Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          kc6KV6EYtpMt583FEWHklnRPyG/vHkfbW1kaRth4K5c=
Subject key identifier:   3F:E8:D2:E4:DE:95:B9:00:35:25:56:E7:34:50:5F:53:C7:D3:23:01
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       01958CCEF0A5920108025018FEEF34C2A741
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          1424
Signing time:             Thu 13 Mar 2025 00:02:07 +0000
Manifest this update:     Thu 13 Mar 2025 00:02:07 +0000
Manifest next update:     Fri 14 Mar 2025 00:02:07 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: BS+XQ/HfvEdpbm6l6M1mY0Qd4Y3+hwMETW/rnE9ZChA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:f0:a5:92:01:08:02:50:18:fe:ef:34:c2:a7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Mar 13 00:02:07 2025 GMT
            Not After : Mar 14 00:02:07 2025 GMT
        Subject: CN=3fe8d2e4de95b900352556e734505f53c7d32301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8b:72:17:4f:e8:7b:32:af:4b:5f:62:ab:80:
                    00:d2:cf:56:f9:93:55:2f:6e:9a:ed:9c:47:6e:c0:
                    17:0c:73:53:d9:ca:ad:1d:89:c3:e9:81:29:d5:78:
                    5c:3d:e7:bd:da:0d:4d:14:49:f4:c8:74:04:e7:8e:
                    40:5c:d1:ac:37:09:c3:e6:17:11:28:6c:50:31:32:
                    82:c8:cb:8f:b6:ff:a7:15:83:68:37:99:e4:82:f9:
                    5c:bf:a8:e5:37:06:a4:fc:87:5a:a6:d1:94:e2:e6:
                    1a:d3:cf:9d:c9:8a:57:1e:81:07:c9:ee:7a:19:8a:
                    b1:24:91:a3:39:15:e2:bc:c1:e5:7e:6a:59:fd:97:
                    24:1e:81:86:f1:c6:23:2f:7f:61:52:94:75:9c:97:
                    ee:db:20:ca:66:4d:a6:5b:2a:81:cc:1a:f7:20:2f:
                    11:37:23:96:09:63:86:dd:d9:e8:18:56:19:9a:d9:
                    8a:9a:98:37:6c:69:61:94:d8:da:ef:c0:c1:a2:84:
                    7c:f3:b3:27:ab:dc:8f:f4:71:2b:67:8b:55:83:c4:
                    70:de:a8:06:4b:f9:9d:a7:fc:30:e6:ef:77:be:2b:
                    04:a6:6c:4a:17:75:20:d6:2c:f3:32:18:ae:ae:6f:
                    a9:d7:88:be:bf:38:10:fa:9e:8d:25:79:6e:a1:9c:
                    a9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:E8:D2:E4:DE:95:B9:00:35:25:56:E7:34:50:5F:53:C7:D3:23:01
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:a4:14:7d:ec:5c:13:a3:83:9b:24:0d:17:5d:a3:66:06:05:
         29:9f:be:04:24:9f:67:32:36:f1:e5:60:f3:31:c6:b7:cc:c6:
         eb:fa:5e:31:52:26:b2:f4:ef:d1:47:42:05:7f:f3:b0:35:6a:
         3d:cf:0d:a9:ab:2f:2d:cf:ad:0d:14:33:87:fb:30:27:e4:9d:
         8f:84:a1:b5:56:0a:b0:98:23:b3:0f:67:ef:51:9b:dd:62:f2:
         68:52:bb:5b:e3:78:5b:e8:5f:60:20:71:89:4c:93:c3:f0:91:
         72:ab:b1:7f:4c:71:76:fa:1b:84:5c:be:63:09:8b:71:11:61:
         a0:4b:cb:50:21:49:c9:a1:d5:f4:d2:49:05:4f:75:9c:66:99:
         d9:81:e6:5c:3e:52:fa:80:d0:8e:77:65:1e:ac:3e:0d:5f:9a:
         bc:d1:99:8b:0d:36:ae:bf:f8:78:0a:c3:e6:18:29:4a:fb:93:
         e2:b3:40:ca:a8:16:23:ef:17:c5:cd:67:81:ea:11:f0:5b:d9:
         32:26:28:25:e8:59:a3:8b:5a:6e:a9:fb:cd:01:fb:9d:41:2d:
         af:b5:7b:8b:39:b3:ec:c6:25:77:27:64:d2:00:27:c3:aa:41:
         d0:88:62:21:6f:09:dc:5f:3f:98:90:a1:f4:54:c9:a6:b3:d9:
         fd:ad:c2:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzvClkgEIAlAY/u80wqdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjUwMzEzMDAwMjA3WhcNMjUwMzE0MDAwMjA3WjAzMTEwLwYDVQQD
EygzZmU4ZDJlNGRlOTViOTAwMzUyNTU2ZTczNDUwNWY1M2M3ZDMyMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4tyF0/oezKvS19iq4AA0s9W+ZNV
L26a7ZxHbsAXDHNT2cqtHYnD6YEp1XhcPee92g1NFEn0yHQE545AXNGsNwnD5hcR
KGxQMTKCyMuPtv+nFYNoN5nkgvlcv6jlNwak/IdaptGU4uYa08+dyYpXHoEHye56
GYqxJJGjORXivMHlfmpZ/ZckHoGG8cYjL39hUpR1nJfu2yDKZk2mWyqBzBr3IC8R
NyOWCWOG3dnoGFYZmtmKmpg3bGlhlNja78DBooR887Mnq9yP9HErZ4tVg8Rw3qgG
S/mdp/ww5u93visEpmxKF3Ug1izzMhiurm+p14i+vzgQ+p6NJXluoZypwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/o0uTelbkANSVW5zRQX1PH0yMBMB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKQUfexc
E6ODmyQNF12jZgYFKZ++BCSfZzI28eVg8zHGt8zG6/peMVImsvTv0UdCBX/zsDVq
Pc8NqasvLc+tDRQzh/swJ+Sdj4ShtVYKsJgjsw9n71Gb3WLyaFK7W+N4W+hfYCBx
iUyTw/CRcquxf0xxdvobhFy+YwmLcRFhoEvLUCFJyaHV9NJJBU91nGaZ2YHmXD5S
+oDQjndlHqw+DV+avNGZiw02rr/4eArD5hgpSvuT4rNAyqgWI+8Xxc1ngeoR8FvZ
MiYoJehZo4tabqn7zQH7nUEtr7V7izmz7MYldydk0gAnw6pB0IhiIW8J3F8/mJCh
9FTJprPZ/a3CAA==
-----END CERTIFICATE-----