Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          t9jTssRqssO3dDYwAjOGxYNldSRvUKRd99m1dcuI/W8=
Subject key identifier:   22:79:1C:D3:E8:65:0B:3F:A6:49:97:79:23:E7:4C:F3:59:A7:C9:4C
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       0195121082B7A40D89A1488175B06E49B155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          13A3
Signing time:             Mon 17 Feb 2025 04:00:26 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:26 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:26 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: O3y/K3s79+FtXZ4HmOn+yEM/NSoVLLjHAah+MwvkFH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:82:b7:a4:0d:89:a1:48:81:75:b0:6e:49:b1:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Feb 17 04:00:26 2025 GMT
            Not After : Feb 18 04:00:26 2025 GMT
        Subject: CN=22791cd3e8650b3fa649977923e74cf359a7c94c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4b:a7:02:bc:64:34:38:46:69:71:b9:a1:21:
                    39:26:96:1b:8a:1b:51:30:be:99:ef:81:ba:12:81:
                    20:f9:06:3c:36:de:7e:80:1f:20:98:47:80:2c:98:
                    ec:43:b8:6d:88:62:a4:b1:32:b8:e8:83:59:cd:9f:
                    e1:bd:1a:d0:e9:d9:4c:56:68:0c:3f:7e:d9:03:0d:
                    99:17:fd:a1:da:78:50:1d:5c:70:e6:ef:0d:9a:e4:
                    e3:11:02:ff:aa:2e:27:9b:4e:41:b1:61:5c:95:22:
                    75:11:41:b4:db:bf:00:ba:48:1f:94:5d:98:c9:b9:
                    28:a8:5f:b4:4f:66:9e:95:0d:17:77:52:96:74:82:
                    c7:ce:cd:96:3b:91:67:46:16:2d:c2:c0:ee:8d:48:
                    f2:a0:e2:c2:2a:47:30:b6:73:e1:2f:d1:27:f6:2d:
                    91:c9:67:18:3f:d7:f7:a3:52:e3:d0:2b:d0:c3:4a:
                    11:f7:2b:61:67:3d:d8:8a:f4:94:72:78:da:e0:b1:
                    17:82:b9:7e:3a:17:13:5b:fc:e4:9a:fd:84:f7:f4:
                    8e:43:cd:96:06:98:43:52:95:89:08:f7:2b:cb:79:
                    5a:4c:59:09:69:80:fe:5c:9c:4c:15:51:e3:ac:52:
                    26:c3:0a:1f:94:ec:3a:73:3e:56:49:21:f7:0f:6d:
                    90:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:79:1C:D3:E8:65:0B:3F:A6:49:97:79:23:E7:4C:F3:59:A7:C9:4C
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:0c:57:82:b6:fa:79:ea:b9:9f:81:29:d9:dd:b4:d4:04:72:
         51:a9:31:df:08:41:bd:a0:49:77:a8:bc:c2:f7:7b:f6:ea:67:
         bb:1f:12:3e:e8:bf:e1:47:45:12:51:bf:47:fe:8a:57:6c:7f:
         57:b3:ab:3c:18:80:1a:16:7e:0e:58:3a:73:bf:4b:b8:49:bf:
         01:1b:17:90:53:0b:68:8a:e4:7a:13:a7:a4:36:49:ba:04:5a:
         91:a8:21:ea:73:f0:87:fa:04:4c:58:86:f6:64:c6:33:51:16:
         b8:f2:4b:96:a9:05:b8:47:bc:66:1e:e7:05:cd:87:6f:fc:7f:
         a9:ec:c4:97:93:e5:84:2e:87:7d:5d:d1:5d:ea:9f:9b:71:0d:
         1d:ca:01:d9:74:bf:14:d1:51:c5:e7:d5:b3:44:f5:82:e2:57:
         7a:5f:3c:7e:e1:77:b0:3b:d0:30:a2:96:5b:27:60:de:7c:b0:
         f1:93:1b:a6:41:61:e2:67:10:7d:0b:b2:ea:1d:27:cc:ae:c5:
         ef:7c:e0:36:08:93:06:87:95:18:91:83:3d:d0:12:a1:63:c7:
         6e:0e:9d:e3:ca:b8:0d:d1:2a:07:2e:72:c6:04:1e:b8:e5:79:
         7d:7e:d2:20:4a:df:fd:41:9d:51:9d:a6:4b:ab:2a:29:90:23:
         fa:61:41:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEIK3pA2JoUiBdbBuSbFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjUwMjE3MDQwMDI2WhcNMjUwMjE4MDQwMDI2WjAzMTEwLwYDVQQD
EygyMjc5MWNkM2U4NjUwYjNmYTY0OTk3NzkyM2U3NGNmMzU5YTdjOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkunArxkNDhGaXG5oSE5JpYbihtR
ML6Z74G6EoEg+QY8Nt5+gB8gmEeALJjsQ7htiGKksTK46INZzZ/hvRrQ6dlMVmgM
P37ZAw2ZF/2h2nhQHVxw5u8NmuTjEQL/qi4nm05BsWFclSJ1EUG0278AukgflF2Y
ybkoqF+0T2aelQ0Xd1KWdILHzs2WO5FnRhYtwsDujUjyoOLCKkcwtnPhL9En9i2R
yWcYP9f3o1Lj0CvQw0oR9ythZz3YivSUcnja4LEXgrl+OhcTW/zkmv2E9/SOQ82W
BphDUpWJCPcry3laTFkJaYD+XJxMFVHjrFImwwoflOw6cz5WSSH3D22QNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ5HNPoZQs/pkmXeSPnTPNZp8lMMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwxXgrb6
eeq5n4Ep2d201ARyUakx3whBvaBJd6i8wvd79upnux8SPui/4UdFElG/R/6KV2x/
V7OrPBiAGhZ+Dlg6c79LuEm/ARsXkFMLaIrkehOnpDZJugRakagh6nPwh/oETFiG
9mTGM1EWuPJLlqkFuEe8Zh7nBc2Hb/x/qezEl5PlhC6HfV3RXeqfm3ENHcoB2XS/
FNFRxefVs0T1guJXel88fuF3sDvQMKKWWydg3nyw8ZMbpkFh4mcQfQuy6h0nzK7F
73zgNgiTBoeVGJGDPdASoWPHbg6d48q4DdEqBy5yxgQeuOV5fX7SIErf/UGdUZ2m
S6sqKZAj+mFBlw==
-----END CERTIFICATE-----