Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
File:                     ews7OUhl5LhbaGo59V7UvmU2pII.mft (raw, json)
Hash identifier:          P5dkJkb3ngxOnvtdspzjF9kV2kNHobXarVodiIeS6wo=
Subject key identifier:   42:B1:0E:E7:F3:53:02:A5:29:76:33:0C:90:D3:84:84:03:89:F7:0E
Authority key identifier: 7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82
Certificate issuer:       /CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
Certificate serial:       01951135636012CA628FC3FF2309500791D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
Manifest number:          053B
Signing time:             Mon 17 Feb 2025 00:01:06 +0000
Manifest this update:     Mon 17 Feb 2025 00:01:06 +0000
Manifest next update:     Tue 18 Feb 2025 00:01:06 +0000
Files and hashes:         1: ews7OUhl5LhbaGo59V7UvmU2pII.crl (hash: Cz47aInwLVWO4XaoSEXzzwuW1fQV5XNoFki68qDX50c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:63:60:12:ca:62:8f:c3:ff:23:09:50:07:91:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0b3b394865e4b85b686a39f55ed4be6536a482
        Validity
            Not Before: Feb 17 00:01:06 2025 GMT
            Not After : Feb 18 00:01:06 2025 GMT
        Subject: CN=42b10ee7f35302a52976330c90d384840389f70e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a6:1f:8b:5f:3e:a6:4f:ba:37:f4:51:9b:10:
                    58:89:75:f4:8d:40:84:75:3d:cb:b9:ed:1f:70:d6:
                    12:7c:34:dd:06:f7:b9:39:94:f0:e8:8b:3b:37:87:
                    c6:2f:dc:79:fc:b9:49:fb:05:65:6e:2f:65:d0:53:
                    b5:13:18:db:a7:91:38:af:d1:44:4a:33:1b:0f:ce:
                    5b:03:0e:ef:a4:b4:fd:57:2e:5e:98:40:3f:b6:6a:
                    3e:58:70:2b:f8:5f:68:a7:f9:14:3c:2c:c9:ad:27:
                    1b:85:05:52:af:13:e9:a2:2a:d9:2e:77:16:e6:3f:
                    bd:ce:1f:57:92:3e:26:f4:67:e3:b1:4d:da:12:5d:
                    93:d8:f1:06:3b:4e:db:e2:5e:49:68:d2:c1:9f:56:
                    89:2d:ea:5b:a1:10:dd:b2:f9:a6:ed:2f:8a:19:31:
                    3c:f2:81:05:58:f3:a5:af:ff:59:f3:6d:a9:d1:02:
                    7f:40:bf:68:1e:37:6e:9a:f5:da:dc:b2:30:5f:c7:
                    82:b6:8d:5a:fe:f6:ee:df:20:d8:07:78:83:8a:71:
                    15:ab:30:9f:75:71:5c:4d:ba:45:83:b5:0f:8f:f1:
                    8b:db:cf:25:9d:df:c5:19:48:2e:93:f8:4e:8c:95:
                    7f:e2:c0:b3:37:60:c7:db:24:92:49:51:cc:4f:ff:
                    47:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B1:0E:E7:F3:53:02:A5:29:76:33:0C:90:D3:84:84:03:89:F7:0E
            X509v3 Authority Key Identifier:
