Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
File:                     ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft (raw, json)
Hash identifier:          VfykqpiTMdLth3HqOYEbim/xpmg8P1sqjHN3zeKs7KE=
Subject key identifier:   F3:A4:5C:F5:7D:44:66:D0:09:30:8B:C0:9F:42:D6:62:1D:10:0E:06
Authority key identifier: 7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87
Certificate issuer:       /CN=7b0d46c5822cad9253ea53a100f3d936224ae687
Certificate serial:       0194C4D171246FC11275B5149692DC761133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
Manifest number:          025F
Signing time:             Sun 02 Feb 2025 04:00:47 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:47 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:47 +0000
Files and hashes:         1: ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl (hash: XUjJTDFzupePbitzFWbDwLMjknXebSkcSlQNUo33NYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:71:24:6f:c1:12:75:b5:14:96:92:dc:76:11:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0d46c5822cad9253ea53a100f3d936224ae687
        Validity
            Not Before: Feb  2 04:00:47 2025 GMT
            Not After : Feb  3 04:00:47 2025 GMT
        Subject: CN=f3a45cf57d4466d009308bc09f42d6621d100e06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:98:fe:05:fa:91:33:98:79:ac:f5:3f:8d:
                    4a:33:bd:4c:c1:ec:fe:6e:33:3d:0d:42:7b:4a:ff:
                    a8:f9:2c:45:0f:c6:5e:5f:b2:6d:ab:06:0e:6b:5e:
                    2d:50:75:b0:fe:6b:5b:7a:1a:91:ed:58:9f:7a:52:
                    9c:cc:15:fe:25:64:8b:0c:58:51:6e:b6:8a:79:38:
                    c4:38:1b:1f:26:49:8e:bc:ba:47:78:5e:f3:9b:cf:
                    57:1d:74:e2:b3:64:17:71:d7:2a:00:0d:d2:ac:61:
                    16:e9:d1:5d:9a:35:33:c2:26:ec:07:7b:a8:85:44:
                    5c:c4:67:35:5d:98:69:dd:df:38:83:af:ad:c6:17:
                    4c:00:cb:9a:13:f5:00:bd:ec:35:42:7b:34:0c:f0:
                    fb:4b:97:02:3e:4e:dc:02:70:11:bd:18:ac:f4:f8:
                    60:41:76:25:dc:ac:9a:27:9e:36:66:b9:b5:50:b6:
                    b7:09:bd:f7:48:64:0c:00:0f:21:b0:31:ac:19:7f:
                    ce:85:49:a6:b0:be:1e:f8:3a:7f:be:13:c6:6b:66:
                    1b:0a:fc:37:aa:b5:6a:8e:4e:3e:62:88:93:e9:d1:
                    e3:71:1c:70:5e:40:a4:f0:09:fd:1d:c0:45:5c:18:
                    c6:5a:3d:4a:12:9a:1d:94:37:83:ab:7b:83:2b:4f:
                    21:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:A4:5C:F5:7D:44:66:D0:09:30:8B:C0:9F:42:D6:62:1D:10:0E:06
            X509v3 Authority Key Identifier:
                keyid:7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:b4:77:9b:3f:07:1c:f6:d0:ff:ec:a8:2b:18:2d:d3:50:f1:
         f8:57:31:47:75:a8:45:92:d9:ce:cc:82:0f:ba:7e:22:0d:17:
         db:03:e4:49:6e:d8:0d:7f:32:b4:b5:57:40:d6:55:c3:89:6d:
         e6:d1:75:01:77:bc:37:35:52:98:ca:ae:9f:bb:d4:dc:e5:09:
         8c:67:67:0d:23:22:72:23:0f:bc:34:b0:55:79:29:73:a9:6d:
         e5:42:e2:2a:48:6d:f7:94:ba:22:9e:c4:ca:54:cd:82:7d:34:
         cd:aa:36:dd:d6:d9:af:82:cb:ab:07:69:3e:a3:b5:96:60:5c:
         25:33:55:95:52:3f:7a:03:2d:5a:aa:ad:3c:a6:d2:2b:24:ff:
         24:05:ed:60:a6:ac:9a:d9:1a:e2:62:33:23:d8:1c:01:92:9d:
         f3:10:8c:82:cc:c2:63:f9:bf:01:ff:c3:a7:b6:25:48:cd:69:
         22:c7:c0:e5:c3:52:51:3f:d6:e7:d5:65:d2:14:22:0e:a6:16:
         e8:88:bb:e3:e5:bf:8b:e2:2e:98:69:a0:16:00:af:33:10:a6:
         07:3f:20:dc:34:b4:1e:a2:e3:b0:a7:35:a0:1b:15:b8:34:a2:
         8e:89:8d:c1:a3:00:bb:2e:3c:75:15:8c:33:65:cf:4b:6c:cc:
         bf:c9:f3:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0XEkb8ESdbUUlpLcdhEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGQ0NmM1ODIyY2FkOTI1M2VhNTNhMTAwZjNkOTM2MjI0
YWU2ODcwHhcNMjUwMjAyMDQwMDQ3WhcNMjUwMjAzMDQwMDQ3WjAzMTEwLwYDVQQD
EyhmM2E0NWNmNTdkNDQ2NmQwMDkzMDhiYzA5ZjQyZDY2MjFkMTAwZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMeY/gX6kTOYeaz1P41KM71Mwez+
bjM9DUJ7Sv+o+SxFD8ZeX7JtqwYOa14tUHWw/mtbehqR7VifelKczBX+JWSLDFhR
braKeTjEOBsfJkmOvLpHeF7zm89XHXTis2QXcdcqAA3SrGEW6dFdmjUzwibsB3uo
hURcxGc1XZhp3d84g6+txhdMAMuaE/UAvew1Qns0DPD7S5cCPk7cAnARvRis9Phg
QXYl3KyaJ542Zrm1ULa3Cb33SGQMAA8hsDGsGX/OhUmmsL4e+Dp/vhPGa2YbCvw3
qrVqjk4+YoiT6dHjcRxwXkCk8An9HcBFXBjGWj1KEpodlDeDq3uDK08hYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOkXPV9RGbQCTCLwJ9C1mIdEA4GMB8GA1UdIwQY
MBaAFHsNRsWCLK2SU+pToQDz2TYiSuaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAt
YmFhNTllY2UyYjYzLzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAtYmFhNTllY2UyYjYz
LzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrR3mz8H
HPbQ/+yoKxgt01Dx+FcxR3WoRZLZzsyCD7p+Ig0X2wPkSW7YDX8ytLVXQNZVw4lt
5tF1AXe8NzVSmMqun7vU3OUJjGdnDSMiciMPvDSwVXkpc6lt5ULiKkht95S6Ip7E
ylTNgn00zao23dbZr4LLqwdpPqO1lmBcJTNVlVI/egMtWqqtPKbSKyT/JAXtYKas
mtka4mIzI9gcAZKd8xCMgszCY/m/Af/Dp7YlSM1pIsfA5cNSUT/W59Vl0hQiDqYW
6Ii74+W/i+IumGmgFgCvMxCmBz8g3DS0HqLjsKc1oBsVuDSijomNwaMAuy48dRWM
M2XPS2zMv8nzfg==
-----END CERTIFICATE-----