Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          TSKnEIp2PiNnC2T9Yzzm7kTL5ThQx1/Yx+ql3dqyrhA=
Subject key identifier:   4C:61:2F:55:16:3C:88:46:7F:16:C2:79:93:93:21:8C:9F:B0:A8:40
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       019510C6EDCE8394B177BA8C36DF518594DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          145C
Signing time:             Sun 16 Feb 2025 22:00:26 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:26 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:26 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: ns/pOpJELikn6h19QsC+5TFQ1cFerpgI0H6o+PEWI7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ed:ce:83:94:b1:77:ba:8c:36:df:51:85:94:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Feb 16 22:00:26 2025 GMT
            Not After : Feb 17 22:00:26 2025 GMT
        Subject: CN=4c612f55163c88467f16c2799393218c9fb0a840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5a:4d:82:b4:9c:07:51:02:16:14:15:54:ed:
                    75:56:dc:43:66:31:28:8a:a4:8a:72:35:7f:b7:0a:
                    77:fd:2f:3c:ec:55:f2:4d:9a:0f:f1:e9:ce:38:c6:
                    e3:a4:56:a2:08:56:a2:59:94:66:40:da:e3:6e:b8:
                    d2:75:b6:5e:5d:08:3c:75:46:02:23:6b:cc:c7:6e:
                    c9:38:de:d4:80:5b:e0:d3:d9:75:0e:f7:d6:c3:2c:
                    5a:61:de:61:f1:d2:0b:28:8f:46:e7:77:e6:b5:19:
                    17:62:c1:e1:37:86:9c:57:3b:a7:48:b7:e7:c8:50:
                    4f:fe:28:8e:55:78:c9:ad:a9:e6:e6:f7:eb:7c:eb:
                    62:ed:e2:49:26:ff:4b:e8:ff:58:fb:64:60:95:f2:
                    29:f6:01:71:0e:81:6b:ad:5f:6f:20:a3:54:0b:fd:
                    4d:6b:2f:90:a9:aa:16:55:c0:53:bb:85:34:d7:95:
                    a6:1a:4c:d6:ca:5d:18:27:23:e8:86:17:05:35:a2:
                    57:ba:c5:ef:ab:2a:13:bc:77:c8:22:16:30:8c:48:
                    b0:bb:84:55:8a:c8:dd:90:05:40:db:85:80:0e:d9:
                    dd:82:89:0d:c2:f1:c5:92:eb:1d:92:07:92:d8:fa:
                    a8:70:2e:9a:ed:9f:6d:9e:fe:9f:29:e2:c2:80:ec:
                    f0:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:61:2F:55:16:3C:88:46:7F:16:C2:79:93:93:21:8C:9F:B0:A8:40
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:7b:ea:bf:a5:fc:16:38:d3:89:57:c2:39:53:48:a0:2a:3a:
         75:77:b1:a3:f2:89:d8:14:c3:cd:12:09:45:24:8d:bf:94:cd:
         ba:ee:59:1c:98:a4:a7:5d:f1:1b:83:f4:10:73:6f:d8:71:98:
         50:29:44:8e:48:c7:ec:06:23:33:80:26:c9:ba:a0:4e:20:e0:
         58:00:9e:5d:2e:ac:89:29:7e:fb:bb:e7:70:5d:a3:d3:05:72:
         f6:cd:87:48:32:e3:f5:47:59:9b:2d:29:47:93:0f:c5:26:63:
         49:88:ed:62:59:11:f8:b1:b5:30:10:d4:79:8f:08:a6:2c:2f:
         99:f9:c0:ed:bd:52:c3:b5:c5:36:15:5a:2d:23:12:f6:85:41:
         58:0e:a2:48:f0:f9:f2:9a:5d:44:47:a5:2c:5d:ad:63:05:bb:
         05:0b:bb:94:a5:ff:bd:af:61:52:ca:ce:dc:55:1a:2b:19:a3:
         31:5c:10:4e:7a:be:41:17:29:22:07:7d:b0:6d:77:f9:32:65:
         8c:93:5f:63:ec:76:70:41:5d:93:2e:62:af:7d:42:c3:dc:d7:
         ca:86:2b:98:d8:a3:aa:63:90:41:70:6d:da:2d:b4:b9:77:55:
         78:b9:a1:f8:44:24:70:b1:57:65:f1:7b:62:8d:1b:83:58:47:
         47:2f:8b:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxu3Og5Sxd7qMNt9RhZTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUwMjE2MjIwMDI2WhcNMjUwMjE3MjIwMDI2WjAzMTEwLwYDVQQD
Eyg0YzYxMmY1NTE2M2M4ODQ2N2YxNmMyNzk5MzkzMjE4YzlmYjBhODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlpNgrScB1ECFhQVVO11VtxDZjEo
iqSKcjV/twp3/S887FXyTZoP8enOOMbjpFaiCFaiWZRmQNrjbrjSdbZeXQg8dUYC
I2vMx27JON7UgFvg09l1DvfWwyxaYd5h8dILKI9G53fmtRkXYsHhN4acVzunSLfn
yFBP/iiOVXjJranm5vfrfOti7eJJJv9L6P9Y+2RglfIp9gFxDoFrrV9vIKNUC/1N
ay+QqaoWVcBTu4U015WmGkzWyl0YJyPohhcFNaJXusXvqyoTvHfIIhYwjEiwu4RV
isjdkAVA24WADtndgokNwvHFkusdkgeS2PqocC6a7Z9tnv6fKeLCgOzwmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExhL1UWPIhGfxbCeZOTIYyfsKhAMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXvqv6X8
FjjTiVfCOVNIoCo6dXexo/KJ2BTDzRIJRSSNv5TNuu5ZHJikp13xG4P0EHNv2HGY
UClEjkjH7AYjM4AmybqgTiDgWACeXS6siSl++7vncF2j0wVy9s2HSDLj9UdZmy0p
R5MPxSZjSYjtYlkR+LG1MBDUeY8IpiwvmfnA7b1Sw7XFNhVaLSMS9oVBWA6iSPD5
8ppdREelLF2tYwW7BQu7lKX/va9hUsrO3FUaKxmjMVwQTnq+QRcpIgd9sG13+TJl
jJNfY+x2cEFdky5ir31Cw9zXyoYrmNijqmOQQXBt2i20uXdVeLmh+EQkcLFXZfF7
Yo0bg1hHRy+Lhw==
-----END CERTIFICATE-----