Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
File:                     IodymNrl1aO-q8oW6S0aFB6Uhic.mft (raw, json)
Hash identifier:          Nq5TZRHykXzal45kcy+ajexeZDJUYkjDRD25XYo/krI=
Subject key identifier:   A2:6E:B7:67:FC:02:CC:45:3B:0C:32:1F:B1:4C:90:D0:85:00:FD:90
Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
Certificate issuer:       /CN=22877298dae5d5a3beabca16e92d1a141e948627
Certificate serial:       0194C3BE64BD0B42B427C48E54E0E2DF2C77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
Manifest number:          023C
Signing time:             Sat 01 Feb 2025 23:00:21 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:21 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:21 +0000
Files and hashes:         1: IodymNrl1aO-q8oW6S0aFB6Uhic.crl (hash: M/lBGH9qvmwGCb3n+p9fq0uVFrycgL7el0pnHnG0HnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:64:bd:0b:42:b4:27:c4:8e:54:e0:e2:df:2c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627
        Validity
            Not Before: Feb  1 23:00:21 2025 GMT
            Not After : Feb  2 23:00:21 2025 GMT
        Subject: CN=a26eb767fc02cc453b0c321fb14c90d08500fd90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0a:d8:f1:fb:53:00:df:44:ab:f8:1f:73:7c:
                    34:d5:b6:c9:96:29:f8:81:4d:9f:dc:be:84:98:c5:
                    7c:e2:19:2f:26:91:63:59:63:e9:18:25:7d:a8:46:
                    63:50:86:f8:6d:31:69:47:e6:43:f6:4e:99:c3:15:
                    3c:67:e2:39:21:4a:ed:47:cd:5e:48:b2:af:c8:82:
                    f9:64:a6:4d:cd:17:9c:58:53:dc:1e:7f:c6:4d:bb:
                    d5:33:92:cb:3a:07:bf:ec:6c:15:b8:9d:86:a6:09:
                    05:d1:ad:99:80:61:d3:31:7a:9a:1f:d0:00:16:ba:
                    d3:68:b4:7f:db:c9:5a:df:44:b8:c1:16:0e:18:70:
                    89:7b:0e:f6:80:1c:66:da:60:89:fc:59:3c:37:39:
                    4a:06:68:c2:72:3c:1f:3b:ca:f5:8e:eb:e6:0d:de:
                    29:b2:ae:db:e2:4e:61:2a:ce:27:34:ad:12:9a:e9:
                    2e:ae:74:d5:9e:49:61:11:05:e8:2a:4f:83:57:51:
                    95:6e:5c:8e:c2:bc:67:cf:cc:22:fa:23:d6:e1:8e:
                    57:fc:f4:17:92:93:bc:97:c3:59:88:3f:60:21:5e:
                    c5:95:48:4c:8c:59:2f:2e:b4:51:a6:97:e2:cd:13:
                    bc:0e:15:5d:02:84:91:67:df:e2:fa:ca:6c:fd:20:
                    18:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:6E:B7:67:FC:02:CC:45:3B:0C:32:1F:B1:4C:90:D0:85:00:FD:90
            X509v3 Authority Key Identifier:
                keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:be:6b:da:61:28:3e:10:f2:fc:88:b7:58:12:58:34:76:ad:
         39:9f:8c:cd:45:2b:be:a9:40:b5:bd:0a:97:08:28:be:a6:c6:
         bc:7a:89:b8:c7:53:f6:ab:6f:d7:06:3d:42:ff:ca:7f:14:38:
         3f:93:3f:98:cf:7a:0c:4b:83:d9:00:83:9f:00:0c:16:b2:71:
         c8:c5:45:b6:e4:31:6a:79:42:68:2b:a7:c8:09:ac:7e:cf:cf:
         40:18:99:49:cf:13:05:fb:9a:36:aa:85:b6:01:92:48:18:74:
         10:7c:8f:57:d6:c8:96:ba:bf:69:6b:7c:c4:ea:ae:71:4e:cc:
         f8:dd:7b:b1:ef:f4:ba:54:cc:fe:25:70:aa:fe:99:f8:3e:d4:
         c5:b3:79:06:fa:73:b4:4b:5b:7c:9f:37:1d:0c:f5:d3:c2:70:
         0f:8a:d8:7b:62:09:21:12:af:73:a7:9a:ca:b6:f9:8b:54:eb:
         f0:42:7f:88:ba:3e:28:0f:95:02:bb:58:8e:21:89:92:c4:3e:
         a5:20:3f:24:b7:46:31:b9:4a:32:09:1e:94:19:09:c5:f4:e3:
         c5:6d:14:3d:5e:d6:bf:7b:50:f6:4c:34:95:36:34:44:76:a2:
         f3:5e:ba:73:36:d7:84:58:82:7c:60:3b:1c:ff:8e:3b:e1:42:
         f7:0d:7b:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvmS9C0K0J8SOVODi3yx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5
NDg2MjcwHhcNMjUwMjAxMjMwMDIxWhcNMjUwMjAyMjMwMDIxWjAzMTEwLwYDVQQD
EyhhMjZlYjc2N2ZjMDJjYzQ1M2IwYzMyMWZiMTRjOTBkMDg1MDBmZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApArY8ftTAN9Eq/gfc3w01bbJlin4
gU2f3L6EmMV84hkvJpFjWWPpGCV9qEZjUIb4bTFpR+ZD9k6ZwxU8Z+I5IUrtR81e
SLKvyIL5ZKZNzRecWFPcHn/GTbvVM5LLOge/7GwVuJ2GpgkF0a2ZgGHTMXqaH9AA
FrrTaLR/28la30S4wRYOGHCJew72gBxm2mCJ/Fk8NzlKBmjCcjwfO8r1juvmDd4p
sq7b4k5hKs4nNK0SmukurnTVnklhEQXoKk+DV1GVblyOwrxnz8wi+iPW4Y5X/PQX
kpO8l8NZiD9gIV7FlUhMjFkvLrRRppfizRO8DhVdAoSRZ9/i+sps/SAYRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJut2f8AsxFOwwyH7FMkNCFAP2QMB8GA1UdIwQY
MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt
NTkzM2EwOWY3MmQxLzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx
LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN75r2mEo
PhDy/Ii3WBJYNHatOZ+MzUUrvqlAtb0KlwgovqbGvHqJuMdT9qtv1wY9Qv/KfxQ4
P5M/mM96DEuD2QCDnwAMFrJxyMVFtuQxanlCaCunyAmsfs/PQBiZSc8TBfuaNqqF
tgGSSBh0EHyPV9bIlrq/aWt8xOqucU7M+N17se/0ulTM/iVwqv6Z+D7UxbN5Bvpz
tEtbfJ83HQz108JwD4rYe2IJIRKvc6eayrb5i1Tr8EJ/iLo+KA+VArtYjiGJksQ+
pSA/JLdGMblKMgkelBkJxfTjxW0UPV7Wv3tQ9kw0lTY0RHai8166czbXhFiCfGA7
HP+OO+FC9w17OA==
-----END CERTIFICATE-----