Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
File:                     SdA41NOnW7-ev-owZGh7Xjs0b-M.mft (raw, json)
Hash identifier:          acpiaiw283/S11loNx2LFIPdkzkgHBa6ttD2CY80BUw=
Subject key identifier:   D4:87:19:9F:28:E8:8B:C4:87:03:EC:0B:57:68:DB:DF:5D:2A:20:08
Authority key identifier: 49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3
Certificate issuer:       /CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
Certificate serial:       019510C6C5AB4F29B574AEA0EAB82AEF9C96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
Manifest number:          0A77
Signing time:             Sun 16 Feb 2025 22:00:16 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:16 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:16 +0000
Files and hashes:         1: SdA41NOnW7-ev-owZGh7Xjs0b-M.crl (hash: RdgWQTcm7HxEaxL38naH3T4Bw0gby1Xf+TWVN7mV1dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:c5:ab:4f:29:b5:74:ae:a0:ea:b8:2a:ef:9c:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
        Validity
            Not Before: Feb 16 22:00:16 2025 GMT
            Not After : Feb 17 22:00:16 2025 GMT
        Subject: CN=d487199f28e88bc48703ec0b5768dbdf5d2a2008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3d:80:54:9a:65:55:f1:20:80:f6:46:52:da:
                    64:d7:4d:01:d1:a4:e5:66:85:b5:93:7c:a4:91:d6:
                    83:65:08:80:3b:fe:c0:4f:4e:c7:b5:ff:ae:7b:d4:
                    ac:43:54:ed:a5:37:9a:b9:f8:27:7b:7b:79:8d:5f:
                    97:47:e7:a7:8b:bd:c9:a2:c1:1d:f6:4a:ae:09:00:
                    c1:12:43:72:30:27:4e:fd:20:e8:7e:9f:89:25:ad:
                    8c:3b:19:f5:dc:9b:96:d2:92:99:f5:e2:0f:a6:2c:
                    ad:05:42:d2:9a:0b:00:d0:e0:d6:0a:9f:66:69:5c:
                    d5:26:a7:fc:85:bf:3a:2c:32:6b:78:9e:e4:63:1a:
                    aa:14:8d:5c:0f:98:30:79:a4:e4:74:74:de:90:2a:
                    aa:83:86:0a:7f:a7:d2:bf:3b:df:7a:7a:bd:9d:05:
                    a7:ca:5d:63:6d:16:73:29:3d:ce:7a:ab:43:26:ee:
                    6c:2e:7b:73:26:7e:a9:76:cf:be:bc:91:b7:39:ff:
                    0e:b7:9a:d3:4b:cf:cb:2b:f4:3a:5a:46:5a:03:25:
                    53:2f:9a:05:b7:b9:8f:b3:46:20:2c:48:b1:ed:d5:
                    e7:fb:3e:2f:c7:bf:a8:b9:68:a3:52:c9:66:78:a9:
                    76:d6:a9:77:5f:6b:b9:d5:cd:8b:13:b2:85:e2:27:
                    6e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:87:19:9F:28:E8:8B:C4:87:03:EC:0B:57:68:DB:DF:5D:2A:20:08
            X509v3 Authority Key Identifier:
                keyid:49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:04:b3:e5:99:c1:e8:33:71:3e:44:b7:e4:2f:70:d4:b6:b0:
         8e:ea:f5:32:74:0f:2a:8e:2a:b3:85:c6:cc:80:5c:d9:22:94:
         eb:f1:a8:23:06:90:09:6e:c0:8e:72:56:cd:77:fa:10:c8:4a:
         73:7e:fd:2e:bb:ed:ef:a0:ce:18:ba:03:7b:a6:a1:95:cd:9a:
         0e:aa:7e:1d:c3:88:68:d4:a6:27:6b:93:07:83:99:ea:d7:67:
         27:27:08:fe:24:27:cb:ed:ee:ae:d5:c9:94:16:64:9d:4e:0d:
         4e:72:cd:66:39:fd:21:d1:20:6c:7e:02:3d:da:e2:c0:51:cf:
         23:19:98:d2:d0:b4:e9:02:da:d9:bf:2a:b4:6f:06:8e:96:8c:
         9a:88:dd:62:bb:86:0d:43:24:fb:dd:d3:a8:43:c7:69:2b:12:
         b6:73:bd:52:9e:5c:f0:09:fa:bc:4f:75:30:b2:3e:cf:f4:1c:
         3b:b8:dc:97:7b:e4:71:4f:fd:27:dd:23:6e:d7:2b:86:33:50:
         c0:1a:49:8b:7a:95:12:d1:91:86:ab:b6:45:f3:54:5b:36:c9:
         74:be:15:e9:43:be:f1:7c:6a:09:dd:fd:f6:29:85:98:7c:12:
         92:fe:2d:f9:a9:24:bb:d3:d3:42:8e:d7:c0:3f:cf:04:83:de:
         75:c8:e4:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxsWrTym1dK6g6rgq75yWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDAzOGQ0ZDNhNzViYmY5ZWJmZWEzMDY0Njg3YjVlM2Iz
NDZmZTMwHhcNMjUwMjE2MjIwMDE2WhcNMjUwMjE3MjIwMDE2WjAzMTEwLwYDVQQD
EyhkNDg3MTk5ZjI4ZTg4YmM0ODcwM2VjMGI1NzY4ZGJkZjVkMmEyMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD2AVJplVfEggPZGUtpk100B0aTl
ZoW1k3ykkdaDZQiAO/7AT07Htf+ue9SsQ1TtpTeaufgne3t5jV+XR+eni73JosEd
9kquCQDBEkNyMCdO/SDofp+JJa2MOxn13JuW0pKZ9eIPpiytBULSmgsA0ODWCp9m
aVzVJqf8hb86LDJreJ7kYxqqFI1cD5gweaTkdHTekCqqg4YKf6fSvzvfenq9nQWn
yl1jbRZzKT3OeqtDJu5sLntzJn6pds++vJG3Of8Ot5rTS8/LK/Q6WkZaAyVTL5oF
t7mPs0YgLEix7dXn+z4vx7+ouWijUslmeKl21ql3X2u51c2LE7KF4iduOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSHGZ8o6IvEhwPsC1do299dKiAIMB8GA1UdIwQY
MBaAFEnQONTTp1u/nr/qMGRoe147NG/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQt
MjBmNTMxMTIyYjU3LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQtMjBmNTMxMTIyYjU3
LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQSz5ZnB
6DNxPkS35C9w1Lawjur1MnQPKo4qs4XGzIBc2SKU6/GoIwaQCW7AjnJWzXf6EMhK
c379Lrvt76DOGLoDe6ahlc2aDqp+HcOIaNSmJ2uTB4OZ6tdnJycI/iQny+3urtXJ
lBZknU4NTnLNZjn9IdEgbH4CPdriwFHPIxmY0tC06QLa2b8qtG8GjpaMmojdYruG
DUMk+93TqEPHaSsStnO9Up5c8An6vE91MLI+z/QcO7jcl3vkcU/9J90jbtcrhjNQ
wBpJi3qVEtGRhqu2RfNUWzbJdL4V6UO+8XxqCd399imFmHwSkv4t+akku9PTQo7X
wD/PBIPedcjk5Q==
-----END CERTIFICATE-----