Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          SCqyDc0bSr33e3aBI3/xPCVYDbGR6Km0uF98723kjrg=
Subject key identifier:   8D:EF:67:EF:85:67:6B:3A:F0:00:E3:3D:C9:DE:C5:3F:12:88:99:90
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0195116BA6F7AE3749FE6C4365DECBC6E905
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1452
Signing time:             Mon 17 Feb 2025 01:00:22 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:22 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:22 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: ZDv9rwNeXhqG4J9l6KrFVPRu7ssCuclQHB6PkPFD0HY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:a6:f7:ae:37:49:fe:6c:43:65:de:cb:c6:e9:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Feb 17 01:00:22 2025 GMT
            Not After : Feb 18 01:00:22 2025 GMT
        Subject: CN=8def67ef85676b3af000e33dc9dec53f12889990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:88:f3:63:3f:8d:63:51:99:28:d5:4a:04:7f:
                    48:c1:85:5d:9a:bc:70:6f:c7:f1:d7:68:d2:17:d3:
                    f2:79:b2:0b:bb:8c:45:97:8f:67:13:6f:05:08:1b:
                    1a:7b:c1:dd:7e:87:67:63:de:8d:ca:6b:a9:69:ce:
                    e5:8a:97:90:fe:c6:4f:06:1c:af:2e:89:56:7c:79:
                    85:f6:b7:8d:6a:ec:05:ae:74:a7:b4:be:b2:b2:9c:
                    77:a8:d6:5c:40:96:92:bd:09:0f:36:80:87:96:40:
                    9e:64:ae:05:29:fd:d5:8a:d3:9e:89:0e:41:c9:83:
                    02:ee:f3:f2:68:c9:b0:7e:3c:01:02:59:77:00:bb:
                    93:4e:ac:32:a6:57:17:4c:0b:6b:3a:91:7a:ec:75:
                    87:80:e1:b7:f3:48:3b:1c:4e:64:67:01:ea:d9:eb:
                    07:33:66:a4:2b:69:3e:d4:f2:88:20:6a:eb:34:79:
                    df:27:4b:8b:26:aa:61:b6:41:65:c2:55:1b:c0:bf:
                    8d:e5:e7:1c:32:f7:74:7b:a4:9a:8b:ad:7c:f5:5c:
                    dc:60:00:ca:09:ce:92:e1:aa:ff:57:5f:bd:a8:e6:
                    94:42:d2:b9:cc:aa:86:62:01:37:b4:78:0a:af:d2:
                    cc:40:d3:24:17:f7:58:fc:ff:61:de:77:06:be:17:
                    8b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EF:67:EF:85:67:6B:3A:F0:00:E3:3D:C9:DE:C5:3F:12:88:99:90
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:f4:3a:ca:47:86:ae:6e:fd:50:01:7d:80:30:65:b3:c8:c3:
         e5:49:fb:0f:0c:8e:0e:7d:6f:01:c2:ae:75:e1:ca:be:b5:ff:
         64:ed:47:6f:9c:63:ca:16:49:a0:df:4d:47:de:73:5f:4a:23:
         19:84:03:77:9f:55:93:a2:15:5c:c5:fd:33:66:f2:a5:fd:ac:
         f3:be:8a:bb:fd:8c:d0:72:e4:f4:fd:5f:01:8b:50:9b:f0:5b:
         93:e0:e0:d4:f0:8f:20:b3:e6:f0:17:13:b7:d1:11:90:de:17:
         2c:76:99:f5:3f:ef:30:a4:94:93:0a:97:34:64:92:b1:7b:4e:
         6e:c1:db:c5:99:10:dc:d4:f0:f8:17:58:7e:0b:b9:53:d8:05:
         7d:c8:ea:df:6a:dd:18:93:84:99:b4:3f:9e:af:a6:df:7a:ed:
         05:6d:93:ab:64:01:d6:4f:3e:7b:0a:55:77:0c:9d:2d:85:5f:
         9e:eb:0e:bc:35:b5:a4:57:cc:6e:7a:cf:d2:00:9a:6b:77:8b:
         9c:8d:3d:73:24:c4:f0:da:de:7e:a3:61:be:2b:bd:2a:09:53:
         33:5c:a3:3a:c9:61:21:5e:95:35:cb:63:85:14:bb:77:71:d3:
         a9:31:59:82:0d:5b:29:06:32:eb:c5:11:9a:6e:cc:6a:cf:52:
         55:27:bf:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa6b3rjdJ/mxDZd7LxukFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwMjE3MDEwMDIyWhcNMjUwMjE4MDEwMDIyWjAzMTEwLwYDVQQD
Eyg4ZGVmNjdlZjg1Njc2YjNhZjAwMGUzM2RjOWRlYzUzZjEyODg5OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YjzYz+NY1GZKNVKBH9IwYVdmrxw
b8fx12jSF9PyebILu4xFl49nE28FCBsae8HdfodnY96Nymupac7lipeQ/sZPBhyv
LolWfHmF9reNauwFrnSntL6yspx3qNZcQJaSvQkPNoCHlkCeZK4FKf3VitOeiQ5B
yYMC7vPyaMmwfjwBAll3ALuTTqwyplcXTAtrOpF67HWHgOG380g7HE5kZwHq2esH
M2akK2k+1PKIIGrrNHnfJ0uLJqphtkFlwlUbwL+N5eccMvd0e6Sai6189VzcYADK
Cc6S4ar/V1+9qOaUQtK5zKqGYgE3tHgKr9LMQNMkF/dY/P9h3ncGvheLEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3vZ++FZ2s68ADjPcnexT8SiJmQMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPQ6ykeG
rm79UAF9gDBls8jD5Un7DwyODn1vAcKudeHKvrX/ZO1Hb5xjyhZJoN9NR95zX0oj
GYQDd59Vk6IVXMX9M2bypf2s876Ku/2M0HLk9P1fAYtQm/Bbk+Dg1PCPILPm8BcT
t9ERkN4XLHaZ9T/vMKSUkwqXNGSSsXtObsHbxZkQ3NTw+BdYfgu5U9gFfcjq32rd
GJOEmbQ/nq+m33rtBW2Tq2QB1k8+ewpVdwydLYVfnusOvDW1pFfMbnrP0gCaa3eL
nI09cyTE8NrefqNhviu9KglTM1yjOslhIV6VNctjhRS7d3HTqTFZgg1bKQYy68UR
mm7Mas9SVSe/pg==
-----END CERTIFICATE-----