Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
File:                     w9bWn9WH0FQXblPRknJoI2GxZzY.mft (raw, json)
Hash identifier:          0jz+d051Byke7/D2ktwVLAoMQDExWfxdDyeGMCHx5TQ=
Subject key identifier:   AC:B7:59:8D:44:7D:5A:36:45:B4:3E:7F:EF:D0:4A:8D:BF:04:B3:9F
Authority key identifier: C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36
Certificate issuer:       /CN=c3d6d69fd587d054176e53d19272682361b16736
Certificate serial:       0194BBCE7A7882F3871010B75C981E30DCEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
Manifest number:          1426
Signing time:             Fri 31 Jan 2025 10:00:58 +0000
Manifest this update:     Fri 31 Jan 2025 10:00:58 +0000
Manifest next update:     Sat 01 Feb 2025 10:00:58 +0000
Files and hashes:         1: w9bWn9WH0FQXblPRknJoI2GxZzY.crl (hash: UUgNFDcMAwaArLikgzIJr2Mp/SWKELjqH+PklLspZsQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 10:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:ce:7a:78:82:f3:87:10:10:b7:5c:98:1e:30:dc:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3d6d69fd587d054176e53d19272682361b16736
        Validity
            Not Before: Jan 31 10:00:58 2025 GMT
            Not After : Feb  1 10:00:58 2025 GMT
        Subject: CN=acb7598d447d5a3645b43e7fefd04a8dbf04b39f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:81:e1:22:63:72:10:e5:6d:25:92:e2:e7:77:
                    16:4a:7d:cc:74:8e:0e:61:07:1c:22:59:8b:01:8b:
                    d1:a6:9d:41:a8:c2:54:0b:b7:a6:81:28:b6:7c:cc:
                    66:b6:99:02:58:4a:4b:ce:db:6d:15:bc:ea:8b:de:
                    c5:54:67:33:75:a0:7d:d0:cf:51:1d:1e:90:14:f9:
                    51:37:81:90:21:57:5e:3e:7c:14:ae:38:da:f4:84:
                    5e:b3:e3:ff:63:92:e5:df:f3:1b:e7:82:41:fc:d2:
                    f1:61:23:d4:22:2f:b7:44:a9:32:6b:8b:86:81:0a:
                    6d:f4:90:73:1f:18:7e:45:f8:44:dd:68:39:e7:a4:
                    cc:7f:60:2a:9d:e2:7e:d3:20:7f:d9:9f:fa:16:8d:
                    ed:d5:c0:17:30:ef:62:af:30:ac:1c:7c:2d:78:a6:
                    f3:05:88:b7:5b:de:8b:9f:f9:8a:06:7e:d3:8c:1f:
                    f6:07:36:b7:a3:03:ac:5a:70:1f:de:f8:bd:9d:5e:
                    a7:1d:af:e2:38:be:1c:9f:09:23:e7:6d:de:c9:5a:
                    42:03:3a:c2:d1:52:07:85:94:69:44:ca:32:1b:de:
                    c6:a0:42:7f:79:f7:70:73:d3:b0:23:6e:90:5e:42:
                    3e:0b:54:fd:53:17:79:6d:03:41:dc:89:70:e0:de:
                    62:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B7:59:8D:44:7D:5A:36:45:B4:3E:7F:EF:D0:4A:8D:BF:04:B3:9F
            X509v3 Authority Key Identifier:
                keyid:C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:44:27:20:0e:d7:b6:8b:e1:ff:97:32:be:97:e4:e5:28:2e:
         10:ba:47:ab:b2:b1:58:0b:f3:96:f2:2c:f9:a5:0e:a0:f1:88:
         45:55:7b:29:be:4d:0c:dd:5f:a7:68:bd:fa:ce:86:cc:26:27:
         97:ac:0b:f6:ba:a0:fb:fb:24:09:d1:fd:10:47:f6:1a:36:8d:
         34:d9:a3:14:07:29:97:d2:73:e3:39:f9:10:ca:7a:8a:25:48:
         1c:44:30:56:a1:31:b0:32:bc:6c:65:ef:4d:13:a6:fe:b5:01:
         75:59:68:92:b0:b4:ee:e6:c2:07:ea:4a:db:9e:04:d5:bf:c8:
         19:80:ff:03:c9:11:18:48:52:8b:e8:5d:53:cf:8b:8d:db:93:
         b4:32:f1:4c:63:76:ef:26:16:27:aa:48:fa:49:b3:4c:9e:44:
         9e:d6:b6:03:7b:b0:3d:c9:ac:ee:7d:bd:c0:30:b3:dd:e8:99:
         68:da:fd:44:56:05:be:17:c7:3d:79:ce:62:e5:b7:0d:5a:38:
         ae:28:d5:fc:40:38:bf:be:3e:6a:69:5b:5f:91:f5:b5:09:06:
         5e:f3:13:c2:a9:8d:4b:73:e6:4c:53:10:cd:58:ae:aa:e7:c2:
         6a:38:ec:db:63:8f:1f:45:ca:46:01:b3:84:5a:96:17:59:df:
         26:74:df:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7znp4gvOHEBC3XJgeMNzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDZkNjlmZDU4N2QwNTQxNzZlNTNkMTkyNzI2ODIzNjFi
MTY3MzYwHhcNMjUwMTMxMTAwMDU4WhcNMjUwMjAxMTAwMDU4WjAzMTEwLwYDVQQD
EyhhY2I3NTk4ZDQ0N2Q1YTM2NDViNDNlN2ZlZmQwNGE4ZGJmMDRiMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoHhImNyEOVtJZLi53cWSn3MdI4O
YQccIlmLAYvRpp1BqMJUC7emgSi2fMxmtpkCWEpLztttFbzqi97FVGczdaB90M9R
HR6QFPlRN4GQIVdePnwUrjja9IRes+P/Y5Ll3/Mb54JB/NLxYSPUIi+3RKkya4uG
gQpt9JBzHxh+RfhE3Wg556TMf2AqneJ+0yB/2Z/6Fo3t1cAXMO9irzCsHHwteKbz
BYi3W96Ln/mKBn7TjB/2Bza3owOsWnAf3vi9nV6nHa/iOL4cnwkj523eyVpCAzrC
0VIHhZRpRMoyG97GoEJ/efdwc9OwI26QXkI+C1T9Uxd5bQNB3Ilw4N5ikQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKy3WY1EfVo2RbQ+f+/QSo2/BLOfMB8GA1UdIwQY
MBaAFMPW1p/Vh9BUF25T0ZJyaCNhsWc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQt
Y2EwODM2MzE4OTk1LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQtY2EwODM2MzE4OTk1
LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEQnIA7X
tovh/5cyvpfk5SguELpHq7KxWAvzlvIs+aUOoPGIRVV7Kb5NDN1fp2i9+s6GzCYn
l6wL9rqg+/skCdH9EEf2GjaNNNmjFAcpl9Jz4zn5EMp6iiVIHEQwVqExsDK8bGXv
TROm/rUBdVlokrC07ubCB+pK254E1b/IGYD/A8kRGEhSi+hdU8+LjduTtDLxTGN2
7yYWJ6pI+kmzTJ5Enta2A3uwPcms7n29wDCz3eiZaNr9RFYFvhfHPXnOYuW3DVo4
rijV/EA4v74+amlbX5H1tQkGXvMTwqmNS3PmTFMQzViuqufCajjs22OPH0XKRgGz
hFqWF1nfJnTfHg==
-----END CERTIFICATE-----