Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
File:                     4tccU1qnoKzpP62r22WD-ISmxiY.mft (raw, json)
Hash identifier:          v9InE2KSaw8Y6HtlaSmqHlNjnuMoGTcYSttAh1kLjq0=
Subject key identifier:   22:33:CA:A5:EB:B4:09:F7:B2:2E:E2:A3:22:17:49:3A:03:15:79:A8
Authority key identifier: E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26
Certificate issuer:       /CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
Certificate serial:       019510C6DB733C36B7E0631F1CF5DE7EB679
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
Manifest number:          052F
Signing time:             Sun 16 Feb 2025 22:00:22 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:22 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:22 +0000
Files and hashes:         1: 4tccU1qnoKzpP62r22WD-ISmxiY.crl (hash: 0EdPCRMB1J4CvjO/LQtFrbK/nzdj8+1dQch4S5MCiCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:db:73:3c:36:b7:e0:63:1f:1c:f5:de:7e:b6:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
        Validity
            Not Before: Feb 16 22:00:22 2025 GMT
            Not After : Feb 17 22:00:22 2025 GMT
        Subject: CN=2233caa5ebb409f7b22ee2a32217493a031579a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4f:c2:66:50:d2:31:56:6c:35:67:86:82:68:
                    a7:aa:9f:09:87:61:e2:92:f4:b5:f1:c1:92:10:b5:
                    32:43:4f:48:3d:c1:56:44:39:0b:a0:2f:e3:20:20:
                    69:01:2e:05:b0:1b:a2:53:85:d6:7b:6c:c2:df:8d:
                    d8:8a:31:dd:d0:a2:77:99:a8:83:72:fb:a6:1f:dc:
                    44:78:30:06:d1:a7:34:6b:9c:b1:9a:67:57:cb:16:
                    b8:e3:3e:e4:0a:77:8f:b4:ac:cb:d7:60:3d:2f:11:
                    76:42:e8:63:c5:90:1d:7f:e8:e9:9a:d2:46:5b:a3:
                    7b:a2:c8:f8:f7:e2:d9:f6:9f:80:a8:e7:46:de:11:
                    aa:d6:45:dd:8d:df:f9:76:86:1e:9c:f5:ca:b5:2d:
                    6a:30:0e:fd:96:aa:b5:10:9d:3f:c5:c2:fe:e5:8a:
                    6b:f1:3b:10:dd:ce:25:47:70:d6:0b:8f:28:07:89:
                    e2:b9:ee:56:06:c3:d4:14:6a:e1:3f:a9:4b:37:08:
                    77:8e:77:d7:88:f2:37:72:f9:f2:5c:bf:23:a4:cf:
                    72:d1:fd:79:4b:82:5b:e2:74:9e:2d:e4:09:01:37:
                    aa:c7:73:9b:11:31:70:76:04:fe:97:20:80:8a:75:
                    3d:82:47:f2:2f:36:33:07:f3:1c:06:ee:6b:4e:35:
                    9e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:33:CA:A5:EB:B4:09:F7:B2:2E:E2:A3:22:17:49:3A:03:15:79:A8
            X509v3 Authority Key Identifier:
                keyid:E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:e6:82:69:67:74:86:a4:fb:8b:8e:d3:9a:01:0b:a4:f6:b9:
         6e:cf:e6:80:d2:44:ae:24:fc:6e:21:35:ca:e7:25:27:bd:c6:
         3e:fc:dd:99:fc:d3:6f:0b:60:a7:48:5f:5c:30:a0:38:81:89:
         fd:17:82:65:eb:b4:81:16:e9:5c:f7:57:ea:f0:00:dc:04:c2:
         92:3c:c4:3a:d0:41:17:29:3e:2b:ce:9d:cd:a9:0a:fc:d7:24:
         10:af:1d:0b:82:36:c4:74:41:ab:4d:08:26:b5:40:18:23:39:
         c4:d6:64:a5:8f:5c:e6:1e:32:c4:60:63:c4:e7:ca:40:99:ea:
         f4:60:e4:0a:b7:15:ad:09:45:33:48:65:ea:59:bd:a2:60:91:
         2d:91:13:ef:c5:58:64:2d:f8:ca:d2:8e:31:51:ac:7a:bb:5b:
         45:0f:fb:12:9e:ea:5f:0a:57:71:c0:0c:70:bc:81:e2:f8:94:
         75:fa:c9:43:71:26:a6:3b:3f:25:2b:c9:61:97:a5:e6:ee:8d:
         4b:d5:3b:a3:9f:ef:ae:82:b0:bf:9e:67:81:37:42:70:c2:67:
         af:99:ea:29:ba:fc:0b:72:69:75:5f:48:80:1f:f9:5a:26:65:
         47:cd:98:72:51:27:a0:50:27:1b:37:90:72:65:fa:99:50:5b:
         68:be:ef:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxttzPDa34GMfHPXefrZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDcxYzUzNWFhN2EwYWNlOTNmYWRhYmRiNjU4M2Y4ODRh
NmM2MjYwHhcNMjUwMjE2MjIwMDIyWhcNMjUwMjE3MjIwMDIyWjAzMTEwLwYDVQQD
EygyMjMzY2FhNWViYjQwOWY3YjIyZWUyYTMyMjE3NDkzYTAzMTU3OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE/CZlDSMVZsNWeGgminqp8Jh2Hi
kvS18cGSELUyQ09IPcFWRDkLoC/jICBpAS4FsBuiU4XWe2zC343YijHd0KJ3maiD
cvumH9xEeDAG0ac0a5yxmmdXyxa44z7kCnePtKzL12A9LxF2QuhjxZAdf+jpmtJG
W6N7osj49+LZ9p+AqOdG3hGq1kXdjd/5doYenPXKtS1qMA79lqq1EJ0/xcL+5Ypr
8TsQ3c4lR3DWC48oB4niue5WBsPUFGrhP6lLNwh3jnfXiPI3cvnyXL8jpM9y0f15
S4Jb4nSeLeQJATeqx3ObETFwdgT+lyCAinU9gkfyLzYzB/McBu5rTjWeDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIzyqXrtAn3si7ioyIXSToDFXmoMB8GA1UdIwQY
MBaAFOLXHFNap6Cs6T+tq9tlg/iEpsYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDkt
YjMxMDExMTM3YTU3LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDktYjMxMDExMTM3YTU3
LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtuaCaWd0
hqT7i47TmgELpPa5bs/mgNJEriT8biE1yuclJ73GPvzdmfzTbwtgp0hfXDCgOIGJ
/ReCZeu0gRbpXPdX6vAA3ATCkjzEOtBBFyk+K86dzakK/NckEK8dC4I2xHRBq00I
JrVAGCM5xNZkpY9c5h4yxGBjxOfKQJnq9GDkCrcVrQlFM0hl6lm9omCRLZET78VY
ZC34ytKOMVGsertbRQ/7Ep7qXwpXccAMcLyB4viUdfrJQ3Empjs/JSvJYZel5u6N
S9U7o5/vroKwv55ngTdCcMJnr5nqKbr8C3JpdV9IgB/5WiZlR82YclEnoFAnGzeQ
cmX6mVBbaL7vaA==
-----END CERTIFICATE-----