Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          MJ4cIbI1ZR6RTZ/bWX/Lawg/rFVrG7LYTm5e3bcspQQ=
Subject key identifier:   A3:A7:8F:A8:01:20:B7:4A:89:0F:8D:57:D2:A1:7A:40:51:A7:C1:4A
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       0194C387F89652B6044223190CDE1F4E02DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          142B
Signing time:             Sat 01 Feb 2025 22:00:55 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:55 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:55 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: EDbbgbxmNTMF+f+zH1+8dG4R0DDTSVshCiWfjF6Kw0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:f8:96:52:b6:04:42:23:19:0c:de:1f:4e:02:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Feb  1 22:00:55 2025 GMT
            Not After : Feb  2 22:00:55 2025 GMT
        Subject: CN=a3a78fa80120b74a890f8d57d2a17a4051a7c14a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b3:ea:25:1f:25:57:ff:af:8e:cf:dd:b3:e2:
                    29:53:b7:1e:9f:c4:76:36:ba:fc:72:19:9b:26:35:
                    5a:dc:4c:c8:2e:fb:70:d6:f1:a2:1e:0b:07:00:16:
                    57:60:38:60:8d:8b:4f:40:65:b8:a5:4e:b2:a3:78:
                    26:45:44:46:e5:20:cf:16:ff:aa:ba:6a:7a:e9:5e:
                    e9:48:41:c8:1f:e9:56:3c:52:d2:25:72:5d:d2:b2:
                    33:41:55:73:8f:d3:59:5a:ac:e8:07:af:f8:81:f2:
                    6a:9b:7f:ab:c1:13:ae:8c:9d:70:bd:fc:b4:f9:5b:
                    aa:b3:e6:fe:5a:76:33:38:6f:33:86:b5:ed:b2:15:
                    33:a3:a7:e6:ee:76:92:f3:1e:a5:a9:aa:b7:c7:17:
                    28:60:47:e9:57:a9:5a:24:57:87:21:23:2d:1d:32:
                    8a:cb:d0:68:c9:17:9e:6d:bd:33:9f:35:29:85:96:
                    05:3a:68:2e:35:a2:ca:50:65:ac:20:89:63:6f:b3:
                    76:63:e2:2d:2f:90:3c:24:24:8a:7d:cf:37:e2:ee:
                    19:73:8f:8c:b7:6c:dc:4e:82:2a:dd:c7:6a:1b:44:
                    d9:1c:f7:06:b3:3e:9c:00:dd:b1:36:e1:c6:fd:11:
                    ed:50:ec:ca:98:86:10:b6:ff:1f:21:30:82:b4:6d:
                    37:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A7:8F:A8:01:20:B7:4A:89:0F:8D:57:D2:A1:7A:40:51:A7:C1:4A
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:0b:51:66:56:fd:94:e8:11:57:85:aa:d5:ba:49:2a:02:3d:
         6a:33:91:0a:04:ca:9e:a8:bf:33:77:dd:67:c2:d2:57:c1:7c:
         30:75:3e:68:20:f3:07:10:f1:7a:ce:9c:01:84:2a:b0:59:4f:
         2f:b3:d6:64:d8:c2:f9:1c:8b:de:db:ee:5e:89:7c:57:35:fc:
         66:d4:d6:a6:2e:b9:60:49:b9:2e:0f:7e:eb:64:46:6b:c7:a9:
         12:45:ec:4a:84:69:b9:cc:4e:8b:c1:27:e2:5e:ef:26:cf:63:
         41:43:c9:ca:d1:c9:05:4a:d8:ce:16:cc:58:8f:e3:e1:e0:aa:
         bd:d0:e2:1c:71:23:46:64:a4:25:12:0e:73:2b:ae:05:eb:2f:
         be:d4:16:eb:2f:d1:51:d6:44:ab:dd:65:0d:7e:70:32:ae:88:
         e8:ef:a0:80:0b:51:92:42:14:0d:50:df:e0:f8:aa:ae:ae:78:
         b6:d1:c4:79:ac:01:23:7c:e1:bd:b5:fc:e8:98:c9:5a:56:a2:
         2b:9a:13:74:1f:f5:0a:b1:cd:21:cd:9a:2c:24:25:dd:e0:4c:
         8f:4d:08:a3:91:da:6d:4b:10:a2:62:35:cc:26:4b:96:e0:bc:
         af:4c:66:3d:b1:8d:34:85:82:ff:65:5a:ef:99:fa:29:48:4c:
         17:26:61:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh/iWUrYEQiMZDN4fTgLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUwMjAxMjIwMDU1WhcNMjUwMjAyMjIwMDU1WjAzMTEwLwYDVQQD
EyhhM2E3OGZhODAxMjBiNzRhODkwZjhkNTdkMmExN2E0MDUxYTdjMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorPqJR8lV/+vjs/ds+IpU7cen8R2
Nrr8chmbJjVa3EzILvtw1vGiHgsHABZXYDhgjYtPQGW4pU6yo3gmRURG5SDPFv+q
ump66V7pSEHIH+lWPFLSJXJd0rIzQVVzj9NZWqzoB6/4gfJqm3+rwROujJ1wvfy0
+Vuqs+b+WnYzOG8zhrXtshUzo6fm7naS8x6lqaq3xxcoYEfpV6laJFeHISMtHTKK
y9BoyReebb0znzUphZYFOmguNaLKUGWsIIljb7N2Y+ItL5A8JCSKfc834u4Zc4+M
t2zcToIq3cdqG0TZHPcGsz6cAN2xNuHG/RHtUOzKmIYQtv8fITCCtG03FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOnj6gBILdKiQ+NV9KhekBRp8FKMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAtRZlb9
lOgRV4Wq1bpJKgI9ajORCgTKnqi/M3fdZ8LSV8F8MHU+aCDzBxDxes6cAYQqsFlP
L7PWZNjC+RyL3tvuXol8VzX8ZtTWpi65YEm5Lg9+62RGa8epEkXsSoRpucxOi8En
4l7vJs9jQUPJytHJBUrYzhbMWI/j4eCqvdDiHHEjRmSkJRIOcyuuBesvvtQW6y/R
UdZEq91lDX5wMq6I6O+ggAtRkkIUDVDf4Piqrq54ttHEeawBI3zhvbX86JjJWlai
K5oTdB/1CrHNIc2aLCQl3eBMj00Io5HabUsQomI1zCZLluC8r0xmPbGNNIWC/2Va
75n6KUhMFyZhwg==
-----END CERTIFICATE-----