Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          qtUvUc55DRDf2Vdy5girgTZobBbAqCGVE614iPJQB78=
Subject key identifier:   B8:DA:39:12:38:F5:4F:FA:96:EE:AC:63:9B:4A:D8:15:55:65:2C:CB
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019510C6FE1BF3B332F27B3A7235CF161C19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          0FE5
Signing time:             Sun 16 Feb 2025 22:00:31 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:31 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:31 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: fpWhmpGGfV4B3IgbGHSu8cwGHH8Q5PVuGZKvO48U2eo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:fe:1b:f3:b3:32:f2:7b:3a:72:35:cf:16:1c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Feb 16 22:00:31 2025 GMT
            Not After : Feb 17 22:00:31 2025 GMT
        Subject: CN=b8da391238f54ffa96eeac639b4ad81555652ccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:74:6f:e6:76:37:d5:b8:70:34:43:fb:9f:a6:
                    9d:11:5a:6e:4e:67:4c:c4:20:5e:b3:3b:a2:b4:a9:
                    6c:ea:a8:0c:e7:2a:8b:dd:f2:07:87:52:88:8d:08:
                    48:d5:f3:a0:7d:05:d1:8a:51:7f:18:fb:1e:e9:53:
                    c4:fd:ee:31:fd:c1:f7:6d:84:75:20:fb:15:44:14:
                    0f:f7:b1:8a:41:ac:7c:e1:dd:40:13:11:79:cf:99:
                    7c:40:ff:2a:d5:f5:82:d6:6f:de:49:80:b7:3b:61:
                    f6:d9:8a:12:9d:56:0e:de:7c:78:5d:66:35:83:42:
                    5d:7c:a0:97:b7:a3:02:78:f5:a7:8f:d3:52:98:e9:
                    cc:7d:bd:38:48:eb:0b:e3:50:8b:f5:09:31:f7:a3:
                    8d:cd:55:a0:33:aa:a9:22:25:f1:ed:ad:44:3e:82:
                    72:3d:84:7c:e4:ad:01:d1:ae:4e:60:64:d1:b3:2f:
                    16:63:65:8c:44:d8:49:14:73:7b:6a:69:c6:81:ca:
                    ae:a3:d9:05:78:b5:38:15:6a:97:5b:d1:f8:2e:2d:
                    7e:81:2d:39:08:1d:88:59:05:81:f6:80:07:45:31:
                    84:3c:88:dc:34:26:80:e7:43:9c:65:66:59:01:0a:
                    6d:5b:b1:2a:9c:43:60:90:ec:cd:e9:c1:a7:d4:6a:
                    c7:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:DA:39:12:38:F5:4F:FA:96:EE:AC:63:9B:4A:D8:15:55:65:2C:CB
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:c8:ce:47:fd:89:22:7b:0f:b9:69:11:90:a2:94:e0:fb:0a:
         3d:0d:45:fb:54:01:2a:56:dc:b8:db:66:b6:bf:55:73:21:1b:
         a0:26:04:8a:c9:bd:8d:3a:9f:a5:ee:1c:d5:df:db:f9:3f:8b:
         b8:95:54:48:4d:dc:e1:48:a1:cc:30:67:4b:61:f9:17:32:23:
         08:2e:3e:0b:06:fd:1f:54:37:49:20:13:0f:dd:60:96:a4:43:
         c5:17:83:dc:ea:8f:df:95:90:0f:ab:34:5e:b7:ee:91:6b:39:
         0a:aa:25:7f:05:48:5b:d4:85:a4:bb:04:70:ea:33:65:2a:a3:
         4d:51:58:45:9c:d3:0e:3b:a2:bb:2b:2a:95:c4:c2:2a:58:90:
         67:f6:26:32:a3:cd:4a:bf:e5:5d:1c:2c:91:45:a4:25:2e:1c:
         26:a3:59:8d:37:56:47:94:b0:c0:a1:86:74:1f:16:87:5d:a0:
         92:59:18:29:56:96:39:19:01:ef:f9:6c:a3:b8:0f:0a:2c:67:
         4a:17:8b:6d:26:cd:31:f6:22:e4:a1:9a:74:e1:c7:48:29:e5:
         f0:ee:78:45:9b:63:8c:7d:fc:01:3b:0f:f1:65:33:4a:37:73:
         bf:78:e6:83:b3:75:00:84:05:65:62:53:01:9d:ba:48:8a:96:
         6e:20:da:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxv4b87My8ns6cjXPFhwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwMjE2MjIwMDMxWhcNMjUwMjE3MjIwMDMxWjAzMTEwLwYDVQQD
EyhiOGRhMzkxMjM4ZjU0ZmZhOTZlZWFjNjM5YjRhZDgxNTU1NjUyY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnRv5nY31bhwNEP7n6adEVpuTmdM
xCBeszuitKls6qgM5yqL3fIHh1KIjQhI1fOgfQXRilF/GPse6VPE/e4x/cH3bYR1
IPsVRBQP97GKQax84d1AExF5z5l8QP8q1fWC1m/eSYC3O2H22YoSnVYO3nx4XWY1
g0JdfKCXt6MCePWnj9NSmOnMfb04SOsL41CL9Qkx96ONzVWgM6qpIiXx7a1EPoJy
PYR85K0B0a5OYGTRsy8WY2WMRNhJFHN7amnGgcquo9kFeLU4FWqXW9H4Li1+gS05
CB2IWQWB9oAHRTGEPIjcNCaA50OcZWZZAQptW7EqnENgkOzN6cGn1GrHaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjaORI49U/6lu6sY5tK2BVVZSzLMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtsjOR/2J
InsPuWkRkKKU4PsKPQ1F+1QBKlbcuNtmtr9VcyEboCYEism9jTqfpe4c1d/b+T+L
uJVUSE3c4UihzDBnS2H5FzIjCC4+Cwb9H1Q3SSATD91glqRDxReD3OqP35WQD6s0
XrfukWs5CqolfwVIW9SFpLsEcOozZSqjTVFYRZzTDjuiuysqlcTCKliQZ/YmMqPN
Sr/lXRwskUWkJS4cJqNZjTdWR5SwwKGGdB8Wh12gklkYKVaWORkB7/lso7gPCixn
SheLbSbNMfYi5KGadOHHSCnl8O54RZtjjH38ATsP8WUzSjdzv3jmg7N1AIQFZWJT
AZ26SIqWbiDaCA==
-----END CERTIFICATE-----