Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          SnMZLs/zDlxrytzkQ7DxwYfc2MWx62K3YDhmCV3fTzg=
Subject key identifier:   0A:7B:30:AB:6D:9A:3D:1E:40:4D:0A:E7:6C:50:8B:5C:78:15:D1:1F
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       0194BAF21687FCC07F2719068AEF32F6AF57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          0E
Signing time:             Fri 31 Jan 2025 06:00:15 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:15 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:15 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: r5V3zEDdA7wa9Fk96zB2pqyhrnzHbZRZmdAng5Her6o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:16:87:fc:c0:7f:27:19:06:8a:ef:32:f6:af:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jan 31 06:00:15 2025 GMT
            Not After : Feb  1 06:00:15 2025 GMT
        Subject: CN=0a7b30ab6d9a3d1e404d0ae76c508b5c7815d11f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d5:ab:88:6c:62:9c:f8:2e:20:ad:df:0a:35:
                    0b:3c:94:c7:a4:ae:e6:dd:c4:3f:a4:4c:39:88:d1:
                    b8:1f:05:80:2b:fa:b6:3d:41:12:ae:df:d4:cd:18:
                    30:0d:4f:5b:b7:ee:72:52:3f:31:22:5a:65:69:2f:
                    ed:88:64:3d:f2:57:4f:15:0c:67:60:54:76:e3:ca:
                    88:13:75:ee:f6:d4:d7:ef:a8:8b:01:07:f2:1f:08:
                    e0:5a:5c:e2:ad:09:83:5e:94:53:e2:25:e8:b9:49:
                    be:36:91:6f:3e:68:09:4b:db:08:16:58:22:67:4d:
                    53:29:7c:13:80:2c:bc:21:cd:f9:1e:c9:9c:7d:01:
                    6d:8d:ca:e5:ad:ca:67:fd:ad:93:6e:61:fe:e5:cf:
                    10:02:3e:21:f0:23:f0:85:e1:d5:01:16:43:ae:7f:
                    c8:e6:80:7b:01:f3:e6:f1:c0:22:9e:f7:46:d8:e9:
                    b7:f0:7e:d4:eb:aa:64:ad:7b:5a:eb:8b:fd:5b:b5:
                    fb:a8:c9:61:c2:24:25:d6:05:ea:06:f4:dc:f6:96:
                    47:5e:b5:72:df:cc:e3:b9:72:75:5b:57:95:25:64:
                    80:40:84:3f:5c:c1:c4:80:84:be:e4:58:8e:cd:eb:
                    40:35:83:a0:29:1a:6f:86:cd:49:3b:02:0e:64:24:
                    91:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7B:30:AB:6D:9A:3D:1E:40:4D:0A:E7:6C:50:8B:5C:78:15:D1:1F
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:6d:27:89:a1:34:50:69:e3:53:56:d3:6e:20:17:a6:a1:51:
         72:54:54:ab:76:7f:b5:84:68:88:14:d6:07:d5:2e:57:1c:bf:
         60:fa:e8:5d:6f:74:72:d2:ad:e4:19:19:53:c2:27:14:3f:87:
         be:06:63:ae:fa:4c:ec:9f:5f:00:4d:1d:38:c1:79:fc:60:61:
         3a:84:82:11:e1:d8:c5:2c:97:27:bc:92:cf:ab:0f:22:fa:b8:
         f1:fe:26:36:49:bb:0a:32:a5:63:3a:51:b2:bc:11:51:e5:96:
         4a:c8:7c:95:37:78:cd:8d:47:4f:ca:54:73:78:4e:8b:74:9b:
         2d:8c:3a:12:bf:76:d7:29:81:4b:a0:9b:1f:37:b4:68:4d:77:
         cc:92:45:80:a1:f6:74:8e:54:a0:f5:66:66:a5:d1:15:e1:d0:
         1f:45:2b:41:b8:97:8a:8e:88:73:a9:b8:69:3b:7a:c7:50:39:
         a7:8a:3e:6f:24:fa:24:8f:27:cf:23:e6:96:28:b5:c0:ac:4e:
         10:d3:45:53:8f:32:3b:fe:ac:42:e7:bd:32:18:f3:51:bb:83:
         cb:0d:13:7b:e9:49:5b:22:df:59:72:ff:44:4d:e4:1b:41:fd:
         e9:d5:a8:13:71:67:25:b3:74:72:7e:59:91:d9:8d:e7:72:ba:
         1b:c8:f0:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68haH/MB/JxkGiu8y9q9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwMTMxMDYwMDE1WhcNMjUwMjAxMDYwMDE1WjAzMTEwLwYDVQQD
EygwYTdiMzBhYjZkOWEzZDFlNDA0ZDBhZTc2YzUwOGI1Yzc4MTVkMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNWriGxinPguIK3fCjULPJTHpK7m
3cQ/pEw5iNG4HwWAK/q2PUESrt/UzRgwDU9bt+5yUj8xIlplaS/tiGQ98ldPFQxn
YFR248qIE3Xu9tTX76iLAQfyHwjgWlzirQmDXpRT4iXouUm+NpFvPmgJS9sIFlgi
Z01TKXwTgCy8Ic35HsmcfQFtjcrlrcpn/a2TbmH+5c8QAj4h8CPwheHVARZDrn/I
5oB7AfPm8cAinvdG2Om38H7U66pkrXta64v9W7X7qMlhwiQl1gXqBvTc9pZHXrVy
38zjuXJ1W1eVJWSAQIQ/XMHEgIS+5FiOzetANYOgKRpvhs1JOwIOZCSRHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAp7MKttmj0eQE0K52xQi1x4FdEfMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX20niaE0
UGnjU1bTbiAXpqFRclRUq3Z/tYRoiBTWB9UuVxy/YProXW90ctKt5BkZU8InFD+H
vgZjrvpM7J9fAE0dOMF5/GBhOoSCEeHYxSyXJ7ySz6sPIvq48f4mNkm7CjKlYzpR
srwRUeWWSsh8lTd4zY1HT8pUc3hOi3SbLYw6Er921ymBS6CbHze0aE13zJJFgKH2
dI5UoPVmZqXRFeHQH0UrQbiXio6Ic6m4aTt6x1A5p4o+byT6JI8nzyPmlii1wKxO
ENNFU48yO/6sQue9MhjzUbuDyw0Te+lJWyLfWXL/RE3kG0H96dWoE3FnJbN0cn5Z
kdmN53K6G8jwgw==
-----END CERTIFICATE-----