Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
File:                     tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json)
Hash identifier:          4kRU15iqKB8IFwlKZ+76kRAOwiCTBCCvCTydPDrRRCA=
Subject key identifier:   6E:71:6C:55:A7:90:06:C9:1F:3B:BE:4D:D6:CB:F7:8C:9F:61:98:80
Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED
Certificate issuer:       /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
Certificate serial:       0195116BC908E591939E8F20DC8288D919F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
Manifest number:          0EF5
Signing time:             Mon 17 Feb 2025 01:00:31 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:31 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:31 +0000
Files and hashes:         1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: zUex7vayqLCUbYBm6vsmdzLVu/uO/+w5mZc0ZKOUZgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:c9:08:e5:91:93:9e:8f:20:dc:82:88:d9:19:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
        Validity
            Not Before: Feb 17 01:00:31 2025 GMT
            Not After : Feb 18 01:00:31 2025 GMT
        Subject: CN=6e716c55a79006c91f3bbe4dd6cbf78c9f619880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:30:45:71:eb:8d:21:0f:84:64:c2:de:e4:f7:
                    eb:7a:63:dc:b1:8c:0a:2d:ef:a9:c8:7e:f5:e3:a1:
                    b9:a1:cc:78:52:56:f9:83:45:5a:d4:93:7a:ee:f2:
                    71:4b:77:1e:f2:bb:03:de:4a:b9:f0:59:6c:18:91:
                    47:f8:e5:d2:a0:c1:3a:35:bd:2f:37:57:5e:8e:ab:
                    59:9a:d4:06:c9:ca:43:2a:68:48:db:1a:20:ed:ce:
                    08:03:22:55:3c:16:a2:33:c8:41:4b:7c:00:b0:63:
                    c1:75:ca:32:f1:9d:d4:0e:56:f3:14:a3:0e:37:dd:
                    b2:97:2d:f2:1e:45:c0:cd:91:af:ac:61:61:2d:36:
                    8d:b9:ed:be:3f:f4:03:e6:4e:70:0b:35:b7:37:02:
                    5a:1e:a0:52:88:19:60:f3:a7:c3:4e:43:43:13:4a:
                    bc:77:57:25:73:82:b7:2d:9a:e1:70:aa:78:a9:13:
                    62:65:d3:d5:29:bd:0b:d0:33:d1:45:4d:13:5d:c2:
                    d8:10:d8:8d:fb:49:b2:39:c2:3c:40:b0:f1:74:67:
                    70:30:b0:25:1a:19:70:28:55:fa:d8:73:2f:9b:32:
                    96:3d:1e:32:d5:22:7d:24:ba:97:74:88:0d:5b:f4:
                    6e:94:46:d8:f0:f2:ce:3a:d1:de:24:e5:0d:ab:8a:
                    f6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:71:6C:55:A7:90:06:C9:1F:3B:BE:4D:D6:CB:F7:8C:9F:61:98:80
            X509v3 Authority Key Identifier:
                keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:50:12:31:f7:e7:aa:f8:0f:28:ce:7c:4b:09:73:3b:cb:0f:
         7d:ce:ec:bc:85:12:7d:c7:ea:a3:76:3e:e6:21:d3:1e:24:9b:
         0f:07:2a:3f:67:f7:1d:78:47:a5:96:d8:23:7f:78:c1:c6:a4:
         b7:25:4f:c4:e2:57:45:21:e7:b4:23:bb:da:b0:c0:7e:52:fa:
         b2:1b:b2:0f:cf:c0:ff:92:d8:79:d4:60:92:99:8f:33:95:c3:
         3f:ab:ca:ae:6b:0a:a5:89:3b:7b:31:45:89:a5:52:6c:1d:c7:
         ab:5c:c3:94:94:60:e0:53:44:f0:d3:ad:e9:0f:50:47:e5:89:
         2e:4c:d3:f9:a5:cd:9d:a1:79:a3:9e:67:c3:6f:46:c5:4e:52:
         9a:0a:b1:e9:7b:61:4f:4c:9e:7d:79:88:a3:23:65:11:dc:8a:
         ed:89:68:9c:32:0f:d1:20:e4:ef:20:b9:20:15:22:57:24:3a:
         41:6d:ca:2e:4e:bb:d6:1e:50:99:d8:05:62:c8:b2:1b:3f:d7:
         44:1f:06:38:27:ea:bb:cf:57:a4:62:48:ff:6a:35:e3:54:d9:
         45:c3:f4:53:9e:6e:65:ed:87:5b:37:53:0b:05:6e:e2:7a:e1:
         c3:c8:c2:07:ba:2c:5d:cd:94:aa:b1:8b:82:68:9b:b5:19:53:
         23:8a:dc:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa8kI5ZGTno8g3IKI2Rn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh
ZmYzZWQwHhcNMjUwMjE3MDEwMDMxWhcNMjUwMjE4MDEwMDMxWjAzMTEwLwYDVQQD
Eyg2ZTcxNmM1NWE3OTAwNmM5MWYzYmJlNGRkNmNiZjc4YzlmNjE5ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjBFceuNIQ+EZMLe5PfremPcsYwK
Le+pyH7146G5ocx4Ulb5g0Va1JN67vJxS3ce8rsD3kq58FlsGJFH+OXSoME6Nb0v
N1dejqtZmtQGycpDKmhI2xog7c4IAyJVPBaiM8hBS3wAsGPBdcoy8Z3UDlbzFKMO
N92yly3yHkXAzZGvrGFhLTaNue2+P/QD5k5wCzW3NwJaHqBSiBlg86fDTkNDE0q8
d1clc4K3LZrhcKp4qRNiZdPVKb0L0DPRRU0TXcLYENiN+0myOcI8QLDxdGdwMLAl
GhlwKFX62HMvmzKWPR4y1SJ9JLqXdIgNW/RulEbY8PLOOtHeJOUNq4r2/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5xbFWnkAbJHzu+TdbL94yfYZiAMB8GA1UdIwQY
MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt
NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk
LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAglASMffn
qvgPKM58SwlzO8sPfc7svIUSfcfqo3Y+5iHTHiSbDwcqP2f3HXhHpZbYI394wcak
tyVPxOJXRSHntCO72rDAflL6shuyD8/A/5LYedRgkpmPM5XDP6vKrmsKpYk7ezFF
iaVSbB3Hq1zDlJRg4FNE8NOt6Q9QR+WJLkzT+aXNnaF5o55nw29GxU5Smgqx6Xth
T0yefXmIoyNlEdyK7YlonDIP0SDk7yC5IBUiVyQ6QW3KLk671h5QmdgFYsiyGz/X
RB8GOCfqu89XpGJI/2o141TZRcP0U55uZe2HWzdTCwVu4nrhw8jCB7osXc2UqrGL
gmibtRlTI4rcyQ==
-----END CERTIFICATE-----