Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          yUdsRM7H0WBQCpItWkr1ttzkCrUVUvgnBNwDQcL20I0=
Subject key identifier:   A5:BD:45:04:2D:B4:08:CA:E2:52:D3:BA:96:20:D5:D1:D5:03:38:12
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       0194C46373F3D0ADA5181DCD38E126C8E004
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          11A5
Signing time:             Sun 02 Feb 2025 02:00:39 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:39 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:39 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: OPDm5SHR4+r5PoOZEPOMbDu7M0grL+QkN0bvWtJdn9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:73:f3:d0:ad:a5:18:1d:cd:38:e1:26:c8:e0:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Feb  2 02:00:39 2025 GMT
            Not After : Feb  3 02:00:39 2025 GMT
        Subject: CN=a5bd45042db408cae252d3ba9620d5d1d5033812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4d:54:11:66:e0:fa:bb:bd:1d:db:ba:85:b3:
                    1c:24:26:d3:f3:78:f9:0e:25:ce:b9:78:81:7d:b3:
                    25:e0:c9:d6:a1:f1:91:70:ea:67:a8:a2:57:ae:81:
                    2a:99:60:dc:a3:41:9a:84:a9:4d:e1:36:4a:04:71:
                    2f:69:2a:6b:13:31:f9:9e:9e:32:c5:f1:13:79:1b:
                    78:d4:61:3f:d9:cc:27:dd:45:9b:24:ed:8d:fe:96:
                    1d:6c:fb:f3:13:e1:3b:e5:bb:05:b9:50:74:3f:fa:
                    8b:8a:38:de:1a:16:12:85:25:de:e8:d4:9d:f5:c7:
                    73:98:6d:37:0f:66:e8:ef:75:72:57:e2:ad:1a:5a:
                    66:61:a4:e3:c5:73:f0:92:e9:a6:ec:e2:3b:7d:a3:
                    f4:34:b0:15:aa:05:dc:c3:31:03:ba:b8:31:60:f3:
                    d9:30:32:11:3f:f2:f6:13:0c:b9:db:6b:cd:ce:67:
                    fc:0b:bc:43:bd:b5:58:83:1e:00:c5:24:20:b9:5f:
                    a4:58:33:9e:65:19:bb:8e:e1:93:21:09:a0:c1:e2:
                    02:c1:65:91:05:47:30:d4:2b:77:cf:55:96:f4:89:
                    4c:f6:55:97:c9:55:da:45:ce:12:5d:c0:d9:8f:c2:
                    0d:aa:6d:53:d5:ce:e7:ad:8d:32:73:3b:3e:c9:8c:
                    e5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BD:45:04:2D:B4:08:CA:E2:52:D3:BA:96:20:D5:D1:D5:03:38:12
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:2d:23:5c:a3:a1:b7:6c:61:02:81:e3:b4:a4:5f:9e:74:5e:
         0d:3b:7b:5f:66:f7:11:98:c3:ca:a3:27:66:f1:72:70:c1:6c:
         de:5e:91:c1:5d:c8:a5:ba:62:45:31:7f:df:da:ce:13:de:e5:
         03:cd:ce:81:fd:74:2a:cd:2b:c6:05:94:10:bc:77:a2:d6:61:
         56:aa:81:5a:22:38:93:68:22:8c:4f:e7:17:39:35:82:4f:77:
         8b:97:b1:bd:13:f6:14:00:a7:96:15:be:c8:98:d3:97:11:46:
         a0:94:ec:98:18:93:9e:b5:a3:e6:55:ae:82:e7:d5:cb:41:06:
         21:48:e0:2d:38:a0:c8:5e:46:43:10:04:77:80:37:38:99:3c:
         3c:5e:55:b2:18:23:d2:8c:25:60:bc:11:21:ed:06:d2:06:d8:
         ac:c6:66:c2:97:33:97:71:db:ef:6a:03:53:d6:a8:47:4e:50:
         85:ee:e3:0b:e1:3f:8b:7d:45:dd:ea:e4:39:17:7d:66:55:63:
         af:ac:20:98:9f:c6:cd:81:0a:a7:81:99:e7:5c:91:07:10:ce:
         1e:e4:fd:38:ff:92:e0:0e:f2:94:0a:2f:ab:e9:0a:f0:59:81:
         13:2f:e5:a4:d8:3a:86:9a:fb:2a:83:85:1d:00:a0:35:49:a8:
         de:8c:11:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY3Pz0K2lGB3NOOEmyOAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwMjAyMDIwMDM5WhcNMjUwMjAzMDIwMDM5WjAzMTEwLwYDVQQD
EyhhNWJkNDUwNDJkYjQwOGNhZTI1MmQzYmE5NjIwZDVkMWQ1MDMzODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt01UEWbg+ru9Hdu6hbMcJCbT83j5
DiXOuXiBfbMl4MnWofGRcOpnqKJXroEqmWDco0GahKlN4TZKBHEvaSprEzH5np4y
xfETeRt41GE/2cwn3UWbJO2N/pYdbPvzE+E75bsFuVB0P/qLijjeGhYShSXe6NSd
9cdzmG03D2bo73VyV+KtGlpmYaTjxXPwkumm7OI7faP0NLAVqgXcwzEDurgxYPPZ
MDIRP/L2Ewy522vNzmf8C7xDvbVYgx4AxSQguV+kWDOeZRm7juGTIQmgweICwWWR
BUcw1Ct3z1WW9IlM9lWXyVXaRc4SXcDZj8INqm1T1c7nrY0yczs+yYzlCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW9RQQttAjK4lLTupYg1dHVAzgSMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApC0jXKOh
t2xhAoHjtKRfnnReDTt7X2b3EZjDyqMnZvFycMFs3l6RwV3IpbpiRTF/39rOE97l
A83Ogf10Ks0rxgWUELx3otZhVqqBWiI4k2gijE/nFzk1gk93i5exvRP2FACnlhW+
yJjTlxFGoJTsmBiTnrWj5lWugufVy0EGIUjgLTigyF5GQxAEd4A3OJk8PF5Vshgj
0owlYLwRIe0G0gbYrMZmwpczl3Hb72oDU9aoR05Qhe7jC+E/i31F3erkORd9ZlVj
r6wgmJ/GzYEKp4GZ51yRBxDOHuT9OP+S4A7ylAovq+kK8FmBEy/lpNg6hpr7KoOF
HQCgNUmo3owRig==
-----END CERTIFICATE-----