Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          B5pMUA+PeEfJSPBHz4i+DXq6rugMtH2EFniPy3XUMXg=
Subject key identifier:   24:D0:18:AE:0E:3F:22:DD:5F:71:CF:3A:A5:82:3B:2D:5C:4E:95:71
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       01951210C1CFD98BE6AB9B0C16E58A220693
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          02AE
Signing time:             Mon 17 Feb 2025 04:00:42 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:42 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:42 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: j35VfEnwnxwHCJnCYw2XEZTzOTx8WZPEncjqT8RKKYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:c1:cf:d9:8b:e6:ab:9b:0c:16:e5:8a:22:06:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Feb 17 04:00:42 2025 GMT
            Not After : Feb 18 04:00:42 2025 GMT
        Subject: CN=24d018ae0e3f22dd5f71cf3aa5823b2d5c4e9571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d9:68:70:b8:ea:d8:7c:17:e2:44:00:ba:9b:
                    a6:c4:92:e2:e4:f2:d2:0c:7f:0a:3c:47:5c:85:a1:
                    e5:21:44:19:9e:c2:93:01:ae:93:fe:fd:11:db:ea:
                    88:eb:30:59:b5:81:3e:e9:24:16:67:b8:99:22:8d:
                    80:fc:8f:69:a7:42:b0:09:90:1a:c9:aa:94:7f:50:
                    b8:f0:62:8a:d5:11:4e:e4:bb:30:cb:82:96:0d:ec:
                    c7:9e:b4:c1:54:e0:8c:ea:25:d5:02:b1:b7:f2:b5:
                    34:20:71:e3:85:d7:e0:13:6c:67:e8:22:e9:24:34:
                    c6:79:5f:46:14:e5:aa:42:69:ee:3e:20:eb:83:0f:
                    5b:71:53:d5:9d:0f:af:0d:9d:03:78:4f:7d:a3:6d:
                    39:4b:29:bd:ed:6e:da:0e:db:14:30:62:86:f6:fc:
                    00:8e:3e:e5:2f:09:bb:f3:4e:19:8e:5e:40:86:80:
                    54:63:9a:16:3f:88:ed:57:43:82:d0:71:26:48:27:
                    ed:cd:89:1c:a2:92:17:b6:bc:38:fd:08:ec:36:f0:
                    79:91:74:3e:b1:2d:86:1a:d1:2e:25:d0:48:24:d0:
                    14:dd:21:84:ac:6f:9a:bf:4a:a7:59:06:d8:e8:e3:
                    b8:4d:1d:ca:96:ea:a7:fa:cf:3c:7a:a8:76:1b:fd:
                    f3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:D0:18:AE:0E:3F:22:DD:5F:71:CF:3A:A5:82:3B:2D:5C:4E:95:71
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:cf:86:05:23:6a:51:21:09:68:63:6f:99:3f:e7:1b:c7:75:
         a8:9f:f0:51:46:8f:89:62:ae:87:d0:1e:89:c1:e3:9c:a0:0a:
         b5:a5:3e:e5:07:17:ec:af:7e:a1:3a:03:90:7b:36:00:f8:42:
         b9:8c:85:ba:ae:39:aa:3d:5b:6e:42:85:31:7a:78:f9:98:8d:
         5e:6a:91:60:68:d1:72:7c:6b:07:fd:0e:15:08:af:aa:dc:24:
         05:3f:fc:22:d3:ab:b6:80:bc:0f:3d:90:49:3f:0d:b6:76:81:
         d4:b2:ec:68:77:25:76:c3:45:ee:35:52:d6:dd:50:59:8f:e7:
         9d:b9:ce:90:84:af:a9:6f:69:83:f2:ae:24:c3:c7:23:0d:3c:
         46:db:c3:d7:ba:54:52:7c:45:b7:01:20:d8:ed:00:c0:d7:bf:
         e2:d5:ca:c2:b5:ba:9b:53:ad:55:fe:44:7a:e7:c1:38:b1:8f:
         c7:fe:5d:62:36:ae:0b:af:75:5d:67:2c:1f:d0:69:ac:e3:72:
         4e:c8:eb:7e:18:25:27:54:d4:2d:a0:8f:72:a3:e3:d6:6f:82:
         01:fe:97:0c:aa:94:52:b4:ff:85:0a:89:e3:1a:53:42:bc:70:
         cc:9c:34:6f:b8:a1:cf:57:c2:89:17:3b:75:eb:30:58:b1:c8:
         79:de:3b:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEMHP2Yvmq5sMFuWKIgaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwMjE3MDQwMDQyWhcNMjUwMjE4MDQwMDQyWjAzMTEwLwYDVQQD
EygyNGQwMThhZTBlM2YyMmRkNWY3MWNmM2FhNTgyM2IyZDVjNGU5NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNlocLjq2HwX4kQAupumxJLi5PLS
DH8KPEdchaHlIUQZnsKTAa6T/v0R2+qI6zBZtYE+6SQWZ7iZIo2A/I9pp0KwCZAa
yaqUf1C48GKK1RFO5Lswy4KWDezHnrTBVOCM6iXVArG38rU0IHHjhdfgE2xn6CLp
JDTGeV9GFOWqQmnuPiDrgw9bcVPVnQ+vDZ0DeE99o205Sym97W7aDtsUMGKG9vwA
jj7lLwm7804Zjl5AhoBUY5oWP4jtV0OC0HEmSCftzYkcopIXtrw4/QjsNvB5kXQ+
sS2GGtEuJdBIJNAU3SGErG+av0qnWQbY6OO4TR3Kluqn+s88eqh2G/3zZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTQGK4OPyLdX3HPOqWCOy1cTpVxMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaM+GBSNq
USEJaGNvmT/nG8d1qJ/wUUaPiWKuh9AeicHjnKAKtaU+5QcX7K9+oToDkHs2APhC
uYyFuq45qj1bbkKFMXp4+ZiNXmqRYGjRcnxrB/0OFQivqtwkBT/8ItOrtoC8Dz2Q
ST8NtnaB1LLsaHcldsNF7jVS1t1QWY/nnbnOkISvqW9pg/KuJMPHIw08RtvD17pU
UnxFtwEg2O0AwNe/4tXKwrW6m1OtVf5EeufBOLGPx/5dYjauC691XWcsH9BprONy
TsjrfhglJ1TULaCPcqPj1m+CAf6XDKqUUrT/hQqJ4xpTQrxwzJw0b7ihz1fCiRc7
deswWLHIed47dA==
-----END CERTIFICATE-----