Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
File:                     TNN3vorxFHipq-Jx-L3i3j0zNAg.mft (raw, json)
Hash identifier:          w9umaBf8VX3pTZ4Xcu2M3N/VtuhKwMM9gu0MSQ9Y7p0=
Subject key identifier:   1B:EA:80:6A:D2:EC:F2:6B:63:7D:F4:E7:95:D2:38:C7:B4:24:13:AE
Authority key identifier: 4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08
Certificate issuer:       /CN=4cd377be8af11478a9abe271f8bde2de3d333408
Certificate serial:       0194C3F5B42D8261B8964603A8437F939F2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
Manifest number:          067E
Signing time:             Sun 02 Feb 2025 00:00:46 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:46 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:46 +0000
Files and hashes:         1: TNN3vorxFHipq-Jx-L3i3j0zNAg.crl (hash: BGICvn02OVY/B3hMoJHRV/nXv2p+iYNEUvfVzNVq5RY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:b4:2d:82:61:b8:96:46:03:a8:43:7f:93:9f:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd377be8af11478a9abe271f8bde2de3d333408
        Validity
            Not Before: Feb  2 00:00:46 2025 GMT
            Not After : Feb  3 00:00:46 2025 GMT
        Subject: CN=1bea806ad2ecf26b637df4e795d238c7b42413ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:37:00:26:f5:b1:5a:e5:6d:c6:b2:3b:1b:93:
                    ba:4f:ab:4e:79:ba:62:f7:eb:cd:a3:72:48:42:fe:
                    95:c8:91:a3:a5:5e:64:13:f9:c6:b6:ce:67:6c:98:
                    2a:9c:b3:aa:ec:da:f6:85:1e:95:36:27:7c:08:6a:
                    78:b7:88:29:20:08:df:6b:f4:34:10:b2:c2:e3:fd:
                    6b:d2:bf:78:7e:9b:a1:22:e7:ce:d1:1b:41:8d:b1:
                    88:bf:71:63:d1:33:58:43:55:c0:7e:3e:93:d9:89:
                    76:41:5a:cc:5e:bd:61:db:0d:5c:77:f4:c6:64:c2:
                    0f:72:fb:d8:25:f1:55:6f:e9:2e:12:0b:0e:12:db:
                    7b:df:7a:5a:9f:de:f5:97:72:33:c4:b9:15:7d:14:
                    d1:f5:19:61:cf:a5:b1:ce:8a:8d:b9:f1:f1:8b:b9:
                    33:82:2d:7e:08:5f:e3:e0:fc:53:a4:cb:1f:31:5c:
                    1b:e4:94:59:ef:ef:28:4d:7a:7f:03:d3:51:b0:c1:
                    70:d6:af:51:27:ad:11:fe:fc:4d:55:e5:98:38:62:
                    be:87:ec:9e:44:9e:2f:df:33:6c:55:ce:4e:b7:26:
                    f2:10:3b:3a:08:54:2f:f4:e3:82:a0:5c:e5:45:6d:
                    67:5d:af:bb:69:e5:22:ac:9d:34:7f:10:84:5f:dd:
                    30:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:EA:80:6A:D2:EC:F2:6B:63:7D:F4:E7:95:D2:38:C7:B4:24:13:AE
            X509v3 Authority Key Identifier:
                keyid:4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:c5:59:80:74:be:a6:5f:bd:65:85:cc:af:fe:e5:06:e3:bb:
         e7:e0:e2:db:68:00:f4:ee:c5:2b:97:2e:ec:73:d3:64:09:69:
         cb:a8:de:85:fb:7d:e9:a5:98:bf:fc:91:47:3f:a9:0d:c7:7e:
         44:55:29:4d:e8:0b:4e:69:25:9f:75:43:18:7b:d5:76:b8:b8:
         4d:56:bd:e7:2b:1c:e2:e3:76:47:14:b3:c3:a6:ae:27:03:45:
         35:ea:91:d3:eb:78:79:b5:ba:0e:e3:a0:26:cf:19:2e:ce:b8:
         db:77:59:77:ff:21:7c:b2:d6:dc:39:c3:04:3c:ba:da:ac:aa:
         ae:fa:ab:28:91:62:14:b1:1d:c5:51:e8:23:cf:3a:74:69:cc:
         62:3a:af:e0:8f:1e:8b:14:a6:cc:6a:7d:34:b3:4a:9f:af:74:
         7d:6e:7d:e5:11:46:d0:ac:79:80:70:90:83:1f:3b:86:81:40:
         d6:cd:67:b5:04:dc:4d:b1:66:98:bb:79:80:3f:3b:78:ab:a9:
         6c:39:89:46:f3:5b:10:b3:80:bc:54:55:4b:b8:0f:b4:0a:87:
         e8:33:aa:c6:e7:e2:a4:99:05:61:3a:22:4a:31:f2:e1:88:7a:
         39:dc:34:de:fb:0d:63:88:ea:33:72:ca:92:be:d4:0f:ae:63:
         44:12:61:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9bQtgmG4lkYDqEN/k58tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDM3N2JlOGFmMTE0NzhhOWFiZTI3MWY4YmRlMmRlM2Qz
MzM0MDgwHhcNMjUwMjAyMDAwMDQ2WhcNMjUwMjAzMDAwMDQ2WjAzMTEwLwYDVQQD
EygxYmVhODA2YWQyZWNmMjZiNjM3ZGY0ZTc5NWQyMzhjN2I0MjQxM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDcAJvWxWuVtxrI7G5O6T6tOebpi
9+vNo3JIQv6VyJGjpV5kE/nGts5nbJgqnLOq7Nr2hR6VNid8CGp4t4gpIAjfa/Q0
ELLC4/1r0r94fpuhIufO0RtBjbGIv3Fj0TNYQ1XAfj6T2Yl2QVrMXr1h2w1cd/TG
ZMIPcvvYJfFVb+kuEgsOEtt733pan971l3IzxLkVfRTR9Rlhz6WxzoqNufHxi7kz
gi1+CF/j4PxTpMsfMVwb5JRZ7+8oTXp/A9NRsMFw1q9RJ60R/vxNVeWYOGK+h+ye
RJ4v3zNsVc5OtybyEDs6CFQv9OOCoFzlRW1nXa+7aeUirJ00fxCEX90w1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvqgGrS7PJrY33055XSOMe0JBOuMB8GA1UdIwQY
MBaAFEzTd76K8RR4qavicfi94t49MzQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMt
YjEyZWIxY2VhYTE0LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMtYjEyZWIxY2VhYTE0
LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApcVZgHS+
pl+9ZYXMr/7lBuO75+Di22gA9O7FK5cu7HPTZAlpy6jehft96aWYv/yRRz+pDcd+
RFUpTegLTmkln3VDGHvVdri4TVa95ysc4uN2RxSzw6auJwNFNeqR0+t4ebW6DuOg
Js8ZLs6423dZd/8hfLLW3DnDBDy62qyqrvqrKJFiFLEdxVHoI886dGnMYjqv4I8e
ixSmzGp9NLNKn690fW595RFG0Kx5gHCQgx87hoFA1s1ntQTcTbFmmLt5gD87eKup
bDmJRvNbELOAvFRVS7gPtAqH6DOqxufipJkFYToiSjHy4Yh6Odw03vsNY4jqM3LK
kr7UD65jRBJh4w==
-----END CERTIFICATE-----