Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          26Fmoc9t7XhYZW/cf3TTdUiFOoNMHPLLDPLPBL8FD6Q=
Subject key identifier:   1E:76:95:50:C2:58:D7:2F:F4:14:70:16:28:14:71:2E:DC:92:8E:9C
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019511D94504A58486F91A663074367B4DD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          02CA
Signing time:             Mon 17 Feb 2025 03:00:06 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:06 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:06 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: PieumN3sCUAIwGYOlkB0gT90IOmfsiqZkauyFoFN4TA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:45:04:a5:84:86:f9:1a:66:30:74:36:7b:4d:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Feb 17 03:00:06 2025 GMT
            Not After : Feb 18 03:00:06 2025 GMT
        Subject: CN=1e769550c258d72ff41470162814712edc928e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:30:68:7b:bc:06:ea:f7:c0:b8:38:0c:89:d4:
                    c9:18:2a:4f:ba:40:06:15:d9:93:c9:cf:17:d8:f7:
                    d4:2e:c8:34:4f:e0:3c:55:89:c4:ef:2d:ac:c4:eb:
                    b1:15:3e:01:20:04:93:a5:07:5d:31:a4:0b:b8:60:
                    6a:1e:1f:7e:59:03:6e:48:07:55:f1:af:49:d4:51:
                    06:12:1e:96:57:a6:33:58:9f:fa:e9:e0:19:5b:44:
                    31:05:1f:d4:98:6b:58:0f:2c:e6:42:b9:f8:e9:8f:
                    0e:6e:47:23:c5:95:90:65:cf:c4:2f:a2:1a:0d:b8:
                    32:cd:42:14:2a:9d:40:71:46:cd:a5:c1:94:d3:9d:
                    84:4a:56:9b:bd:65:5c:b8:8c:91:bf:94:1a:88:c4:
                    a5:6f:97:ef:36:7f:86:7e:0a:34:52:72:b4:1a:e2:
                    b1:4f:a6:c2:7f:79:2a:0f:23:0d:82:02:e1:70:39:
                    57:bd:93:64:e5:b2:95:72:89:31:d8:e4:fa:a6:64:
                    eb:fe:50:de:c3:b8:0b:04:83:45:76:9a:85:d8:14:
                    ed:4c:3f:6f:9c:ea:d8:d6:b6:79:a0:b3:be:ef:63:
                    26:08:5f:e0:16:0c:66:7d:07:5d:7a:91:1c:83:1c:
                    83:0c:e0:17:d0:04:c1:2b:e5:4b:c3:b8:cc:f1:2b:
                    be:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:76:95:50:C2:58:D7:2F:F4:14:70:16:28:14:71:2E:DC:92:8E:9C
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:3f:5e:7a:3d:09:ab:66:7f:1c:1f:37:37:77:e1:15:47:1d:
         33:c3:cf:41:b8:b6:1f:98:e4:33:d1:ae:1a:a2:3c:7b:a0:fc:
         b4:3b:21:21:6c:76:ea:5f:20:ef:b8:52:73:d8:7c:0d:91:88:
         54:ec:2a:80:29:0d:60:b2:c7:db:f6:2b:83:0a:92:5e:30:8b:
         93:08:b3:0a:30:8a:a4:af:e7:a0:58:3b:9c:53:a4:8b:61:00:
         2d:e8:86:b7:98:ef:3e:ec:b2:c3:33:1f:84:1a:9f:b5:d0:36:
         f0:15:7e:e2:db:5a:f2:28:27:c7:ed:c1:61:a9:f0:7d:66:0e:
         75:56:28:b4:73:58:8f:c3:55:9c:e3:79:50:d8:9b:71:79:f7:
         8c:40:bb:ac:3f:7d:36:75:e3:9f:c5:1e:28:aa:98:d3:62:67:
         83:2b:de:fb:00:80:99:0d:b6:44:5d:e9:f1:39:d0:30:0a:9d:
         6d:63:fe:10:52:b8:3b:14:32:33:c9:00:ee:1c:61:87:9e:3f:
         fe:91:67:91:8f:26:5f:8c:bc:7e:88:67:cb:48:12:38:c1:ae:
         d4:b5:05:ba:30:a8:c9:d6:2d:43:09:6b:c8:2c:85:a5:23:6e:
         d6:28:f0:6e:3c:c8:aa:4e:47:cb:5b:bc:27:74:1c:24:ad:d0:
         1f:6a:72:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2UUEpYSG+RpmMHQ2e03RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUwMjE3MDMwMDA2WhcNMjUwMjE4MDMwMDA2WjAzMTEwLwYDVQQD
EygxZTc2OTU1MGMyNThkNzJmZjQxNDcwMTYyODE0NzEyZWRjOTI4ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTBoe7wG6vfAuDgMidTJGCpPukAG
FdmTyc8X2PfULsg0T+A8VYnE7y2sxOuxFT4BIASTpQddMaQLuGBqHh9+WQNuSAdV
8a9J1FEGEh6WV6YzWJ/66eAZW0QxBR/UmGtYDyzmQrn46Y8ObkcjxZWQZc/EL6Ia
DbgyzUIUKp1AcUbNpcGU052ESlabvWVcuIyRv5QaiMSlb5fvNn+Gfgo0UnK0GuKx
T6bCf3kqDyMNggLhcDlXvZNk5bKVcokx2OT6pmTr/lDew7gLBINFdpqF2BTtTD9v
nOrY1rZ5oLO+72MmCF/gFgxmfQddepEcgxyDDOAX0ATBK+VLw7jM8Su+twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB52lVDCWNcv9BRwFigUcS7cko6cMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALT9eej0J
q2Z/HB83N3fhFUcdM8PPQbi2H5jkM9GuGqI8e6D8tDshIWx26l8g77hSc9h8DZGI
VOwqgCkNYLLH2/YrgwqSXjCLkwizCjCKpK/noFg7nFOki2EALeiGt5jvPuyywzMf
hBqftdA28BV+4tta8ignx+3BYanwfWYOdVYotHNYj8NVnON5UNibcXn3jEC7rD99
NnXjn8UeKKqY02Jngyve+wCAmQ22RF3p8TnQMAqdbWP+EFK4OxQyM8kA7hxhh54/
/pFnkY8mX4y8fohny0gSOMGu1LUFujCoydYtQwlryCyFpSNu1ijwbjzIqk5Hy1u8
J3QcJK3QH2pycw==
-----END CERTIFICATE-----