Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          u6F9oJUDGV+Hu/OcBr2wBjf4wXvdKLVUtLXxyNQbSE8=
Subject key identifier:   41:3E:13:9D:0C:E3:6E:3B:38:26:A6:02:D9:77:57:11:42:42:84:C1
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019511354641E65D1E621A6F8B75F99F79FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          06DD
Signing time:             Mon 17 Feb 2025 00:00:58 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:58 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:58 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: CVpu0WzWI68Pa/FXxqgc5TZq2ZvENJ7RahcsZZ/fSxc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:46:41:e6:5d:1e:62:1a:6f:8b:75:f9:9f:79:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Feb 17 00:00:58 2025 GMT
            Not After : Feb 18 00:00:58 2025 GMT
        Subject: CN=413e139d0ce36e3b3826a602d9775711424284c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c3:a4:fe:e3:6a:65:5b:85:9e:87:ef:81:d4:
                    4d:0e:83:1a:b1:f4:59:75:3c:98:7d:3e:9d:3c:5e:
                    74:3d:0b:3f:d9:79:8b:a0:db:02:67:22:70:4f:ca:
                    9f:04:28:dd:f2:ce:64:55:e5:05:71:64:21:26:23:
                    79:7f:9a:f6:8a:d3:05:78:fe:41:84:81:bd:47:8c:
                    9d:9a:2a:dd:6e:2b:83:91:02:75:c4:b3:50:50:c8:
                    87:93:7b:b5:9f:ab:cf:ea:35:90:37:c1:dd:0e:d0:
                    80:2a:56:92:36:63:9d:b5:1a:a4:bf:b0:56:4b:5f:
                    ac:49:5e:e0:20:67:ec:1d:ca:94:d4:a6:39:ff:c8:
                    f3:07:b3:71:ba:af:9f:26:1b:cc:28:f9:64:2f:8f:
                    08:f6:a4:41:09:4d:e8:56:15:90:da:b3:0a:ca:95:
                    91:c2:50:c5:77:db:14:4d:f4:69:d1:d8:87:40:7c:
                    2e:44:b6:03:03:2b:53:53:c7:99:92:7e:ed:eb:97:
                    c3:2f:af:2a:56:c3:29:6e:96:5d:f7:25:90:03:eb:
                    ac:b3:43:71:49:bc:61:55:2e:2a:a6:38:d5:22:11:
                    91:62:f4:2c:23:a9:bd:0b:b8:e0:1a:a4:ff:1f:06:
                    3a:43:68:26:8e:ba:b3:2a:82:b4:a0:43:d8:77:e7:
                    0b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:3E:13:9D:0C:E3:6E:3B:38:26:A6:02:D9:77:57:11:42:42:84:C1
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:c3:6b:0f:e5:05:50:19:90:67:1e:4c:f0:50:62:8e:b2:f3:
         22:d3:86:b4:0b:b6:e3:dc:ae:d4:45:13:1f:01:2a:25:73:e6:
         da:af:67:2e:bb:87:f7:a2:2c:12:6e:f3:ea:ca:ee:7c:3c:30:
         35:b8:05:ea:16:db:cf:3e:f9:56:54:1d:f6:1e:a6:a7:64:d5:
         0f:1a:c7:76:8b:96:55:88:f1:c2:f7:09:63:9e:19:a0:c9:12:
         cf:88:76:18:7c:82:cd:fc:83:87:25:7b:33:0d:10:6b:82:7f:
         6b:81:2e:bc:18:6a:d6:ac:81:ad:ab:70:40:67:4d:cd:18:4b:
         8c:09:d3:a5:b7:b3:f7:8e:65:ab:d0:9e:58:ea:10:86:f0:66:
         bc:7f:cd:8d:b6:96:6c:42:af:df:1c:f8:0b:bc:26:9a:34:94:
         af:e4:e5:ac:c7:e6:bb:78:c4:37:38:c7:0e:f0:d8:6b:32:e9:
         37:fd:14:b4:44:54:57:cf:82:01:88:d4:6a:79:57:e6:28:4f:
         d0:62:2c:c8:6f:ef:07:31:7d:72:2d:27:81:77:8b:9d:09:99:
         da:e2:84:9b:de:c6:f0:79:26:0e:a4:8c:1b:0f:aa:68:da:36:
         f8:61:47:2d:4f:77:aa:c0:d3:4f:f6:df:21:46:13:45:8b:79:
         72:36:e3:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNUZB5l0eYhpvi3X5n3n8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwMjE3MDAwMDU4WhcNMjUwMjE4MDAwMDU4WjAzMTEwLwYDVQQD
Eyg0MTNlMTM5ZDBjZTM2ZTNiMzgyNmE2MDJkOTc3NTcxMTQyNDI4NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMOk/uNqZVuFnofvgdRNDoMasfRZ
dTyYfT6dPF50PQs/2XmLoNsCZyJwT8qfBCjd8s5kVeUFcWQhJiN5f5r2itMFeP5B
hIG9R4ydmirdbiuDkQJ1xLNQUMiHk3u1n6vP6jWQN8HdDtCAKlaSNmOdtRqkv7BW
S1+sSV7gIGfsHcqU1KY5/8jzB7Nxuq+fJhvMKPlkL48I9qRBCU3oVhWQ2rMKypWR
wlDFd9sUTfRp0diHQHwuRLYDAytTU8eZkn7t65fDL68qVsMpbpZd9yWQA+uss0Nx
SbxhVS4qpjjVIhGRYvQsI6m9C7jgGqT/HwY6Q2gmjrqzKoK0oEPYd+cLEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEE+E50M4247OCamAtl3VxFCQoTBMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcNrD+UF
UBmQZx5M8FBijrLzItOGtAu249yu1EUTHwEqJXPm2q9nLruH96IsEm7z6srufDww
NbgF6hbbzz75VlQd9h6mp2TVDxrHdouWVYjxwvcJY54ZoMkSz4h2GHyCzfyDhyV7
Mw0Qa4J/a4EuvBhq1qyBratwQGdNzRhLjAnTpbez945lq9CeWOoQhvBmvH/NjbaW
bEKv3xz4C7wmmjSUr+TlrMfmu3jENzjHDvDYazLpN/0UtERUV8+CAYjUanlX5ihP
0GIsyG/vBzF9ci0ngXeLnQmZ2uKEm97G8HkmDqSMGw+qaNo2+GFHLU93qsDTT/bf
IUYTRYt5cjbj2A==
-----END CERTIFICATE-----