Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
File:                     vtJXlaaCsRmplIBal2V4U9dUoFw.mft (raw, json)
Hash identifier:          h1tdv0wVq6dgdl6ps134Id+7fn6KJwkNiS/62X6QiPw=
Subject key identifier:   92:58:C5:3C:DE:1E:0D:F7:0D:48:39:DD:7C:FE:13:58:CB:30:3F:E8
Authority key identifier: BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C
Certificate issuer:       /CN=bed25795a682b119a994805a97657853d754a05c
Certificate serial:       0194C3F54D21BE026C94803489F4E675583C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
Manifest number:          08BC
Signing time:             Sun 02 Feb 2025 00:00:20 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:20 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:20 +0000
Files and hashes:         1: vtJXlaaCsRmplIBal2V4U9dUoFw.crl (hash: ia5rgtlmms3xhAYwmrJiYi/RwCNX0J8v78hONWVgHxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:4d:21:be:02:6c:94:80:34:89:f4:e6:75:58:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bed25795a682b119a994805a97657853d754a05c
        Validity
            Not Before: Feb  2 00:00:20 2025 GMT
            Not After : Feb  3 00:00:20 2025 GMT
        Subject: CN=9258c53cde1e0df70d4839dd7cfe1358cb303fe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d5:c3:40:6e:86:ac:d5:95:c5:4e:88:b6:79:
                    39:f0:4f:54:38:d6:c6:4b:69:ed:75:bc:64:18:5b:
                    e7:9d:4b:cc:ca:2c:39:e8:6c:62:0e:79:d9:e2:86:
                    c5:ba:76:57:e3:d7:28:1b:2c:40:67:a1:75:00:cf:
                    15:65:ed:15:c6:22:8f:bb:b0:8c:3c:9c:e3:21:9e:
                    15:d0:22:c0:9c:5a:78:54:1a:17:22:b9:ef:02:35:
                    f2:97:e8:28:c7:32:14:36:b4:1e:75:f0:50:89:99:
                    e5:aa:b3:81:fd:ff:01:9f:c7:ea:86:20:b0:22:86:
                    c7:bd:79:02:ef:8c:e1:64:80:bb:3d:f0:12:a1:ff:
                    6b:35:b8:9a:36:2b:2a:bf:be:45:3f:aa:de:ae:91:
                    fa:1f:23:5d:dc:9e:1f:85:af:a2:b5:12:29:49:09:
                    09:af:0b:30:4f:60:54:b5:e2:cc:53:d5:68:87:24:
                    b9:e3:1d:a7:ba:da:55:09:5c:f1:c0:d8:02:7d:98:
                    ad:63:c4:6a:70:56:b7:99:1b:0a:76:96:2e:f1:b9:
                    8d:73:e5:e0:c7:af:eb:05:c3:f2:14:da:4d:f5:e8:
                    69:4a:84:c0:61:ef:84:e9:4a:94:df:cb:d8:40:59:
                    1e:2f:1d:26:d8:58:97:29:24:1a:bd:da:f2:c6:e2:
                    d9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:58:C5:3C:DE:1E:0D:F7:0D:48:39:DD:7C:FE:13:58:CB:30:3F:E8
            X509v3 Authority Key Identifier:
                keyid:BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ec:14:fa:e3:1d:6d:d5:ce:bc:85:6a:8f:42:93:8f:13:c5:
         43:99:a8:d5:9a:4f:b9:f8:d8:13:15:20:16:eb:00:13:2f:28:
         e6:06:6e:8e:f6:2a:8f:c7:5d:9b:53:49:db:39:f8:49:21:69:
         80:30:eb:11:f0:7f:08:54:16:1a:6e:3c:85:f0:c0:fb:23:31:
         53:87:f1:31:1b:5f:c4:0a:5f:ef:7f:33:2b:c7:05:6d:60:aa:
         69:05:16:40:29:11:77:18:82:2d:47:05:b5:07:b2:8d:e2:46:
         b9:6c:e4:cc:1f:81:07:51:da:40:7b:30:e4:7e:d8:ec:f1:34:
         4e:76:23:54:02:b6:7e:49:7b:fd:b9:a2:dd:cf:ff:27:b5:d9:
         95:cd:83:58:6d:0c:9d:1c:b7:1d:c9:13:c8:49:ad:22:6d:d4:
         78:c7:20:93:0e:22:b7:1f:87:85:97:a5:c2:18:15:a3:31:18:
         2d:d2:2b:54:c4:51:db:39:0d:d6:28:ff:44:0c:32:b0:bd:38:
         71:7f:dc:1f:2e:8e:77:6e:20:02:2f:a1:95:58:1b:a9:61:e6:
         cb:17:c2:1d:9f:da:5e:94:e9:7a:8d:45:0d:18:14:0e:d7:ea:
         ba:18:28:50:dd:b7:2d:b2:fb:9f:8f:69:b0:73:80:80:75:bb:
         67:52:ba:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9U0hvgJslIA0ifTmdVg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZDI1Nzk1YTY4MmIxMTlhOTk0ODA1YTk3NjU3ODUzZDc1
NGEwNWMwHhcNMjUwMjAyMDAwMDIwWhcNMjUwMjAzMDAwMDIwWjAzMTEwLwYDVQQD
Eyg5MjU4YzUzY2RlMWUwZGY3MGQ0ODM5ZGQ3Y2ZlMTM1OGNiMzAzZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9XDQG6GrNWVxU6Itnk58E9UONbG
S2ntdbxkGFvnnUvMyiw56GxiDnnZ4obFunZX49coGyxAZ6F1AM8VZe0VxiKPu7CM
PJzjIZ4V0CLAnFp4VBoXIrnvAjXyl+goxzIUNrQedfBQiZnlqrOB/f8Bn8fqhiCw
IobHvXkC74zhZIC7PfASof9rNbiaNisqv75FP6rerpH6HyNd3J4fha+itRIpSQkJ
rwswT2BUteLMU9VohyS54x2nutpVCVzxwNgCfZitY8RqcFa3mRsKdpYu8bmNc+Xg
x6/rBcPyFNpN9ehpSoTAYe+E6UqU38vYQFkeLx0m2FiXKSQavdryxuLZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJYxTzeHg33DUg53Xz+E1jLMD/oMB8GA1UdIwQY
MBaAFL7SV5WmgrEZqZSAWpdleFPXVKBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQt
MTFkMGYyMGU4Y2IwLzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQtMTFkMGYyMGU4Y2Iw
LzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACOwU+uMd
bdXOvIVqj0KTjxPFQ5mo1ZpPufjYExUgFusAEy8o5gZujvYqj8ddm1NJ2zn4SSFp
gDDrEfB/CFQWGm48hfDA+yMxU4fxMRtfxApf738zK8cFbWCqaQUWQCkRdxiCLUcF
tQeyjeJGuWzkzB+BB1HaQHsw5H7Y7PE0TnYjVAK2fkl7/bmi3c//J7XZlc2DWG0M
nRy3HckTyEmtIm3UeMcgkw4itx+HhZelwhgVozEYLdIrVMRR2zkN1ij/RAwysL04
cX/cHy6Od24gAi+hlVgbqWHmyxfCHZ/aXpTpeo1FDRgUDtfquhgoUN23LbL7n49p
sHOAgHW7Z1K6oA==
-----END CERTIFICATE-----