Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.mft
File:                     Su3gwav6sSsMyZTOsd2_LA2t-iY.mft (raw, json)
Hash identifier:          AxcWjZkDh02AY2nO9U0acxz/vU8np4yw/+7HrF3z34Y=
Subject key identifier:   BD:7C:3E:13:5B:FB:EC:8B:14:14:0D:A4:4E:09:6F:C0:21:CE:D7:A2
Authority key identifier: 4A:ED:E0:C1:AB:FA:B1:2B:0C:C9:94:CE:B1:DD:BF:2C:0D:AD:FA:26
Certificate issuer:       /CN=4aede0c1abfab12b0cc994ceb1ddbf2c0dadfa26
Certificate serial:       0194C388297B92B45A097DC85BD562C491AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Su3gwav6sSsMyZTOsd2_LA2t-iY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.mft
Manifest number:          0A1F
Signing time:             Sat 01 Feb 2025 22:01:08 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:08 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:08 +0000
Files and hashes:         1: Su3gwav6sSsMyZTOsd2_LA2t-iY.crl (hash: AcvEpxKQfCnzttKtYZa1uxWrh2GWTh2no7ZiIq1MX9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Su3gwav6sSsMyZTOsd2_LA2t-iY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:29:7b:92:b4:5a:09:7d:c8:5b:d5:62:c4:91:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aede0c1abfab12b0cc994ceb1ddbf2c0dadfa26
        Validity
            Not Before: Feb  1 22:01:08 2025 GMT
            Not After : Feb  2 22:01:08 2025 GMT
        Subject: CN=bd7c3e135bfbec8b14140da44e096fc021ced7a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:15:b9:0e:95:65:4c:b9:21:d0:5b:04:b6:02:
                    d9:36:4d:9d:ad:71:de:97:fb:39:02:e8:b4:b9:e5:
                    6c:92:5b:f7:18:39:27:50:ed:5d:95:25:65:03:f5:
                    20:21:67:dc:87:df:97:67:5f:11:82:dc:88:e8:46:
                    34:e9:6f:da:24:30:97:aa:1e:8b:b9:4a:da:07:44:
                    c5:64:e3:ac:12:46:d9:cb:01:28:60:5f:74:de:d9:
                    15:9d:62:69:a5:49:9f:d6:d2:e5:fe:a6:04:90:d5:
                    63:91:e5:af:51:d0:4c:94:6a:9c:80:aa:7f:9d:da:
                    25:6f:c8:8e:16:50:e2:ed:b3:d4:86:60:80:b6:b0:
                    4b:d5:d8:f5:e6:f9:dd:01:15:45:29:3c:ac:fb:ea:
                    0f:73:93:58:32:42:01:e2:d1:c6:95:34:f0:30:83:
                    39:07:15:a0:81:43:50:b2:0f:be:e4:d5:02:45:b1:
                    a2:23:56:bb:bc:c5:f9:c4:31:30:69:bb:58:87:e2:
                    bf:ac:e0:e0:9c:93:a2:6e:78:68:a3:f5:5a:1f:09:
                    23:2a:3c:92:4e:39:a4:f1:da:76:a4:f4:6a:46:29:
                    7b:e6:d5:57:99:b4:39:ef:20:07:38:3b:22:6c:64:
                    72:63:84:3d:ff:16:c8:02:15:6a:19:e9:5e:63:ee:
                    77:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:7C:3E:13:5B:FB:EC:8B:14:14:0D:A4:4E:09:6F:C0:21:CE:D7:A2
            X509v3 Authority Key Identifier:
