Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
File:                     Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft (raw, json)
Hash identifier:          m2N1E0W4xNlv6IMrKMvIHn3N4qbQOX8HM6XRL5auH8w=
Subject key identifier:   F3:AD:A2:6C:AE:39:5D:57:EB:BA:86:D2:64:21:A6:E4:02:2D:FC:31
Authority key identifier: 0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84
Certificate issuer:       /CN=0e29a482de0d56746c3045269f99205204f95484
Certificate serial:       019510C736612CEFD5B19FB737AFE29C2B82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
Manifest number:          0FFC
Signing time:             Sun 16 Feb 2025 22:00:45 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:45 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:45 +0000
Files and hashes:         1: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl (hash: /hw4gZqKJRPXBa/teddH7/R8WV+D9DgWrO3jdN4e2t0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:36:61:2c:ef:d5:b1:9f:b7:37:af:e2:9c:2b:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e29a482de0d56746c3045269f99205204f95484
        Validity
            Not Before: Feb 16 22:00:45 2025 GMT
            Not After : Feb 17 22:00:45 2025 GMT
        Subject: CN=f3ada26cae395d57ebba86d26421a6e4022dfc31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d8:87:ac:13:6a:6c:b0:5a:c5:8a:25:d6:ad:
                    f7:9a:ef:0e:1a:81:9a:bd:26:15:1d:1c:84:5b:85:
                    52:39:d6:13:16:be:9a:27:ba:1e:eb:06:0e:a6:26:
                    99:b8:5e:24:6e:c7:0f:e9:61:78:ca:4a:86:65:67:
                    ca:99:6a:9e:51:35:78:86:c1:49:36:15:66:d7:8e:
                    60:77:5f:55:07:a5:b7:16:73:4f:3b:26:6e:80:0d:
                    ef:bd:08:ba:36:ba:0e:d4:b8:5c:b0:f0:52:48:ba:
                    a5:ab:e1:b4:55:36:95:61:0c:b6:5f:cf:06:61:3a:
                    46:56:bd:82:47:ba:a9:f6:07:66:55:95:a3:0d:2a:
                    c4:6f:f3:3a:27:ed:3f:61:7d:35:a7:43:f7:35:bc:
                    7b:a0:fe:5e:41:50:17:f3:3d:e5:01:39:ad:1c:d5:
                    ec:55:01:68:33:40:e7:30:89:f1:63:e3:8b:bc:04:
                    af:83:72:d1:75:ef:25:d9:0f:7c:d1:2a:2a:7b:bc:
                    ce:fe:7f:0b:a3:86:8c:35:81:f1:2a:6c:87:ae:13:
                    c6:48:0f:e4:e2:d1:27:de:df:b4:78:a9:05:1c:b0:
                    1d:a0:50:4d:aa:9a:f6:8b:b0:31:04:c9:c6:ef:04:
                    c5:f6:ea:57:31:2b:5e:37:0d:2b:3b:41:1a:bb:52:
                    c3:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:AD:A2:6C:AE:39:5D:57:EB:BA:86:D2:64:21:A6:E4:02:2D:FC:31
            X509v3 Authority Key Identifier:
                keyid:0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:1b:65:b6:d4:c3:0a:c0:c5:d6:38:4a:b2:39:20:75:25:ce:
         80:c8:54:92:57:f5:27:a3:7e:60:a2:86:b0:4d:b1:6c:26:14:
         d3:60:19:cf:b5:65:4e:c3:ed:74:10:44:4c:ab:31:bf:18:67:
         7d:35:db:5d:f7:b7:f1:47:51:0a:ce:a6:b7:d8:a4:17:9e:bc:
         45:4b:6b:85:9a:f9:9c:cd:1a:f2:45:a5:41:6c:43:ef:9d:e4:
         a8:d9:c5:4a:13:70:cd:30:4b:96:02:4a:95:e0:30:34:99:78:
         c3:c7:19:c7:78:dc:d5:e3:bc:40:f4:25:2e:56:85:b1:21:76:
         4e:1b:c7:15:5d:9e:f2:fc:6a:4f:5f:fb:85:be:16:c9:87:33:
         97:26:cb:04:99:a3:41:f5:23:38:05:b9:93:e1:8c:48:02:38:
         83:d8:f1:ad:af:a1:9a:81:6f:ca:90:df:99:96:a2:1b:f8:20:
         b6:f2:ca:b7:69:0d:2c:a3:00:98:fc:a6:3c:c1:9e:2e:a3:c7:
         68:88:f3:b2:42:de:e5:75:43:7d:15:af:f2:75:2b:ee:78:14:
         4d:ba:46:d9:f8:77:3b:36:59:a8:3e:be:dc:e4:f3:26:c9:8b:
         65:4b:5b:b0:f4:06:1e:11:e9:d6:ee:a5:84:14:74:76:80:e1:
         cd:7c:64:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxzZhLO/VsZ+3N6/inCuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjlhNDgyZGUwZDU2NzQ2YzMwNDUyNjlmOTkyMDUyMDRm
OTU0ODQwHhcNMjUwMjE2MjIwMDQ1WhcNMjUwMjE3MjIwMDQ1WjAzMTEwLwYDVQQD
EyhmM2FkYTI2Y2FlMzk1ZDU3ZWJiYTg2ZDI2NDIxYTZlNDAyMmRmYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNiHrBNqbLBaxYol1q33mu8OGoGa
vSYVHRyEW4VSOdYTFr6aJ7oe6wYOpiaZuF4kbscP6WF4ykqGZWfKmWqeUTV4hsFJ
NhVm145gd19VB6W3FnNPOyZugA3vvQi6NroO1LhcsPBSSLqlq+G0VTaVYQy2X88G
YTpGVr2CR7qp9gdmVZWjDSrEb/M6J+0/YX01p0P3Nbx7oP5eQVAX8z3lATmtHNXs
VQFoM0DnMInxY+OLvASvg3LRde8l2Q980Soqe7zO/n8Lo4aMNYHxKmyHrhPGSA/k
4tEn3t+0eKkFHLAdoFBNqpr2i7AxBMnG7wTF9upXMSteNw0rO0Eau1LDRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOtomyuOV1X67qG0mQhpuQCLfwxMB8GA1UdIwQY
MBaAFA4ppILeDVZ0bDBFJp+ZIFIE+VSEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMt
OGJiZDkzOTQwZWVmLzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMtOGJiZDkzOTQwZWVm
LzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZhtlttTD
CsDF1jhKsjkgdSXOgMhUklf1J6N+YKKGsE2xbCYU02AZz7VlTsPtdBBETKsxvxhn
fTXbXfe38UdRCs6mt9ikF568RUtrhZr5nM0a8kWlQWxD753kqNnFShNwzTBLlgJK
leAwNJl4w8cZx3jc1eO8QPQlLlaFsSF2ThvHFV2e8vxqT1/7hb4WyYczlybLBJmj
QfUjOAW5k+GMSAI4g9jxra+hmoFvypDfmZaiG/ggtvLKt2kNLKMAmPymPMGeLqPH
aIjzskLe5XVDfRWv8nUr7ngUTbpG2fh3OzZZqD6+3OTzJsmLZUtbsPQGHhHp1u6l
hBR0doDhzXxkww==
-----END CERTIFICATE-----