                keyid:7B:0B:3B:39:48:65:E4:B8:5B:68:6A:39:F5:5E:D4:BE:65:36:A4:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ews7OUhl5LhbaGo59V7UvmU2pII.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/db38ab-c3cf-4622-87f6-2c8d0011e88a/1/ews7OUhl5LhbaGo59V7UvmU2pII.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:01:1b:0b:52:ac:fd:c2:74:d8:6e:a1:f2:7b:96:13:08:9a:
         a5:93:88:af:fb:62:1d:7f:99:1f:a4:13:c2:4e:86:2c:2a:9d:
         4c:84:79:e9:0b:f8:76:a4:c3:4b:a8:ed:ad:93:99:f1:56:c5:
         00:b0:b0:7f:26:0a:05:8f:35:6b:76:b4:22:e1:33:46:06:14:
         3c:3d:39:6f:38:8a:27:e3:c9:f0:4c:11:8e:61:2d:b4:fa:b6:
         69:2d:de:d6:5b:46:ac:67:f7:9e:16:00:0d:a5:5c:46:28:07:
         6e:4b:b7:a0:31:b1:be:2e:4c:39:d0:ba:7b:de:72:44:3d:37:
         ac:ad:35:ae:74:52:4d:f6:bc:5d:f4:9c:21:f5:4c:cf:c0:e9:
         cb:18:09:14:f6:6e:06:12:b6:5d:85:8d:28:ed:b7:e4:f0:26:
         f9:90:92:d4:da:d5:6a:da:33:84:20:a1:af:19:2d:c7:2a:56:
         71:5f:f7:35:95:5a:36:9f:4f:06:1f:cd:ef:78:18:99:aa:f5:
         bd:de:ce:2a:2e:f7:74:90:50:8c:d6:db:2a:9f:53:82:39:aa:
         54:a6:02:87:08:7a:2b:34:02:af:5a:78:b5:61:e4:67:2c:f7:
         6e:a6:7d:87:51:1c:21:ef:16:5d:54:f5:6a:fe:0b:a9:65:59:
         a0:f2:24:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNWNgEspij8P/IwlQB5HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGIzYjM5NDg2NWU0Yjg1YjY4NmEzOWY1NWVkNGJlNjUz
NmE0ODIwHhcNMjUwMjE3MDAwMTA2WhcNMjUwMjE4MDAwMTA2WjAzMTEwLwYDVQQD
Eyg0MmIxMGVlN2YzNTMwMmE1Mjk3NjMzMGM5MGQzODQ4NDAzODlmNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaYfi18+pk+6N/RRmxBYiXX0jUCE
dT3Lue0fcNYSfDTdBve5OZTw6Is7N4fGL9x5/LlJ+wVlbi9l0FO1Exjbp5E4r9FE
SjMbD85bAw7vpLT9Vy5emEA/tmo+WHAr+F9op/kUPCzJrScbhQVSrxPpoirZLncW
5j+9zh9Xkj4m9GfjsU3aEl2T2PEGO07b4l5JaNLBn1aJLepboRDdsvmm7S+KGTE8
8oEFWPOlr/9Z822p0QJ/QL9oHjdumvXa3LIwX8eCto1a/vbu3yDYB3iDinEVqzCf
dXFcTbpFg7UPj/GL288lnd/FGUguk/hOjJV/4sCzN2DH2ySSSVHMT/9H4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKxDufzUwKlKXYzDJDThIQDifcOMB8GA1UdIwQY
MBaAFHsLOzlIZeS4W2hqOfVe1L5lNqSCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYt
MmM4ZDAwMTFlODhhLzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9kYjM4YWItYzNjZi00NjIyLTg3ZjYtMmM4ZDAwMTFlODhh
LzEvZXdzN09VaGw1TGhiYUdvNTlWN1V2bVUycElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZwEbC1Ks
/cJ02G6h8nuWEwiapZOIr/tiHX+ZH6QTwk6GLCqdTIR56Qv4dqTDS6jtrZOZ8VbF
ALCwfyYKBY81a3a0IuEzRgYUPD05bziKJ+PJ8EwRjmEttPq2aS3e1ltGrGf3nhYA
DaVcRigHbku3oDGxvi5MOdC6e95yRD03rK01rnRSTfa8XfScIfVMz8DpyxgJFPZu
BhK2XYWNKO235PAm+ZCS1NrVatozhCChrxktxypWcV/3NZVaNp9PBh/N73gYmar1
vd7OKi73dJBQjNbbKp9TgjmqVKYChwh6KzQCr1p4tWHkZyz3bqZ9h1EcIe8WXVT1
av4LqWVZoPIkyQ==
-----END CERTIFICATE-----