                keyid:4A:ED:E0:C1:AB:FA:B1:2B:0C:C9:94:CE:B1:DD:BF:2C:0D:AD:FA:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su3gwav6sSsMyZTOsd2_LA2t-iY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/289567-937a-402b-b1bc-2c555c9e911d/1/Su3gwav6sSsMyZTOsd2_LA2t-iY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:63:1e:05:62:91:83:b9:6d:63:19:ff:a0:bf:0b:3d:57:47:
         36:fb:a2:e9:39:f8:7a:05:52:a2:8d:c3:f9:66:17:2f:c6:3b:
         29:46:4b:f9:ea:7e:5c:93:da:95:b2:3e:f4:7b:10:40:87:47:
         80:9b:da:6c:22:43:96:22:bf:63:79:56:e8:99:ff:fd:d4:be:
         96:77:5c:7c:4c:1d:26:22:00:12:78:f8:81:1d:e8:b8:88:37:
         5b:7a:cd:34:dd:df:9f:c8:75:01:13:b7:cb:60:65:d5:ec:13:
         be:f3:1e:c6:9b:c5:fd:55:96:e0:ff:ac:95:05:48:2c:27:de:
         83:79:87:58:db:6c:b7:f0:e8:31:0d:5d:73:af:44:57:39:9a:
         c0:59:5a:39:05:67:da:07:31:fb:3c:95:00:db:85:a5:dc:36:
         e0:d2:3a:78:09:fb:91:09:9e:6d:69:95:63:36:d2:12:59:8b:
         3d:e4:3a:26:f4:0c:f7:35:2f:ca:50:3b:4d:5f:28:9e:ee:8c:
         44:a6:95:e0:53:0c:0c:67:34:24:5f:ca:2c:f4:73:5b:73:60:
         42:79:08:ac:91:9c:98:90:da:2e:c4:38:83:3b:8b:de:30:2d:
         ec:a9:59:e7:38:89:1c:fd:d7:ee:4d:28:d0:7c:bd:34:84:ef:
         7b:19:b3:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiCl7krRaCX3IW9VixJGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWRlMGMxYWJmYWIxMmIwY2M5OTRjZWIxZGRiZjJjMGRh
ZGZhMjYwHhcNMjUwMjAxMjIwMTA4WhcNMjUwMjAyMjIwMTA4WjAzMTEwLwYDVQQD
EyhiZDdjM2UxMzViZmJlYzhiMTQxNDBkYTQ0ZTA5NmZjMDIxY2VkN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRW5DpVlTLkh0FsEtgLZNk2drXHe
l/s5Aui0ueVsklv3GDknUO1dlSVlA/UgIWfch9+XZ18RgtyI6EY06W/aJDCXqh6L
uUraB0TFZOOsEkbZywEoYF903tkVnWJppUmf1tLl/qYEkNVjkeWvUdBMlGqcgKp/
ndolb8iOFlDi7bPUhmCAtrBL1dj15vndARVFKTys++oPc5NYMkIB4tHGlTTwMIM5
BxWggUNQsg++5NUCRbGiI1a7vMX5xDEwabtYh+K/rODgnJOibnhoo/VaHwkjKjyS
Tjmk8dp2pPRqRil75tVXmbQ57yAHODsibGRyY4Q9/xbIAhVqGeleY+53KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL18PhNb++yLFBQNpE4Jb8AhzteiMB8GA1UdIwQY
MBaAFErt4MGr+rErDMmUzrHdvywNrfomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UzZ3dhdjZzU3NNeVpUT3NkMl9MQTJ0LWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8yODk1NjctOTM3YS00MDJiLWIxYmMt
MmM1NTVjOWU5MTFkLzEvU3UzZ3dhdjZzU3NNeVpUT3NkMl9MQTJ0LWlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8yODk1NjctOTM3YS00MDJiLWIxYmMtMmM1NTVjOWU5MTFk
LzEvU3UzZ3dhdjZzU3NNeVpUT3NkMl9MQTJ0LWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2MeBWKR
g7ltYxn/oL8LPVdHNvui6Tn4egVSoo3D+WYXL8Y7KUZL+ep+XJPalbI+9HsQQIdH
gJvabCJDliK/Y3lW6Jn//dS+lndcfEwdJiIAEnj4gR3ouIg3W3rNNN3fn8h1ARO3
y2Bl1ewTvvMexpvF/VWW4P+slQVILCfeg3mHWNtst/DoMQ1dc69EVzmawFlaOQVn
2gcx+zyVANuFpdw24NI6eAn7kQmebWmVYzbSElmLPeQ6JvQM9zUvylA7TV8onu6M
RKaV4FMMDGc0JF/KLPRzW3NgQnkIrJGcmJDaLsQ4gzuL3jAt7KlZ5ziJHP3X7k0o
0Hy9NITvexmz1Q==
-----END CERTIFICATE-----