Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          gUiw5MLh9usT/ztU2IJEOWKjkwjDp8S7F6mKMfij9AE=
Subject key identifier:   EA:37:85:63:6D:83:29:32:71:7A:03:41:42:2D:62:55:25:04:9A:03
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       0194C3F5B071B3529D7601EDAEB35904B6D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          142A
Signing time:             Sun 02 Feb 2025 00:00:46 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:46 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:46 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: 3nehkgWnd5SRDFF/PBUh6GOMq1xyWYzfC6STdL5NjJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:b0:71:b3:52:9d:76:01:ed:ae:b3:59:04:b6:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Feb  2 00:00:46 2025 GMT
            Not After : Feb  3 00:00:46 2025 GMT
        Subject: CN=ea3785636d832932717a0341422d625525049a03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:85:52:1c:86:88:7e:f9:ef:66:4a:0a:21:dc:
                    6f:79:5d:90:ac:92:47:8a:42:03:b8:98:9c:3f:ed:
                    65:ce:81:43:ef:31:1a:d9:97:01:80:b8:6c:76:88:
                    fd:80:14:4b:ec:fe:e5:d7:d7:79:5f:5f:37:1b:0c:
                    55:1e:1e:bf:18:7e:f8:81:b7:fa:7b:3e:7a:2a:a9:
                    74:ad:aa:bc:f4:ee:31:d6:24:59:2b:63:70:5b:29:
                    75:27:0b:c5:d7:0a:c7:c7:d1:02:ba:78:c4:5c:54:
                    12:67:9c:9f:3f:e9:96:a7:d7:f9:c9:a2:5e:95:90:
                    88:ac:ce:85:0c:de:f6:62:8f:8f:97:54:88:68:8d:
                    df:74:d8:69:a3:6a:7e:10:a2:a3:f2:0e:c2:bb:ad:
                    52:a6:8d:3d:43:51:df:90:e9:2c:f6:51:cf:7d:0d:
                    df:74:ad:f1:c4:3d:ba:71:33:45:ae:cd:15:0a:ec:
                    6a:d1:f0:4d:7f:13:15:c3:a7:6a:6d:ce:0e:5a:a7:
                    e8:fd:e4:bc:3d:78:33:f6:7b:d5:11:a3:06:fb:0e:
                    00:62:7f:02:85:76:26:5e:ff:92:86:08:6a:3f:19:
                    5b:cb:f2:31:a0:50:d0:45:14:67:b1:6e:e8:84:9a:
                    d5:dc:75:66:8e:60:e4:8b:e9:a7:95:98:f7:f4:e2:
                    46:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:37:85:63:6D:83:29:32:71:7A:03:41:42:2D:62:55:25:04:9A:03
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:d8:2b:a6:76:f2:77:39:ba:f9:a7:7c:b9:c8:1b:4f:df:cd:
         3e:c4:74:20:9e:26:ff:c8:8b:7c:d4:6a:66:a2:aa:c6:8b:38:
         7a:db:90:df:a2:ea:c2:9c:7c:97:dc:b8:f4:26:47:fb:f5:c6:
         b7:6f:57:6d:7c:d9:a4:6f:09:da:44:c8:b2:b9:69:a1:a5:aa:
         0f:b6:f2:ce:3e:1f:43:57:a8:da:dd:59:13:e1:3b:38:53:1e:
         a0:f5:0c:89:2c:07:2d:0a:3f:52:b7:a4:0d:9b:b7:7b:3c:03:
         7a:67:1e:e2:fd:36:a6:ce:11:19:13:c5:f9:c0:bc:a3:90:36:
         06:30:11:8a:85:80:41:b4:3d:85:a1:93:e2:48:ec:c4:90:7d:
         56:d5:61:1e:50:e4:2f:9c:7d:7e:22:36:fe:06:b3:c7:5c:aa:
         90:5a:c5:d5:e2:7b:77:a2:0a:21:0d:cc:36:45:6d:d4:fd:13:
         63:2c:ef:d9:60:3c:dd:43:32:db:cf:f5:51:04:71:f2:54:b3:
         11:72:f2:70:d1:65:b6:c5:57:f9:26:0c:9f:47:83:88:a0:e3:
         42:64:a3:c7:b1:6f:68:a6:5c:98:b2:d5:25:1e:b3:a6:eb:df:
         07:c7:21:d0:36:ae:74:62:33:5e:1c:9c:4b:d7:06:61:b3:e3:
         5d:cb:e8:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9bBxs1KddgHtrrNZBLbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwMjAyMDAwMDQ2WhcNMjUwMjAzMDAwMDQ2WjAzMTEwLwYDVQQD
EyhlYTM3ODU2MzZkODMyOTMyNzE3YTAzNDE0MjJkNjI1NTI1MDQ5YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoVSHIaIfvnvZkoKIdxveV2QrJJH
ikIDuJicP+1lzoFD7zEa2ZcBgLhsdoj9gBRL7P7l19d5X183GwxVHh6/GH74gbf6
ez56Kql0raq89O4x1iRZK2NwWyl1JwvF1wrHx9ECunjEXFQSZ5yfP+mWp9f5yaJe
lZCIrM6FDN72Yo+Pl1SIaI3fdNhpo2p+EKKj8g7Cu61Spo09Q1HfkOks9lHPfQ3f
dK3xxD26cTNFrs0VCuxq0fBNfxMVw6dqbc4OWqfo/eS8PXgz9nvVEaMG+w4AYn8C
hXYmXv+ShghqPxlby/IxoFDQRRRnsW7ohJrV3HVmjmDki+mnlZj39OJGiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOo3hWNtgykycXoDQUItYlUlBJoDMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtgrpnby
dzm6+ad8ucgbT9/NPsR0IJ4m/8iLfNRqZqKqxos4etuQ36Lqwpx8l9y49CZH+/XG
t29XbXzZpG8J2kTIsrlpoaWqD7byzj4fQ1eo2t1ZE+E7OFMeoPUMiSwHLQo/Urek
DZu3ezwDemce4v02ps4RGRPF+cC8o5A2BjARioWAQbQ9haGT4kjsxJB9VtVhHlDk
L5x9fiI2/gazx1yqkFrF1eJ7d6IKIQ3MNkVt1P0TYyzv2WA83UMy28/1UQRx8lSz
EXLycNFltsVX+SYMn0eDiKDjQmSjx7FvaKZcmLLVJR6zpuvfB8ch0DaudGIzXhyc
S9cGYbPjXcvouQ==
-----END CERTIFICATE-----