Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          g3ysnsD5G/14gW7qL3hqZ1SezA1qhUPj3fKWiOzvJaI=
Subject key identifier:   08:79:EF:96:4F:02:2C:41:42:F7:4B:45:E3:F2:5B:AE:7F:5E:66:24
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       0194C3F632E4210C156C72EA9790E692E7A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          142B
Signing time:             Sun 02 Feb 2025 00:01:19 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:19 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:19 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: GjjuEjZFTBXaKzRPdiQZpLi8AikmK9T+mGTtIX25XhM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:32:e4:21:0c:15:6c:72:ea:97:90:e6:92:e7:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Feb  2 00:01:19 2025 GMT
            Not After : Feb  3 00:01:19 2025 GMT
        Subject: CN=0879ef964f022c4142f74b45e3f25bae7f5e6624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a5:c7:68:bb:aa:66:32:5a:e2:77:81:73:b1:
                    96:30:e8:75:04:35:01:db:e4:ae:ee:ef:16:4f:9b:
                    0b:b6:64:7b:42:4f:5f:67:8b:d3:b9:35:53:e2:74:
                    e1:fa:89:c4:7b:ce:33:87:89:23:8b:06:a5:d3:49:
                    46:5e:bc:89:0b:f4:1d:c9:bf:1e:49:b4:71:dd:c4:
                    e3:67:c7:75:8d:7a:12:4c:24:d3:7a:53:65:16:b0:
                    d5:c5:5d:07:56:2c:9b:35:b5:af:8a:e3:04:85:dc:
                    c0:e0:65:f0:da:03:70:1c:97:28:1f:54:28:20:20:
                    e8:67:29:7a:89:6a:cd:65:31:12:f0:64:13:c7:01:
                    e4:23:55:e8:c3:4a:c2:3b:70:8e:f1:9e:e3:d5:3b:
                    13:98:34:a2:d6:fe:ce:77:8f:7d:e8:89:67:38:b2:
                    a9:79:bb:a7:2b:3a:6f:ef:72:51:fc:27:8c:49:aa:
                    c5:14:8d:b5:ee:79:79:c2:74:fc:f9:7a:bc:43:f0:
                    c8:a6:38:41:d0:f7:ac:54:1c:45:36:5c:7d:e4:7f:
                    23:be:f8:0f:a6:8d:44:7b:ea:9f:fe:aa:ef:e5:3a:
                    c8:d3:0f:18:b3:61:68:d9:ee:08:e2:47:81:35:68:
                    fc:f5:14:d1:50:56:02:50:9f:61:3f:c0:f1:04:d0:
                    22:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:79:EF:96:4F:02:2C:41:42:F7:4B:45:E3:F2:5B:AE:7F:5E:66:24
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:3f:3d:64:59:26:72:f8:61:46:2b:e0:59:c8:dd:69:f2:cb:
         4c:48:9f:4e:dd:8c:21:b4:3f:a5:4f:ce:d6:9b:c9:e1:66:c0:
         30:aa:5e:0b:39:6c:11:99:f8:11:87:3e:c0:c6:c0:de:8a:44:
         be:2f:fa:e5:ee:85:96:2d:37:ee:76:31:ca:f5:cc:35:4e:fb:
         20:af:d2:07:d1:6a:5e:8d:77:e7:b9:05:1d:a3:24:70:79:0d:
         d1:9e:3c:5b:8d:9d:6d:1e:82:b7:96:99:05:cb:ba:4b:92:34:
         00:ab:c1:ae:79:24:82:05:b7:87:9a:de:6d:c5:54:8f:32:cb:
         99:cf:b4:5d:62:c9:c1:a4:5e:f9:e3:69:3b:65:e8:e5:e4:fa:
         32:b6:8f:c2:1b:8d:0c:f1:2a:de:aa:83:14:fd:8b:3e:bc:c4:
         00:3f:97:a5:9e:87:41:85:24:8f:e7:01:75:fc:07:14:81:ee:
         e0:ac:0c:7d:8d:77:d5:6b:b7:3b:d7:39:93:3d:b9:81:06:ce:
         b9:43:52:15:e3:9d:e7:b4:9d:07:06:a6:d2:85:4c:e7:77:4f:
         a7:6b:df:49:c1:16:4b:c5:aa:78:91:9b:9c:ab:5d:9b:ae:7a:
         d9:2b:b4:45:14:8e:2e:2e:95:8f:92:c6:12:9e:51:5d:82:50:
         ab:54:4f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9jLkIQwVbHLql5DmkuelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwMjAyMDAwMTE5WhcNMjUwMjAzMDAwMTE5WjAzMTEwLwYDVQQD
EygwODc5ZWY5NjRmMDIyYzQxNDJmNzRiNDVlM2YyNWJhZTdmNWU2NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaXHaLuqZjJa4neBc7GWMOh1BDUB
2+Su7u8WT5sLtmR7Qk9fZ4vTuTVT4nTh+onEe84zh4kjiwal00lGXryJC/Qdyb8e
SbRx3cTjZ8d1jXoSTCTTelNlFrDVxV0HViybNbWviuMEhdzA4GXw2gNwHJcoH1Qo
ICDoZyl6iWrNZTES8GQTxwHkI1Xow0rCO3CO8Z7j1TsTmDSi1v7Od4996IlnOLKp
ebunKzpv73JR/CeMSarFFI217nl5wnT8+Xq8Q/DIpjhB0PesVBxFNlx95H8jvvgP
po1Ee+qf/qrv5TrI0w8Ys2Fo2e4I4keBNWj89RTRUFYCUJ9hP8DxBNAiYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAh575ZPAixBQvdLRePyW65/XmYkMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuj89ZFkm
cvhhRivgWcjdafLLTEifTt2MIbQ/pU/O1pvJ4WbAMKpeCzlsEZn4EYc+wMbA3opE
vi/65e6Fli037nYxyvXMNU77IK/SB9FqXo1357kFHaMkcHkN0Z48W42dbR6Ct5aZ
Bcu6S5I0AKvBrnkkggW3h5rebcVUjzLLmc+0XWLJwaRe+eNpO2Xo5eT6MraPwhuN
DPEq3qqDFP2LPrzEAD+XpZ6HQYUkj+cBdfwHFIHu4KwMfY131Wu3O9c5kz25gQbO
uUNSFeOd57SdBwam0oVM53dPp2vfScEWS8WqeJGbnKtdm6562Su0RRSOLi6Vj5LG
Ep5RXYJQq1RPww==
-----END CERTIFICATE-----