Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
File:                     dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json)
Hash identifier:          izA/9dIxXYwTcUHQKhCHNUiGgiSGmbwFgBHAOfNyLgE=
Subject key identifier:   57:2C:0C:74:4F:48:87:07:0B:2B:2B:34:60:C1:04:C2:C8:E3:A5:59
Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65
Certificate issuer:       /CN=76d4215a625457bc0532191c8803f7c64b7f9065
Certificate serial:       0194BAF27A51F23D40F0DA275C61B5ACBCC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
Manifest number:          0200
Signing time:             Fri 31 Jan 2025 06:00:40 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:40 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:40 +0000
Files and hashes:         1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: k/sAXirh+Of5THACSfIR0wEyvRgu2Ad01l2D0u+Vpi4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:7a:51:f2:3d:40:f0:da:27:5c:61:b5:ac:bc:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065
        Validity
            Not Before: Jan 31 06:00:40 2025 GMT
            Not After : Feb  1 06:00:40 2025 GMT
        Subject: CN=572c0c744f4887070b2b2b3460c104c2c8e3a559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:12:1d:a6:f9:de:15:15:9b:9a:31:1a:d0:6b:
                    14:28:68:bc:f4:1e:a7:e0:db:6f:b4:fc:65:e3:42:
                    f1:1d:e5:d4:ec:61:bf:5f:7f:81:be:6e:63:f8:d0:
                    af:d6:de:89:bc:76:8b:a6:87:69:69:bf:a9:cf:68:
                    11:ff:a8:a6:5f:5b:f7:b2:1e:5b:a4:20:21:3a:21:
                    d2:ff:2b:7c:15:8a:dc:78:56:1e:26:8b:98:ce:3f:
                    db:e1:aa:b6:e7:00:21:a5:01:ae:0b:96:dc:ad:b0:
                    c0:93:dc:c3:83:12:80:fb:97:63:d1:d7:40:03:c0:
                    0e:2e:25:53:1a:f4:d2:67:a4:7a:ac:e9:c2:50:65:
                    32:ab:7b:9c:df:8b:e8:d8:1b:e8:55:41:b1:26:35:
                    fd:33:ec:d6:1d:66:cb:64:88:84:ba:fa:1d:fd:28:
                    af:1d:88:02:8e:48:13:66:f5:cd:f4:d5:43:15:f2:
                    e4:98:54:22:72:ed:76:df:38:83:f7:6d:1d:86:d1:
                    eb:67:ab:3f:f1:93:47:5c:bc:c3:63:ba:14:1b:cb:
                    d0:cb:78:2c:f3:de:76:85:b5:fc:fa:4d:c5:a2:1e:
                    fa:fb:64:ad:1c:19:a2:c6:cd:9f:cf:ad:d2:f1:60:
                    a3:4c:ea:65:84:82:1e:fc:f1:52:81:0a:92:c3:ca:
                    64:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:2C:0C:74:4F:48:87:07:0B:2B:2B:34:60:C1:04:C2:C8:E3:A5:59
            X509v3 Authority Key Identifier:
                keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:9b:e3:97:35:3b:f1:73:21:d6:fe:99:b9:39:d5:d1:92:78:
         19:7a:27:9c:b1:03:9d:8d:84:98:f0:f0:d7:99:65:14:12:16:
         4c:93:f2:00:d6:d8:63:63:ab:d2:db:a8:b7:56:aa:fa:5a:a2:
         bc:be:7b:23:1d:75:33:ff:12:4e:46:f3:ad:ae:b6:c7:c6:f4:
         6d:94:2c:d0:61:15:b7:b3:b4:34:1d:22:b8:4b:8d:5f:63:d2:
         8b:5f:81:ef:6f:94:de:c5:18:af:94:bd:64:3b:46:dd:6f:39:
         56:28:71:03:6d:da:b3:dd:fd:40:2b:30:4b:3f:7d:72:16:25:
         62:a8:77:87:8f:51:e2:31:88:0c:6f:4a:27:f0:1d:e1:2f:be:
         29:b9:6c:64:97:40:8b:58:cf:f1:9a:77:11:06:92:ff:d5:2e:
         9d:16:f9:e5:4b:3d:94:e4:75:78:3c:b4:51:cc:16:d3:5e:fd:
         50:e3:53:48:ab:d7:b0:be:68:86:14:58:13:75:35:a3:4c:b6:
         26:18:78:1e:78:ba:ee:5a:48:76:3a:90:9d:f9:1f:19:31:5d:
         09:72:61:ae:07:53:cd:7c:64:39:4b:8f:3a:84:4b:ee:73:ae:
         76:4b:3c:df:35:88:2a:91:d6:9c:c3:38:e2:a5:d2:39:18:20:
         bb:90:9c:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68npR8j1A8NonXGG1rLzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3
ZjkwNjUwHhcNMjUwMTMxMDYwMDQwWhcNMjUwMjAxMDYwMDQwWjAzMTEwLwYDVQQD
Eyg1NzJjMGM3NDRmNDg4NzA3MGIyYjJiMzQ2MGMxMDRjMmM4ZTNhNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBIdpvneFRWbmjEa0GsUKGi89B6n
4NtvtPxl40LxHeXU7GG/X3+Bvm5j+NCv1t6JvHaLpodpab+pz2gR/6imX1v3sh5b
pCAhOiHS/yt8FYrceFYeJouYzj/b4aq25wAhpQGuC5bcrbDAk9zDgxKA+5dj0ddA
A8AOLiVTGvTSZ6R6rOnCUGUyq3uc34vo2BvoVUGxJjX9M+zWHWbLZIiEuvod/Siv
HYgCjkgTZvXN9NVDFfLkmFQicu123ziD920dhtHrZ6s/8ZNHXLzDY7oUG8vQy3gs
8952hbX8+k3Foh76+2StHBmixs2fz63S8WCjTOplhIIe/PFSgQqSw8pkGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcsDHRPSIcHCysrNGDBBMLI46VZMB8GA1UdIwQY
MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt
Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2
LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpvjlzU7
8XMh1v6ZuTnV0ZJ4GXonnLEDnY2EmPDw15llFBIWTJPyANbYY2Or0tuot1aq+lqi
vL57Ix11M/8STkbzra62x8b0bZQs0GEVt7O0NB0iuEuNX2PSi1+B72+U3sUYr5S9
ZDtG3W85VihxA23as939QCswSz99chYlYqh3h49R4jGIDG9KJ/Ad4S++KblsZJdA
i1jP8Zp3EQaS/9UunRb55Us9lOR1eDy0UcwW0179UONTSKvXsL5ohhRYE3U1o0y2
Jhh4Hni67lpIdjqQnfkfGTFdCXJhrgdTzXxkOUuPOoRL7nOudks83zWIKpHWnMM4
4qXSORggu5Cc+g==
-----END CERTIFICATE-----