Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          HsZ2a9j0ajdrmF9w/tQzj6k+rXvKxlbN1AHlTYSaMXo=
Subject key identifier:   14:79:30:6F:2F:7F:34:FA:0C:7C:04:AD:63:BF:A6:19:95:1C:8C:44
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       0194C38755AC6D261895196FB7FFCFC3D9EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0C8A
Signing time:             Sat 01 Feb 2025 22:00:13 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:13 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:13 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: kiewoR0aXm0Jtn8D1RBg+Pd6OjjhjDakBsNj4UVBe8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:55:ac:6d:26:18:95:19:6f:b7:ff:cf:c3:d9:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Feb  1 22:00:13 2025 GMT
            Not After : Feb  2 22:00:13 2025 GMT
        Subject: CN=1479306f2f7f34fa0c7c04ad63bfa619951c8c44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:13:95:cd:40:7c:1b:0f:5b:32:1d:27:fa:54:
                    6a:a4:9a:47:8d:0e:3c:fd:b0:28:7d:21:5a:1d:f9:
                    e7:35:08:2e:0c:cc:0f:a4:25:72:45:87:f9:1d:0b:
                    2c:53:81:5e:47:1b:61:7f:11:d0:06:13:11:4a:d3:
                    5f:0a:67:34:ea:1f:f4:e4:5c:ff:4c:3c:e9:8f:9c:
                    fa:89:1e:4d:eb:a9:ad:c1:fa:eb:a1:d3:55:c6:37:
                    75:c3:b7:a4:7b:b7:8f:ac:f5:93:af:d6:48:98:f3:
                    21:ef:bd:6e:df:f5:1a:34:f9:61:3a:86:24:21:66:
                    80:a4:63:a1:9a:f5:a6:bd:14:57:f4:0a:af:61:9e:
                    41:74:58:8d:2c:e8:c8:37:29:1d:b8:18:9c:e4:d1:
                    76:3f:10:fc:d4:3a:66:ac:73:a3:99:1b:30:02:36:
                    c0:d7:4f:eb:9d:57:7d:ef:6f:60:94:6f:3f:ff:6d:
                    50:43:23:9c:18:3e:90:b3:04:7b:b6:11:c9:96:b0:
                    8f:65:4e:fb:06:78:51:ea:de:74:08:d6:aa:52:ff:
                    0f:e4:82:b2:5c:22:52:66:86:ae:39:32:08:5f:77:
                    60:a2:c5:04:5d:f5:0e:9d:73:a1:e6:de:f2:7e:43:
                    8b:b5:72:3d:79:3b:75:97:63:6d:f8:b6:2c:e6:71:
                    f3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:79:30:6F:2F:7F:34:FA:0C:7C:04:AD:63:BF:A6:19:95:1C:8C:44
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:f1:f6:11:31:a5:12:b2:9b:21:38:b2:ee:58:be:2f:6c:02:
         b3:4e:32:0f:58:03:0f:09:9f:83:83:e8:85:54:7c:cb:bc:64:
         dd:ad:50:3d:14:79:c9:27:7e:9c:87:9d:cc:aa:a3:56:c7:23:
         0a:f6:11:b3:16:2e:0e:6a:70:72:7c:52:cf:2c:a7:74:2f:46:
         e2:64:56:ea:fd:ec:77:df:cf:41:e0:f2:a5:be:35:06:c6:22:
         ce:81:4e:ce:c9:bd:ff:d0:3d:98:7e:73:a2:e0:00:d7:e5:75:
         3b:a1:38:7d:81:bd:93:5e:7c:1c:1c:f3:f2:5e:61:35:cd:b7:
         3b:86:a8:7a:72:32:8d:77:f7:07:08:96:72:e1:80:cf:11:b8:
         a9:5c:5c:36:b6:fa:78:d8:1d:05:06:2d:a5:11:87:cc:2a:46:
         7d:c9:1e:a1:18:c0:f9:25:38:16:04:5a:49:87:e5:64:10:49:
         fa:dd:cc:0c:f6:4a:2c:5f:22:c3:49:80:de:3d:6f:30:89:e4:
         1d:19:cf:e8:7a:8f:13:0f:40:df:4b:c6:c8:1b:7c:29:dc:01:
         69:87:53:b6:1b:f2:69:ed:ad:5c:69:e8:d7:08:e5:cb:f6:27:
         fd:37:c6:3a:48:90:13:f9:ce:c8:31:c0:e3:62:f8:b4:d2:b4:
         fb:b8:e3:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh1WsbSYYlRlvt//Pw9nsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwMjAxMjIwMDEzWhcNMjUwMjAyMjIwMDEzWjAzMTEwLwYDVQQD
EygxNDc5MzA2ZjJmN2YzNGZhMGM3YzA0YWQ2M2JmYTYxOTk1MWM4YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApROVzUB8Gw9bMh0n+lRqpJpHjQ48
/bAofSFaHfnnNQguDMwPpCVyRYf5HQssU4FeRxthfxHQBhMRStNfCmc06h/05Fz/
TDzpj5z6iR5N66mtwfrrodNVxjd1w7eke7ePrPWTr9ZImPMh771u3/UaNPlhOoYk
IWaApGOhmvWmvRRX9AqvYZ5BdFiNLOjINykduBic5NF2PxD81DpmrHOjmRswAjbA
10/rnVd9729glG8//21QQyOcGD6QswR7thHJlrCPZU77BnhR6t50CNaqUv8P5IKy
XCJSZoauOTIIX3dgosUEXfUOnXOh5t7yfkOLtXI9eTt1l2Nt+LYs5nHzwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBR5MG8vfzT6DHwErWO/phmVHIxEMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfH2ETGl
ErKbITiy7li+L2wCs04yD1gDDwmfg4PohVR8y7xk3a1QPRR5ySd+nIedzKqjVscj
CvYRsxYuDmpwcnxSzyyndC9G4mRW6v3sd9/PQeDypb41BsYizoFOzsm9/9A9mH5z
ouAA1+V1O6E4fYG9k158HBzz8l5hNc23O4aoenIyjXf3BwiWcuGAzxG4qVxcNrb6
eNgdBQYtpRGHzCpGfckeoRjA+SU4FgRaSYflZBBJ+t3MDPZKLF8iw0mA3j1vMInk
HRnP6HqPEw9A30vGyBt8KdwBaYdTthvyae2tXGno1wjly/Yn/TfGOkiQE/nOyDHA
42L4tNK0+7jjRQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:52:19 2025 by rpki-client