Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          OTODtKxJ6ljof++u60Qm4da/p/xQUjRodaSV45lTta0=
Subject key identifier:   C8:09:A2:C6:C2:AD:15:BC:FF:79:1D:72:AC:EE:D3:B3:3D:A5:7A:0D
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       019511A2AFEFD136EFC0601AA4A3388D815E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0BB0
Signing time:             Mon 17 Feb 2025 02:00:29 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:29 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:29 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: EJryRCQfjTxpPcwg31Om/bZqpMkhVQhFO7p5XPUlEyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:af:ef:d1:36:ef:c0:60:1a:a4:a3:38:8d:81:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Feb 17 02:00:29 2025 GMT
            Not After : Feb 18 02:00:29 2025 GMT
        Subject: CN=c809a2c6c2ad15bcff791d72aceed3b33da57a0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:0b:61:ce:97:e8:1e:80:42:f7:3f:0c:89:74:
                    86:85:35:49:7f:76:47:3e:5d:59:4e:79:cd:c3:2a:
                    05:32:d4:31:a2:9f:b7:31:2a:8a:2e:a9:2f:12:94:
                    f2:25:56:c2:ad:ea:40:e2:90:67:6b:26:d8:db:84:
                    9b:26:17:60:6b:28:e9:dc:12:d8:0a:1d:95:8d:d7:
                    88:da:7e:cc:c6:af:27:af:ce:82:71:36:f9:9f:c3:
                    d2:02:23:88:b0:d2:e2:8c:c1:93:0b:36:72:b8:67:
                    ef:2f:7b:45:2b:21:c8:87:1a:8c:89:e3:62:ee:eb:
                    32:bf:0d:6c:80:a4:3b:94:bb:64:a1:fa:b7:c6:6b:
                    cd:94:29:b9:aa:84:15:98:f9:5e:75:08:c4:57:30:
                    3e:dd:ed:ef:f8:d4:18:6f:5c:ae:d5:3a:88:c5:89:
                    3e:7c:df:bd:31:f3:c1:b9:ae:5b:f5:dd:99:aa:7b:
                    42:50:6d:f9:1f:ab:91:5b:a7:2a:d2:15:b7:6f:bd:
                    24:be:c7:89:94:b5:ca:7c:8f:e5:c7:7f:b4:9d:9d:
                    16:85:7b:1f:cb:a1:66:db:83:73:17:12:45:22:a1:
                    fa:55:f9:3a:e4:13:d7:4d:12:bf:8c:e1:29:2c:59:
                    b5:85:84:26:86:0c:f6:49:6e:ff:7e:f3:59:65:72:
                    0c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:09:A2:C6:C2:AD:15:BC:FF:79:1D:72:AC:EE:D3:B3:3D:A5:7A:0D
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:d1:08:37:23:f8:5c:2a:5e:31:05:5e:24:f0:ab:67:49:51:
         18:d3:95:a3:0b:2e:94:ef:4e:2c:54:8e:29:c1:e3:e7:b3:1d:
         ca:4b:4a:4f:87:51:32:80:e9:d2:a4:90:2d:88:cc:fd:46:16:
         70:10:9b:b2:11:c8:82:30:39:da:07:ce:d7:86:57:8e:82:e8:
         1c:e4:1c:e5:a3:5b:a6:f2:16:fb:1d:63:8a:d5:63:d8:b0:9f:
         15:4c:15:e2:5d:5b:fe:8c:66:0e:0e:78:f5:5a:ab:37:5e:92:
         c7:4c:1d:82:43:1f:15:67:2a:a6:a0:e5:c2:68:59:b0:ea:68:
         02:78:9b:7f:e3:33:f4:a8:18:33:d3:f6:85:69:2e:02:b8:ad:
         6b:cc:05:f1:0f:60:b0:25:70:f1:02:3f:a3:fd:7c:39:05:0c:
         db:65:ff:5f:b2:3c:29:a7:ac:9f:e0:cb:20:93:2a:ee:13:3e:
         3c:63:63:0a:c2:8d:a2:1e:82:70:a3:7b:be:51:13:34:a4:df:
         87:b2:9f:07:51:82:90:82:45:60:0b:97:f9:71:2f:e1:04:0f:
         7f:a8:51:28:62:e9:88:1b:11:49:fb:88:be:c5:ef:2b:ee:0d:
         36:ce:29:48:38:3c:62:bb:16:22:ad:79:49:f1:fe:e6:a3:b0:
         5f:4d:f8:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoq/v0TbvwGAapKM4jYFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjUwMjE3MDIwMDI5WhcNMjUwMjE4MDIwMDI5WjAzMTEwLwYDVQQD
EyhjODA5YTJjNmMyYWQxNWJjZmY3OTFkNzJhY2VlZDNiMzNkYTU3YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AthzpfoHoBC9z8MiXSGhTVJf3ZH
Pl1ZTnnNwyoFMtQxop+3MSqKLqkvEpTyJVbCrepA4pBnaybY24SbJhdgayjp3BLY
Ch2VjdeI2n7Mxq8nr86CcTb5n8PSAiOIsNLijMGTCzZyuGfvL3tFKyHIhxqMieNi
7usyvw1sgKQ7lLtkofq3xmvNlCm5qoQVmPledQjEVzA+3e3v+NQYb1yu1TqIxYk+
fN+9MfPBua5b9d2ZqntCUG35H6uRW6cq0hW3b70kvseJlLXKfI/lx3+0nZ0WhXsf
y6Fm24NzFxJFIqH6Vfk65BPXTRK/jOEpLFm1hYQmhgz2SW7/fvNZZXIMrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgJosbCrRW8/3kdcqzu07M9pXoNMB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk9EINyP4
XCpeMQVeJPCrZ0lRGNOVowsulO9OLFSOKcHj57MdyktKT4dRMoDp0qSQLYjM/UYW
cBCbshHIgjA52gfO14ZXjoLoHOQc5aNbpvIW+x1jitVj2LCfFUwV4l1b/oxmDg54
9VqrN16Sx0wdgkMfFWcqpqDlwmhZsOpoAnibf+Mz9KgYM9P2hWkuArita8wF8Q9g
sCVw8QI/o/18OQUM22X/X7I8Kaesn+DLIJMq7hM+PGNjCsKNoh6CcKN7vlETNKTf
h7KfB1GCkIJFYAuX+XEv4QQPf6hRKGLpiBsRSfuIvsXvK+4NNs4pSDg8YrsWIq15
SfH+5qOwX034Rg==
-----END CERTIFICATE-----