Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
File:                     04BE23ZiygAUgai9swt6vRi86ao.mft (raw, json)
Hash identifier:          d3OR2NdChKGr0fQnGWBh81AG0Df+9HDPedgejvX63QM=
Subject key identifier:   09:98:CA:81:97:BB:B7:B9:56:51:A9:BA:BF:7D:17:74:95:90:61:F0
Authority key identifier: D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA
Certificate issuer:       /CN=d38044db7662ca001481a8bdb30b7abd18bce9aa
Certificate serial:       0195116BA50E7B3DB9555CC2246CD18D6F9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
Manifest number:          0F19
Signing time:             Mon 17 Feb 2025 01:00:22 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:22 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:22 +0000
Files and hashes:         1: 04BE23ZiygAUgai9swt6vRi86ao.crl (hash: bpZumGH8LWsl9p3UcwWK+5+60A9afs6QicMJnBkBk9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:a5:0e:7b:3d:b9:55:5c:c2:24:6c:d1:8d:6f:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d38044db7662ca001481a8bdb30b7abd18bce9aa
        Validity
            Not Before: Feb 17 01:00:22 2025 GMT
            Not After : Feb 18 01:00:22 2025 GMT
        Subject: CN=0998ca8197bbb7b95651a9babf7d1774959061f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:56:b3:f9:d8:6a:4f:7d:41:aa:0e:96:ff:a5:
                    b4:0a:85:53:d8:f9:6d:14:7f:71:8d:d0:e0:69:b6:
                    2b:44:47:aa:1b:6a:c3:bd:8a:c2:5b:67:70:2a:60:
                    72:f8:79:64:d5:11:43:27:52:85:64:6b:1d:e0:f6:
                    ff:d4:8e:84:7b:96:66:61:a1:83:80:c2:99:fe:b6:
                    fb:fb:ae:63:81:ea:fb:59:d0:bc:31:ba:69:85:b3:
                    5f:49:b8:89:92:71:b2:ae:d3:16:41:ed:a7:5e:f6:
                    d6:c6:1e:0f:c6:7c:eb:49:66:2a:60:53:1c:dd:9d:
                    da:cf:2f:07:0f:9f:b5:d7:14:93:85:3a:82:1e:c6:
                    0b:34:5a:85:28:f6:8e:20:33:1c:a0:09:39:3b:2e:
                    c6:a9:63:dd:c9:18:57:5d:45:85:47:7a:72:d0:2f:
                    9e:f9:6b:b0:16:4c:4f:ac:dc:43:be:fc:05:cd:41:
                    e2:8c:84:ec:f7:80:bc:cb:25:78:d1:4d:af:9a:d7:
                    75:93:ae:88:54:d2:0f:c0:74:ee:0d:dc:3e:31:72:
                    84:1f:f9:2b:83:dd:d4:cd:09:94:bc:bf:63:4a:07:
                    62:a1:d9:8e:f7:28:13:26:77:9b:ce:ca:95:8d:96:
                    d0:5a:be:ee:5d:91:a2:98:2c:e0:1a:49:69:39:03:
                    11:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:98:CA:81:97:BB:B7:B9:56:51:A9:BA:BF:7D:17:74:95:90:61:F0
            X509v3 Authority Key Identifier:
                keyid:D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d9:fe:1e:c7:87:a8:4d:03:0f:a2:6e:71:d1:56:6a:f4:76:77:
         f7:99:9e:40:e7:0a:3a:39:3e:8a:51:a8:e5:34:2b:0f:1b:36:
         a9:9e:4b:f4:a8:e7:18:51:db:3b:3b:ff:6e:24:ea:2c:91:b6:
         9d:52:24:e1:b2:7c:61:96:3e:19:b4:25:7e:bc:ae:98:c3:e1:
         12:a2:60:08:58:a3:75:13:92:c2:30:48:25:0d:2e:ab:2e:9b:
         57:93:a6:7a:78:bd:e3:f1:8b:ab:fd:5d:e5:7d:9a:54:a4:61:
         69:79:91:fb:60:72:26:5b:19:3f:d8:53:6a:13:1d:47:c0:4d:
         5a:ae:8f:e3:15:46:04:be:5c:6c:31:43:b6:27:83:9b:b7:30:
         4c:d7:6a:f6:6a:d2:9d:66:c2:5e:41:cb:85:38:3b:27:a9:39:
         bd:f8:cb:96:29:64:22:f4:c4:cd:48:4b:e9:0a:f6:e7:9a:9b:
         df:25:d2:61:1e:b1:fe:a3:10:23:51:ee:bd:4b:f7:97:f1:59:
         a3:be:93:ee:7f:fb:9b:2d:db:7c:9f:8f:b1:1d:ec:34:ed:5e:
         64:a2:c4:76:60:8a:19:12:99:c9:e5:53:0f:22:9b:d2:ed:5c:
         29:e5:91:fb:20:8f:44:b4:35:71:9c:7f:3c:46:1b:c0:d7:04:
         de:5c:6b:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa6UOez25VVzCJGzRjW+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODA0NGRiNzY2MmNhMDAxNDgxYThiZGIzMGI3YWJkMThi
Y2U5YWEwHhcNMjUwMjE3MDEwMDIyWhcNMjUwMjE4MDEwMDIyWjAzMTEwLwYDVQQD
EygwOTk4Y2E4MTk3YmJiN2I5NTY1MWE5YmFiZjdkMTc3NDk1OTA2MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlaz+dhqT31Bqg6W/6W0CoVT2Plt
FH9xjdDgabYrREeqG2rDvYrCW2dwKmBy+Hlk1RFDJ1KFZGsd4Pb/1I6Ee5ZmYaGD
gMKZ/rb7+65jger7WdC8MbpphbNfSbiJknGyrtMWQe2nXvbWxh4PxnzrSWYqYFMc
3Z3azy8HD5+11xSThTqCHsYLNFqFKPaOIDMcoAk5Oy7GqWPdyRhXXUWFR3py0C+e
+WuwFkxPrNxDvvwFzUHijITs94C8yyV40U2vmtd1k66IVNIPwHTuDdw+MXKEH/kr
g93UzQmUvL9jSgdiodmO9ygTJnebzsqVjZbQWr7uXZGimCzgGklpOQMRJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmYyoGXu7e5VlGpur99F3SVkGHwMB8GA1UdIwQY
MBaAFNOARNt2YsoAFIGovbMLer0YvOmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYt
MGExMGI4ODFjM2FjLzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYtMGExMGI4ODFjM2Fj
LzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2f4ex4eo
TQMPom5x0VZq9HZ395meQOcKOjk+ilGo5TQrDxs2qZ5L9KjnGFHbOzv/biTqLJG2
nVIk4bJ8YZY+GbQlfryumMPhEqJgCFijdROSwjBIJQ0uqy6bV5Omeni94/GLq/1d
5X2aVKRhaXmR+2ByJlsZP9hTahMdR8BNWq6P4xVGBL5cbDFDtieDm7cwTNdq9mrS
nWbCXkHLhTg7J6k5vfjLlilkIvTEzUhL6Qr255qb3yXSYR6x/qMQI1HuvUv3l/FZ
o76T7n/7my3bfJ+PsR3sNO1eZKLEdmCKGRKZyeVTDyKb0u1cKeWR+yCPRLQ1cZx/
PEYbwNcE3lxrww==
-----END CERTIFICATE-----