Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          5vD6EHsPmG8tNjLUuG3eeQBbjCZG51F1AIhBzdTfrcg=
Subject key identifier:   E2:07:87:36:88:F6:82:4C:51:70:36:86:17:FC:79:0A:7A:61:09:A5
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       019511A2BFCD8CE81C789393B2845A440661
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          014B
Signing time:             Mon 17 Feb 2025 02:00:33 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:33 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:33 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: nhOveO5mdlkmN18FNm6P3UPyl2nVoK6+EzgBiFqk/kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:bf:cd:8c:e8:1c:78:93:93:b2:84:5a:44:06:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Feb 17 02:00:33 2025 GMT
            Not After : Feb 18 02:00:33 2025 GMT
        Subject: CN=e207873688f6824c5170368617fc790a7a6109a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:86:62:25:f3:53:0f:9c:de:f2:d3:b0:82:d7:
                    be:8f:2c:8f:c7:22:de:5b:89:6e:bf:d3:4e:35:b3:
                    c8:ef:ad:54:66:6a:59:42:04:55:f5:09:fb:03:20:
                    f3:bb:c6:e9:df:31:b6:09:ae:df:8f:97:b0:cf:db:
                    04:b2:a2:6d:4c:da:70:86:5c:02:28:7b:79:e0:60:
                    5e:5d:74:df:1d:cd:92:47:56:8a:1d:bf:f9:3d:e4:
                    d4:68:4d:3d:0c:79:04:65:31:c6:bf:da:7c:12:ef:
                    e9:80:fd:0f:23:73:47:2f:eb:ff:ad:59:60:f8:43:
                    b6:07:32:3d:0b:6b:ef:c0:02:ef:90:a0:f0:94:d2:
                    82:c7:d5:35:a6:f3:fc:46:81:00:27:75:b1:b1:1f:
                    5d:6b:c1:a6:1c:60:ee:1e:23:d5:3f:64:94:6d:50:
                    0a:16:be:c9:bb:4d:e0:2c:fc:fa:1f:a9:91:6d:c7:
                    fe:77:2c:d2:be:cf:df:b5:a8:24:6b:91:1d:f2:53:
                    d6:22:81:5d:25:5c:73:db:e1:3d:8a:0b:8e:c0:75:
                    ff:4f:b0:37:c2:9f:b2:99:7c:fa:f7:cb:28:56:22:
                    c2:93:b4:36:e9:9d:28:d0:0c:ec:ec:a8:d6:60:ae:
                    01:68:1e:e9:49:e7:52:a1:30:65:dd:f3:84:fb:78:
                    89:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:07:87:36:88:F6:82:4C:51:70:36:86:17:FC:79:0A:7A:61:09:A5
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:5f:4e:31:ab:1d:77:a5:93:76:54:e2:7b:ca:69:8a:2f:f2:
         c2:c1:98:34:55:ff:1b:62:78:50:fe:72:ed:0d:0a:1c:a8:9e:
         c7:fd:ee:10:27:cb:60:49:8e:6a:6f:7f:f3:f5:82:df:41:6b:
         9a:9e:f8:8f:fa:0c:f9:88:b4:a7:14:11:af:85:3a:b5:a0:70:
         7b:ad:c6:ee:b3:75:ab:9e:16:7a:a9:cc:28:3c:4b:f7:52:fd:
         ba:67:f4:b4:84:34:1a:a0:fb:d1:55:ff:d4:fe:a2:bb:0d:3b:
         1a:3f:8f:48:53:94:c9:22:a7:f1:03:7f:bc:3c:cd:af:da:70:
         f0:0e:7d:86:ca:65:bc:db:5a:de:4d:7c:8c:1d:2a:18:b7:dd:
         5b:09:9d:98:2a:57:91:69:2a:e8:18:23:91:74:b3:1c:fb:9b:
         2e:b5:4f:d1:05:4a:13:4b:21:4c:26:19:89:d3:33:54:bd:d6:
         f2:a0:97:06:20:23:56:33:a3:8f:f1:09:2a:cb:4f:d1:48:1b:
         20:2b:b4:d0:76:34:6c:03:27:00:08:77:21:e1:b6:a8:b4:11:
         1d:03:ee:dd:ad:18:ba:37:8d:22:1a:04:b9:5e:46:28:06:08:
         26:e4:dc:32:25:1a:97:dd:77:f9:50:fa:b7:69:c8:a7:7d:d7:
         bd:f8:44:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURor/NjOgceJOTsoRaRAZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUwMjE3MDIwMDMzWhcNMjUwMjE4MDIwMDMzWjAzMTEwLwYDVQQD
EyhlMjA3ODczNjg4ZjY4MjRjNTE3MDM2ODYxN2ZjNzkwYTdhNjEwOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4ZiJfNTD5ze8tOwgte+jyyPxyLe
W4luv9NONbPI761UZmpZQgRV9Qn7AyDzu8bp3zG2Ca7fj5ewz9sEsqJtTNpwhlwC
KHt54GBeXXTfHc2SR1aKHb/5PeTUaE09DHkEZTHGv9p8Eu/pgP0PI3NHL+v/rVlg
+EO2BzI9C2vvwALvkKDwlNKCx9U1pvP8RoEAJ3WxsR9da8GmHGDuHiPVP2SUbVAK
Fr7Ju03gLPz6H6mRbcf+dyzSvs/ftagka5Ed8lPWIoFdJVxz2+E9iguOwHX/T7A3
wp+ymXz698soViLCk7Q26Z0o0Azs7KjWYK4BaB7pSedSoTBl3fOE+3iJZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIHhzaI9oJMUXA2hhf8eQp6YQmlMB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL19OMasd
d6WTdlTie8ppii/ywsGYNFX/G2J4UP5y7Q0KHKiex/3uECfLYEmOam9/8/WC30Fr
mp74j/oM+Yi0pxQRr4U6taBwe63G7rN1q54WeqnMKDxL91L9umf0tIQ0GqD70VX/
1P6iuw07Gj+PSFOUySKn8QN/vDzNr9pw8A59hsplvNta3k18jB0qGLfdWwmdmCpX
kWkq6BgjkXSzHPubLrVP0QVKE0shTCYZidMzVL3W8qCXBiAjVjOjj/EJKstP0Ugb
ICu00HY0bAMnAAh3IeG2qLQRHQPu3a0YujeNIhoEuV5GKAYIJuTcMiUal913+VD6
t2nIp33XvfhEwg==
-----END CERTIFICATE-----