Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
File:                     zRvlrhITa5bNnXilwkykct6Ixlg.mft (raw, json)
Hash identifier:          rMFMfelbiBpQ4BCif0noH7RoC9MmnMJY4UY8S4xYdKY=
Subject key identifier:   BF:E4:0E:BA:CD:3B:F8:29:AA:BE:E0:2F:46:C4:01:D2:31:4E:45:23
Authority key identifier: CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58
Certificate issuer:       /CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
Certificate serial:       0194C42C55E9589E2AFA4D92163D1DC03245
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
Manifest number:          0661
Signing time:             Sun 02 Feb 2025 01:00:27 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:27 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:27 +0000
Files and hashes:         1: zRvlrhITa5bNnXilwkykct6Ixlg.crl (hash: yiBOsK6YT+CW0DT8K2RPcqIYIamBqZZQ2e4zBqqumIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:55:e9:58:9e:2a:fa:4d:92:16:3d:1d:c0:32:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
        Validity
            Not Before: Feb  2 01:00:27 2025 GMT
            Not After : Feb  3 01:00:27 2025 GMT
        Subject: CN=bfe40ebacd3bf829aabee02f46c401d2314e4523
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:73:27:e0:6a:7b:0d:82:b7:35:f3:d6:2d:ae:
                    04:a4:1a:cc:79:5e:ec:49:3e:b8:f0:c0:14:27:5f:
                    2b:e4:b1:b5:c9:be:ed:6b:6d:d3:b3:02:e6:ec:60:
                    e8:9f:62:24:7e:7e:8d:c2:bc:78:d2:35:8b:b7:c9:
                    08:f6:95:07:3d:be:15:04:ef:cb:9e:95:fe:55:aa:
                    87:b1:b7:a2:05:fb:11:68:3f:1c:6d:5c:dd:52:a5:
                    61:c0:58:a2:be:bd:db:f9:75:06:50:03:fa:83:8f:
                    e3:88:11:2b:00:e7:24:99:ec:a5:42:d3:e6:eb:33:
                    c9:a1:c2:32:78:59:e7:60:f9:df:80:e8:a5:49:19:
                    d2:1b:dc:c8:33:05:3f:ee:3f:e9:02:07:83:12:4f:
                    50:4b:29:3e:af:cd:20:69:31:da:a9:9f:ab:11:d8:
                    81:26:64:37:ab:3d:de:12:dc:31:4b:b1:60:59:91:
                    92:e0:ca:a7:dd:a3:7e:ff:4b:e8:b8:b1:98:49:8b:
                    58:78:26:e0:3d:f5:77:ab:17:3f:fb:9e:23:27:ff:
                    3c:1a:2a:af:5f:4f:cc:88:25:4c:da:d4:b4:9c:80:
                    5f:2c:50:bd:74:b6:1d:55:4d:61:d0:fd:a8:4d:7c:
                    7c:66:43:92:61:4f:ea:da:5b:49:63:61:94:c0:4f:
                    4a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E4:0E:BA:CD:3B:F8:29:AA:BE:E0:2F:46:C4:01:D2:31:4E:45:23
            X509v3 Authority Key Identifier:
                keyid:CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:d3:5f:40:0a:f4:ec:07:b2:e9:77:af:6f:16:c3:60:61:03:
         06:0d:89:dc:41:60:10:fa:56:a4:0f:da:1c:1b:87:45:fe:f1:
         c3:15:6e:44:c0:f6:30:b0:ae:bc:ee:a7:ec:78:43:ba:27:e4:
         85:f8:ff:6d:54:6c:c4:4d:3b:40:71:78:c5:f1:85:1d:7c:48:
         82:f6:cb:7b:fc:e0:1b:91:e0:df:bf:32:f4:f8:38:7f:28:ad:
         c3:dc:86:20:d5:d1:56:0f:95:52:db:84:6c:03:83:69:e1:c3:
         c8:dc:3a:24:96:3a:f9:e5:07:69:df:46:c2:bf:ff:4a:2e:1a:
         95:00:f0:d4:b0:f1:bf:10:9f:43:f8:f6:82:92:94:aa:96:62:
         c5:3c:0c:73:c5:18:31:92:52:1e:17:b8:1a:02:a5:e9:80:6b:
         17:4e:d1:dc:9a:e1:7a:50:09:f3:41:33:b1:6c:f3:8a:1d:6b:
         f3:26:0a:93:42:c5:47:cf:9b:95:33:24:4f:c7:26:19:d7:ff:
         d8:ed:03:72:ef:b0:f5:46:d5:86:45:78:80:62:8b:ef:c7:03:
         6c:c4:10:65:2c:1f:29:df:f7:61:d5:39:0c:ea:16:48:ac:95:
         c1:2c:b8:51:40:20:94:a1:1b:56:1b:88:c9:70:02:20:6a:5d:
         be:1c:f9:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELFXpWJ4q+k2SFj0dwDJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWJlNWFlMTIxMzZiOTZjZDlkNzhhNWMyNGNhNDcyZGU4
OGM2NTgwHhcNMjUwMjAyMDEwMDI3WhcNMjUwMjAzMDEwMDI3WjAzMTEwLwYDVQQD
EyhiZmU0MGViYWNkM2JmODI5YWFiZWUwMmY0NmM0MDFkMjMxNGU0NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHMn4Gp7DYK3NfPWLa4EpBrMeV7s
ST648MAUJ18r5LG1yb7ta23TswLm7GDon2Ikfn6Nwrx40jWLt8kI9pUHPb4VBO/L
npX+VaqHsbeiBfsRaD8cbVzdUqVhwFiivr3b+XUGUAP6g4/jiBErAOckmeylQtPm
6zPJocIyeFnnYPnfgOilSRnSG9zIMwU/7j/pAgeDEk9QSyk+r80gaTHaqZ+rEdiB
JmQ3qz3eEtwxS7FgWZGS4Mqn3aN+/0vouLGYSYtYeCbgPfV3qxc/+54jJ/88Giqv
X0/MiCVM2tS0nIBfLFC9dLYdVU1h0P2oTXx8ZkOSYU/q2ltJY2GUwE9KSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/kDrrNO/gpqr7gL0bEAdIxTkUjMB8GA1UdIwQY
MBaAFM0b5a4SE2uWzZ14pcJMpHLeiMZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgt
NWYxNmRlNWM4NjU4LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgtNWYxNmRlNWM4NjU4
LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9NfQAr0
7Aey6XevbxbDYGEDBg2J3EFgEPpWpA/aHBuHRf7xwxVuRMD2MLCuvO6n7HhDuifk
hfj/bVRsxE07QHF4xfGFHXxIgvbLe/zgG5Hg378y9Pg4fyitw9yGINXRVg+VUtuE
bAODaeHDyNw6JJY6+eUHad9Gwr//Si4alQDw1LDxvxCfQ/j2gpKUqpZixTwMc8UY
MZJSHhe4GgKl6YBrF07R3JrhelAJ80EzsWzzih1r8yYKk0LFR8+blTMkT8cmGdf/
2O0Dcu+w9UbVhkV4gGKL78cDbMQQZSwfKd/3YdU5DOoWSKyVwSy4UUAglKEbVhuI
yXACIGpdvhz5Kw==
-----END CERTIFICATE-----