Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
File:                     cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft (raw, json)
Hash identifier:          R7WibQQ8RsuaCwFwRJMarIauBuSW8PRZZpIob/+kWmo=
Subject key identifier:   41:1A:76:14:95:EF:0B:E9:10:0F:43:40:D7:16:43:72:A4:5C:58:74
Authority key identifier: 73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6
Certificate issuer:       /CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
Certificate serial:       0194C350899232524BC475E0A067C4552EE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
Manifest number:          02
Signing time:             Sat 01 Feb 2025 21:00:22 +0000
Manifest this update:     Sat 01 Feb 2025 21:00:22 +0000
Manifest next update:     Sun 02 Feb 2025 21:00:22 +0000
Files and hashes:         1: cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl (hash: 8g6UHKj+y4hsZGtmk/W7ndMWAZZh6czKqu2tOx3jHW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:50:89:92:32:52:4b:c4:75:e0:a0:67:c4:55:2e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73038cdc62522e484b0615c4241c7e7aa821d8d6
        Validity
            Not Before: Feb  1 21:00:22 2025 GMT
            Not After : Feb  2 21:00:22 2025 GMT
        Subject: CN=411a761495ef0be9100f4340d7164372a45c5874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:72:ba:e8:a2:0c:38:23:1a:73:72:ed:bb:f6:
                    84:c5:92:13:d2:ff:5b:66:3f:96:5b:e7:db:64:63:
                    99:13:13:9f:56:d3:fd:45:df:63:26:ba:8b:82:83:
                    42:ab:5a:e2:45:9e:4d:d8:07:e5:c7:b7:78:5f:69:
                    f4:b2:38:21:0c:13:6e:0c:28:b4:5f:bb:6b:74:94:
                    59:2f:57:93:48:56:6a:35:b3:95:7b:66:26:a6:ca:
                    ce:f2:f1:78:a0:e4:d5:bd:09:23:c2:21:4e:16:9c:
                    22:1f:4b:bc:57:c0:c0:14:16:f4:f7:9c:87:8b:2e:
                    14:6b:fd:7e:0f:64:55:36:c4:ed:fc:0c:be:38:ab:
                    c7:98:cf:96:8e:73:8e:97:6d:f2:79:93:5d:a6:e7:
                    76:6c:08:83:99:a0:3c:dd:b1:0e:df:c6:49:f0:8c:
                    65:67:56:1e:5f:9c:4c:54:83:db:d2:5c:8f:ee:ad:
                    ef:55:49:4a:46:fb:e6:47:a7:65:94:19:c1:1f:f2:
                    8c:3d:49:9d:af:e9:e7:a8:6a:23:99:d6:3f:12:c3:
                    a4:c5:45:49:1d:96:0e:a6:da:96:fd:35:70:a8:93:
                    4f:92:bc:73:b7:21:5f:7c:89:64:aa:a7:d7:4e:a1:
                    e0:1b:d4:33:00:bd:e8:07:f8:d5:5d:5e:3b:1f:0b:
                    73:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:1A:76:14:95:EF:0B:E9:10:0F:43:40:D7:16:43:72:A4:5C:58:74
            X509v3 Authority Key Identifier:
                keyid:73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:17:4d:82:8e:45:c8:f6:ae:aa:dd:79:ff:d4:c9:ae:01:a5:
         d0:88:92:a5:5c:73:4b:62:4e:41:5e:ca:19:b8:10:b0:71:ad:
         0e:02:db:2f:a9:8c:77:88:c2:2d:0c:61:bb:ff:bf:ad:44:2f:
         cf:17:f8:db:d5:72:68:e8:dd:12:50:32:a7:dd:e3:3f:be:b6:
         21:7b:8a:b9:d7:e4:d5:c4:0b:1b:68:2c:59:83:88:70:b7:6f:
         6f:ba:87:7a:4b:08:fa:10:92:72:41:73:79:f1:8d:4c:8c:e4:
         11:fd:2f:76:37:1a:8d:8b:a1:30:56:da:c5:ed:09:6a:43:d7:
         80:a9:ef:02:74:ec:4a:27:75:2b:80:c6:04:15:04:a1:a2:af:
         78:d6:e5:59:b7:45:6d:ad:67:e0:23:32:06:72:f0:8a:3d:c4:
         3b:7e:31:4c:12:90:73:ae:d5:ae:4e:89:ef:52:74:2b:c3:66:
         f8:d9:36:22:ed:0f:ee:a8:68:e2:3e:b1:d9:9b:ab:96:a1:6a:
         cb:50:6c:02:43:5d:c3:80:05:73:d1:b5:67:6e:66:71:c6:96:
         f9:5a:00:7e:59:3b:20:79:60:70:b1:41:18:ef:81:fa:95:8c:
         93:6e:bb:aa:44:24:d2:d6:31:2d:9d:eb:d3:84:cd:3d:c5:f2:
         3b:bd:2a:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUImSMlJLxHXgoGfEVS7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDM4Y2RjNjI1MjJlNDg0YjA2MTVjNDI0MWM3ZTdhYTgy
MWQ4ZDYwHhcNMjUwMjAxMjEwMDIyWhcNMjUwMjAyMjEwMDIyWjAzMTEwLwYDVQQD
Eyg0MTFhNzYxNDk1ZWYwYmU5MTAwZjQzNDBkNzE2NDM3MmE0NWM1ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHK66KIMOCMac3Ltu/aExZIT0v9b
Zj+WW+fbZGOZExOfVtP9Rd9jJrqLgoNCq1riRZ5N2Aflx7d4X2n0sjghDBNuDCi0
X7trdJRZL1eTSFZqNbOVe2YmpsrO8vF4oOTVvQkjwiFOFpwiH0u8V8DAFBb095yH
iy4Ua/1+D2RVNsTt/Ay+OKvHmM+WjnOOl23yeZNdpud2bAiDmaA83bEO38ZJ8Ixl
Z1YeX5xMVIPb0lyP7q3vVUlKRvvmR6dllBnBH/KMPUmdr+nnqGojmdY/EsOkxUVJ
HZYOptqW/TVwqJNPkrxztyFffIlkqqfXTqHgG9QzAL3oB/jVXV47HwtzDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEadhSV7wvpEA9DQNcWQ3KkXFh0MB8GA1UdIwQY
MBaAFHMDjNxiUi5ISwYVxCQcfnqoIdjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjIt
MjkyOWI5ZjFkMTViLzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjItMjkyOWI5ZjFkMTVi
LzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlxdNgo5F
yPauqt15/9TJrgGl0IiSpVxzS2JOQV7KGbgQsHGtDgLbL6mMd4jCLQxhu/+/rUQv
zxf429VyaOjdElAyp93jP762IXuKudfk1cQLG2gsWYOIcLdvb7qHeksI+hCSckFz
efGNTIzkEf0vdjcajYuhMFbaxe0JakPXgKnvAnTsSid1K4DGBBUEoaKveNblWbdF
ba1n4CMyBnLwij3EO34xTBKQc67Vrk6J71J0K8Nm+Nk2Iu0P7qho4j6x2ZurlqFq
y1BsAkNdw4AFc9G1Z25mccaW+VoAflk7IHlgcLFBGO+B+pWMk267qkQk0tYxLZ3r
04TNPcXyO70qlA==
-----END CERTIFICATE-----