Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          WAlfjQbJ7C7dBq67bfMaq4S2R3Xeyn1jjRz9wYS8NwI=
Subject key identifier:   4E:7F:FC:4C:DB:69:9E:9F:3C:C4:41:78:FE:B1:3B:AC:5F:A7:57:FC
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       0194C42C8AD920FA78D3878991150BAAFAD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          32
Signing time:             Sun 02 Feb 2025 01:00:40 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:40 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:40 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: NW1TZId8GTtjNAWahGa1a8z0Tv4p8JWNlvm5razgsZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:8a:d9:20:fa:78:d3:87:89:91:15:0b:aa:fa:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Feb  2 01:00:40 2025 GMT
            Not After : Feb  3 01:00:40 2025 GMT
        Subject: CN=4e7ffc4cdb699e9f3cc44178feb13bac5fa757fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5e:67:39:24:9e:4e:7b:a3:6b:25:a5:72:cf:
                    f5:20:1f:ff:5c:c0:93:28:4a:a8:14:69:9e:47:d0:
                    d4:a3:47:16:d3:3c:6c:63:51:0c:35:1d:8a:78:7e:
                    ea:28:f8:ba:98:2f:be:2d:1a:de:5f:92:9a:1f:a7:
                    2a:7f:c3:da:1c:7a:f1:3d:1c:81:6b:aa:17:d7:85:
                    22:f3:43:92:93:31:3c:8d:b3:f3:30:19:af:85:c1:
                    e5:6e:93:09:b9:17:a1:2d:ed:e5:6c:b6:45:d7:34:
                    c8:f7:6a:a5:99:83:5b:ac:2a:e9:3f:2f:a1:3b:81:
                    31:bf:16:ce:5f:9a:30:36:88:5a:31:89:b4:ea:47:
                    3f:97:13:42:bd:53:4d:9a:55:ee:ae:5d:87:47:a4:
                    b2:23:a3:e9:d5:ec:af:8b:c9:61:bc:45:6a:16:8f:
                    81:6b:e1:40:d1:33:69:7d:d3:0e:4f:e5:36:ec:8d:
                    8a:16:c2:8a:0d:69:68:20:ad:0b:a0:05:9c:22:28:
                    a0:31:c5:6d:4e:1f:64:db:e5:c8:1d:51:ad:a0:59:
                    e0:de:9f:4e:22:ff:de:ab:7d:ae:b2:c6:2e:f5:da:
                    50:51:75:5d:22:1b:6d:42:c9:a3:3b:5e:58:00:5a:
                    5c:af:df:7e:17:fc:91:bd:99:3c:fd:35:d7:54:8f:
                    60:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:7F:FC:4C:DB:69:9E:9F:3C:C4:41:78:FE:B1:3B:AC:5F:A7:57:FC
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:de:8e:67:ce:f0:45:a6:fe:d4:fb:cc:ce:12:0c:c6:16:23:
         bb:9f:cb:25:e5:77:22:3d:df:86:e7:54:4f:4e:9b:96:6c:9f:
         bb:7a:9a:85:c8:aa:6a:e7:3a:df:02:b8:83:55:b1:77:15:1b:
         9a:71:ab:38:ba:32:b8:84:c7:4b:33:7e:84:81:a5:53:9f:8e:
         e8:5d:56:c6:ad:00:f1:40:1f:7b:0f:c5:3c:29:e7:78:78:af:
         9e:fb:0c:d5:02:4e:b3:40:88:98:4e:57:cf:0a:86:98:e1:e9:
         a3:d5:30:3f:d9:8c:01:d0:33:3b:72:5e:99:6c:c0:3c:75:6f:
         22:10:5f:2e:b8:03:0a:3e:22:4c:09:ec:68:12:fb:9d:53:f6:
         68:4d:55:57:c7:0b:61:f4:64:f0:09:65:68:1d:58:55:e3:d0:
         2a:d2:e0:cf:3b:e9:a6:ad:98:20:76:28:fd:83:7a:41:3c:2f:
         f0:9e:4d:b5:0b:ef:39:ab:95:f0:31:d5:bf:f8:51:23:8b:e5:
         ed:dc:8f:d7:bd:2b:86:23:3a:84:30:7c:25:2b:d5:e8:b6:af:
         34:ab:da:13:cc:54:f8:5b:bd:14:95:30:06:96:8e:94:20:43:
         a6:0c:d6:6e:ea:a4:d3:28:32:f3:2d:5c:14:6c:16:fb:64:7f:
         f0:e5:75:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELIrZIPp404eJkRULqvrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwMjAyMDEwMDQwWhcNMjUwMjAzMDEwMDQwWjAzMTEwLwYDVQQD
Eyg0ZTdmZmM0Y2RiNjk5ZTlmM2NjNDQxNzhmZWIxM2JhYzVmYTc1N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl5nOSSeTnujayWlcs/1IB//XMCT
KEqoFGmeR9DUo0cW0zxsY1EMNR2KeH7qKPi6mC++LRreX5KaH6cqf8PaHHrxPRyB
a6oX14Ui80OSkzE8jbPzMBmvhcHlbpMJuRehLe3lbLZF1zTI92qlmYNbrCrpPy+h
O4ExvxbOX5owNohaMYm06kc/lxNCvVNNmlXurl2HR6SyI6Pp1eyvi8lhvEVqFo+B
a+FA0TNpfdMOT+U27I2KFsKKDWloIK0LoAWcIiigMcVtTh9k2+XIHVGtoFng3p9O
Iv/eq32ussYu9dpQUXVdIhttQsmjO15YAFpcr99+F/yRvZk8/TXXVI9g6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5//EzbaZ6fPMRBeP6xO6xfp1f8MB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjN6OZ87w
Rab+1PvMzhIMxhYju5/LJeV3Ij3fhudUT06blmyfu3qahciqauc63wK4g1WxdxUb
mnGrOLoyuITHSzN+hIGlU5+O6F1Wxq0A8UAfew/FPCnneHivnvsM1QJOs0CImE5X
zwqGmOHpo9UwP9mMAdAzO3JemWzAPHVvIhBfLrgDCj4iTAnsaBL7nVP2aE1VV8cL
YfRk8AllaB1YVePQKtLgzzvppq2YIHYo/YN6QTwv8J5NtQvvOauV8DHVv/hRI4vl
7dyP170rhiM6hDB8JSvV6LavNKvaE8xU+Fu9FJUwBpaOlCBDpgzWbuqk0ygy8y1c
FGwW+2R/8OV1lA==
-----END CERTIFICATE-----