Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          ydWt7jGoQ+dYM9Deklc4LrM1k/6pkyuti6jWCbprIjU=
Subject key identifier:   5F:02:12:99:C7:ED:11:1B:EC:61:3F:BE:8D:A9:95:96:D8:FF:9C:FE
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       0194C3873DA8CBF2AC406BE59EDA9ED730B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          1144
Signing time:             Sat 01 Feb 2025 22:00:07 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:07 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:07 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: ZrNii5DWy+5gqPdjDY73Z15t63AcanAW77yGlQU30xE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:3d:a8:cb:f2:ac:40:6b:e5:9e:da:9e:d7:30:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Feb  1 22:00:07 2025 GMT
            Not After : Feb  2 22:00:07 2025 GMT
        Subject: CN=5f021299c7ed111bec613fbe8da99596d8ff9cfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d3:2e:cd:3f:ec:00:74:39:8c:b4:fd:a0:d6:
                    fd:fd:4d:a7:7f:de:be:43:aa:9b:18:75:f4:63:aa:
                    9b:46:da:4f:80:f4:79:d8:06:ec:e8:c2:0d:27:d5:
                    54:1b:b7:d6:5b:f1:7f:d7:b4:0b:48:42:e2:cb:14:
                    39:b8:65:f4:ba:4f:67:39:b1:c7:a6:50:9e:dd:5b:
                    d5:96:c1:68:97:aa:5c:e4:68:94:6c:31:0d:32:6f:
                    6a:02:1a:08:db:10:92:a0:f9:2e:b7:53:9a:54:a6:
                    89:11:37:f4:f4:36:ea:39:d7:8b:79:41:7d:c9:a0:
                    da:52:d2:90:e6:5d:a1:f9:c5:f9:5b:70:73:e7:62:
                    a4:9d:82:3e:f3:ae:95:6e:d3:aa:21:5b:35:76:65:
                    23:19:5d:b2:cf:72:1f:7c:d0:09:7c:39:fb:39:98:
                    42:d9:ca:a3:96:3d:4d:a6:59:18:c7:d4:c2:90:4b:
                    38:46:1a:f1:f4:40:39:a5:c6:2d:2a:6e:45:24:a7:
                    19:c0:53:c1:34:9e:bc:ee:58:7e:90:de:17:11:d2:
                    e3:2d:16:0d:b5:c7:a4:8c:de:ad:95:51:3a:15:70:
                    cc:a8:56:a3:a3:67:f4:7c:dd:31:de:e6:2b:60:f8:
                    28:75:f5:81:73:f6:cb:1d:57:ea:6e:bb:83:a9:7a:
                    6e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:02:12:99:C7:ED:11:1B:EC:61:3F:BE:8D:A9:95:96:D8:FF:9C:FE
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:85:c3:df:c1:0c:7b:17:ab:5a:3d:44:89:77:35:47:0c:8b:
         c5:9c:a4:ec:93:cb:ff:f3:00:c9:05:68:e6:36:57:93:21:fc:
         0c:be:88:a1:c6:ca:46:f5:48:bb:cc:fb:bc:60:45:ef:ba:23:
         33:26:a5:f1:99:2a:3d:6c:3a:69:16:1e:c9:76:6d:71:72:43:
         2f:ec:52:5a:44:8a:17:ad:cf:30:38:79:d9:b2:fe:4e:74:9a:
         d0:ec:b2:65:15:63:78:6c:15:2f:d2:09:c6:ee:21:be:7f:50:
         71:17:0a:a4:c7:c1:01:55:57:43:a1:5f:3c:2f:13:78:a9:90:
         90:b1:21:40:48:65:25:c5:83:ee:6d:3b:60:d9:ab:8a:d3:d4:
         db:ce:26:26:8f:0f:aa:80:5d:c9:5a:45:2c:c1:a9:18:40:33:
         8e:dc:7e:af:81:31:94:db:73:ff:a2:8d:72:26:eb:58:5a:3e:
         e1:58:ef:a1:56:10:08:1e:da:9c:84:c7:a5:63:12:25:5c:13:
         78:fb:5d:ee:d2:14:40:2d:5c:d9:03:4c:50:42:80:9f:4c:58:
         83:cc:14:5e:20:fd:22:d1:e1:21:e1:16:8c:0f:9f:4d:fc:f2:
         ca:07:6a:9f:3c:df:d1:3d:3f:35:17:0c:25:ab:89:4d:8e:dd:
         f7:71:8a:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDhz2oy/KsQGvlntqe1zCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUwMjAxMjIwMDA3WhcNMjUwMjAyMjIwMDA3WjAzMTEwLwYDVQQD
Eyg1ZjAyMTI5OWM3ZWQxMTFiZWM2MTNmYmU4ZGE5OTU5NmQ4ZmY5Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltMuzT/sAHQ5jLT9oNb9/U2nf96+
Q6qbGHX0Y6qbRtpPgPR52Abs6MINJ9VUG7fWW/F/17QLSELiyxQ5uGX0uk9nObHH
plCe3VvVlsFol6pc5GiUbDENMm9qAhoI2xCSoPkut1OaVKaJETf09DbqOdeLeUF9
yaDaUtKQ5l2h+cX5W3Bz52KknYI+866VbtOqIVs1dmUjGV2yz3IffNAJfDn7OZhC
2cqjlj1NplkYx9TCkEs4Rhrx9EA5pcYtKm5FJKcZwFPBNJ687lh+kN4XEdLjLRYN
tcekjN6tlVE6FXDMqFajo2f0fN0x3uYrYPgodfWBc/bLHVfqbruDqXpuEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8CEpnH7REb7GE/vo2plZbY/5z+MB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYXD38EM
exerWj1EiXc1RwyLxZyk7JPL//MAyQVo5jZXkyH8DL6IocbKRvVIu8z7vGBF77oj
Myal8ZkqPWw6aRYeyXZtcXJDL+xSWkSKF63PMDh52bL+TnSa0OyyZRVjeGwVL9IJ
xu4hvn9QcRcKpMfBAVVXQ6FfPC8TeKmQkLEhQEhlJcWD7m07YNmritPU284mJo8P
qoBdyVpFLMGpGEAzjtx+r4ExlNtz/6KNcibrWFo+4VjvoVYQCB7anITHpWMSJVwT
ePtd7tIUQC1c2QNMUEKAn0xYg8wUXiD9ItHhIeEWjA+fTfzyygdqnzzf0T0/NRcM
JauJTY7d93GKRg==
-----END CERTIFICATE-----