:8f:b4:2a:b9:ff:86:01:1d:f7:6d:38:32:ff:db:35:f2:6c:
         c5:9c:c5:c6:cc:43:b8:4d:19:99:e7:fa:96:16:2c:ed:50:c2:
         bc:cb:e7:ef:f5:2d:15:21:47:6d:25:66:de:0c:d9:d9:08:7a:
         5f:f6:f9:11:8e:bf:92:30:82:4a:64:96:d4:88:d6:bc:4d:b8:
         47:f8:62:d5:04:d9:d9:a7:1d:04:d8:2e:49:29:23:83:dd:bc:
         b8:63:62:2c:31:39:28:ad:02:86:f1:af:29:6d:f6:9c:f5:43:
         b0:4a:32:9a:08:08:76:81:38:d5:62:5d:2a:08:93:a6:dc:1d:
         24:cc:9b:47:38:f7:96:26:4f:66:b3:30:1c:84:70:e5:f9:93:
         05:5e:75:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiBxa2HViIqtkaV2g+HErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI0MmNmNmMxNTI5YWFhMDY5MzM2N2U0NGM4NGEwN2Q4
YjBjOWYwHhcNMjUwMjAxMjIwMTA0WhcNMjUwMjAyMjIwMTA0WjAzMTEwLwYDVQQD
EyhkYzg2OWI4MTkyMTk3MDhiOTUxNjdmZTJmZDM5MTZjOWE2MjY0OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrnb+3BccbKmysQNJ4Nse7xNAwEa
N0xPZPk4MMtCgSRPdyNuHU77gddVoD/tniCy1MMa6WxAELLTndeVlKwDX4ShkVm+
eoI7owjrMrLMztRowFhUu/ql+DGmLd1tjM1wSQgt2TQnDnAtCRw8slS8L2ZgCZgw
+9tN3Ua0OrJNHAKONi8O/tMdZR6nisJ+beyckIJ0RzltcQ3RYU4xnNpu4V01MjZk
L8KEWa5qZt3gEp1cug43gyLikyf9Q1Vnd/saOsT0nUf8w5typHDDOT0v18thG9n2
Pz/ArK8/HNMSwE4ftcTwk7APbnE3bu89qwwXvT1JWHUZUJbn2oU3hcrl4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyGm4GSGXCLlRZ/4v05FsmmJklTMB8GA1UdIwQY
MBaAFDCiQs9sFSmqoGkzZ+RMhKB9iwyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMt
ZmEyNjc2ZmUzOGZkLzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMtZmEyNjc2ZmUzOGZk
LzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArYEDoLaG
X4G6CEaVIZDOKgJMbo9qrRxr1WTFaxr+QnXB4Oxm4T3XgQy0iGiIZKM00YFH2Xqx
AeZsQnQ8bfgf/5SJm+pVCSwOX0hdnIWOuMRuWeO7Hqe0kqmgysX3gEKCS55b6fyu
bGvYzt6oMY+0Krn/hgEd9204Mv/bNfJsxZzFxsxDuE0Zmef6lhYs7VDCvMvn7/Ut
FSFHbSVm3gzZ2Qh6X/b5EY6/kjCCSmSW1IjWvE24R/hi1QTZ2acdBNguSSkjg928
uGNiLDE5KK0ChvGvKW32nPVDsEoymggIdoE41WJdKgiTptwdJMybRzj3liZPZrMw
HIRw5fmTBV51Lw==
-----END CERTIFICATE-----