Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
File:                     P5oSEPUJkiOdOn8uXoATtatJH_8.mft (raw, json)
Hash identifier:          E+nPzjCuxVg0u5ywMoetMv2DIRb1vWeMBRbxMiqJDt8=
Subject key identifier:   C5:55:27:62:8E:B4:93:74:EA:41:45:CD:27:DB:28:F8:92:16:7D:DD
Authority key identifier: 3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF
Certificate issuer:       /CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff
Certificate serial:       019512109BF0B04C9AE3F8EAFBDCC82AA02C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
Manifest number:          1025
Signing time:             Mon 17 Feb 2025 04:00:33 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:33 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:33 +0000
Files and hashes:         1: P5oSEPUJkiOdOn8uXoATtatJH_8.crl (hash: V8v7c5pSS7qlNSHrZyjgVJ8nB3NT4uLPUceprVkZ2hk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:9b:f0:b0:4c:9a:e3:f8:ea:fb:dc:c8:2a:a0:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff
        Validity
            Not Before: Feb 17 04:00:33 2025 GMT
            Not After : Feb 18 04:00:33 2025 GMT
        Subject: CN=c55527628eb49374ea4145cd27db28f892167ddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:11:94:c3:ad:a8:7f:79:4a:2f:ff:26:c7:e9:
                    a0:92:42:4a:43:86:7d:a0:f0:f9:60:ef:fb:8b:8a:
                    98:e3:70:7f:a9:cf:de:bd:4b:20:e7:4d:6f:aa:4d:
                    1b:c1:7c:42:00:33:cf:97:fe:8b:db:cb:57:ee:68:
                    9d:6d:96:78:48:e4:35:5e:a7:61:40:3f:ed:ae:c2:
                    c5:d4:a5:b1:c5:d3:29:8e:17:f7:76:21:cb:3f:cc:
                    c1:f2:07:8f:48:4a:d2:4f:e7:a9:f9:ac:8e:6e:d3:
                    8c:0a:ad:1e:a3:1b:5d:a5:e4:8f:3f:d5:5e:8a:0a:
                    38:e9:37:68:47:a3:b4:1a:ad:3d:90:bd:fb:8e:41:
                    67:5c:30:d8:45:c0:fb:72:1c:ec:f4:cd:7e:50:0b:
                    6c:1e:d5:5d:e2:b6:6a:a2:84:c1:71:6b:27:38:f7:
                    e5:ba:b1:ee:48:f0:8e:42:a8:88:e7:9e:ea:0d:45:
                    10:71:1b:fd:f9:61:73:87:ba:0f:28:db:d4:9f:a5:
                    32:65:81:f6:83:82:52:50:c4:d0:ce:02:10:28:c5:
                    b9:d3:bf:31:a7:69:42:df:bf:f5:12:a7:a3:2a:b1:
                    b4:30:bd:86:98:97:ac:9d:3f:3b:e4:98:ab:2e:8a:
                    cf:fd:f6:8f:78:73:fd:b2:70:5a:ab:2f:9e:4a:bc:
                    62:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:55:27:62:8E:B4:93:74:EA:41:45:CD:27:DB:28:F8:92:16:7D:DD
            X509v3 Authority Key Identifier:
                keyid:3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:33:40:2c:37:78:3a:06:c5:68:ad:c0:be:7e:d1:74:47:d0:
         49:44:5f:f7:0d:0f:16:83:19:2f:b5:6d:fb:88:4b:7b:c7:ae:
         cb:bc:ec:13:b7:8a:71:d3:45:00:60:5a:2e:bd:9d:f1:f6:93:
         2d:75:d8:90:0d:9d:35:c2:13:88:e1:23:2e:43:d8:87:18:62:
         81:9d:a3:82:a5:40:fd:42:ae:f4:68:e3:75:eb:75:73:88:72:
         1a:d1:35:9d:b5:28:f0:f7:02:fc:93:3a:5c:71:06:23:97:72:
         bc:08:f3:74:9a:a4:26:35:12:6f:f2:12:8d:60:ac:55:29:84:
         02:f8:b3:fe:35:e3:ff:89:14:77:a6:35:ad:7c:76:06:ca:a6:
         5e:a7:06:8f:63:ec:32:82:ed:c0:11:a0:35:c4:6c:d7:26:8d:
         b8:3f:c6:35:51:4e:18:73:f9:77:45:30:52:c3:c7:69:16:a4:
         92:15:7c:bd:31:62:31:51:70:f3:33:55:b3:0a:b3:b5:e1:d7:
         6d:c2:93:e5:b3:60:f6:d2:a1:1e:e9:8c:5c:27:70:23:cf:08:
         d8:c3:2f:47:66:20:20:36:b4:ed:c6:0b:f8:cf:42:bc:05:a7:
         b4:d0:72:f6:7b:1b:ca:84:25:21:38:0e:50:0e:0b:96:81:00:
         f6:5c:9d:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEJvwsEya4/jq+9zIKqAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOWExMjEwZjUwOTkyMjM5ZDNhN2YyZTVlODAxM2I1YWI0
OTFmZmYwHhcNMjUwMjE3MDQwMDMzWhcNMjUwMjE4MDQwMDMzWjAzMTEwLwYDVQQD
EyhjNTU1Mjc2MjhlYjQ5Mzc0ZWE0MTQ1Y2QyN2RiMjhmODkyMTY3ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BGUw62of3lKL/8mx+mgkkJKQ4Z9
oPD5YO/7i4qY43B/qc/evUsg501vqk0bwXxCADPPl/6L28tX7midbZZ4SOQ1Xqdh
QD/trsLF1KWxxdMpjhf3diHLP8zB8gePSErST+ep+ayObtOMCq0eoxtdpeSPP9Ve
igo46TdoR6O0Gq09kL37jkFnXDDYRcD7chzs9M1+UAtsHtVd4rZqooTBcWsnOPfl
urHuSPCOQqiI557qDUUQcRv9+WFzh7oPKNvUn6UyZYH2g4JSUMTQzgIQKMW5078x
p2lC37/1EqejKrG0ML2GmJesnT875JirLorP/faPeHP9snBaqy+eSrxinwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVVJ2KOtJN06kFFzSfbKPiSFn3dMB8GA1UdIwQY
MBaAFD+aEhD1CZIjnTp/Ll6AE7WrSR//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUt
YTg3MzRmNzAzYjk4LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUtYTg3MzRmNzAzYjk4
LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAADNALDd4
OgbFaK3Avn7RdEfQSURf9w0PFoMZL7Vt+4hLe8euy7zsE7eKcdNFAGBaLr2d8faT
LXXYkA2dNcITiOEjLkPYhxhigZ2jgqVA/UKu9Gjjdet1c4hyGtE1nbUo8PcC/JM6
XHEGI5dyvAjzdJqkJjUSb/ISjWCsVSmEAviz/jXj/4kUd6Y1rXx2BsqmXqcGj2Ps
MoLtwBGgNcRs1yaNuD/GNVFOGHP5d0UwUsPHaRakkhV8vTFiMVFw8zNVswqzteHX
bcKT5bNg9tKhHumMXCdwI88I2MMvR2YgIDa07cYL+M9CvAWntNBy9nsbyoQlITgO
UA4LloEA9lydtg==
-----END CERTIFICATE-----