Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
File:                     iFeQ87X0pUUjTzIwv4lmOFbge8c.mft (raw, json)
Hash identifier:          yjmwXiaQEGJ7YAH8b1OJaWX10a0BiuPU4nDDiItor/M=
Subject key identifier:   AC:8F:93:57:FE:20:1B:19:0E:ED:D1:0E:DA:C2:03:FB:FE:E5:2A:BF
Authority key identifier: 88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7
Certificate issuer:       /CN=885790f3b5f4a545234f3230bf89663856e07bc7
Certificate serial:       019510C7832B681284C95C3A1D71363A9508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:01:05 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:05 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:05 +0000
Files and hashes:         1: iFeQ87X0pUUjTzIwv4lmOFbge8c.crl (hash: RI9irVTnntVP/r37D1YqxrFhomxxEM8s0h+mzE/b6w8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:83:2b:68:12:84:c9:5c:3a:1d:71:36:3a:95:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885790f3b5f4a545234f3230bf89663856e07bc7
        Validity
            Not Before: Feb 16 22:01:05 2025 GMT
            Not After : Feb 17 22:01:05 2025 GMT
        Subject: CN=ac8f9357fe201b190eedd10edac203fbfee52abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:fa:15:ed:e9:1a:39:8f:f2:1c:7f:64:02:fb:
                    58:96:ce:33:af:99:80:4c:9e:5f:42:63:16:1c:7e:
                    3e:36:de:82:04:1a:72:bd:dc:45:30:f3:7d:a3:fc:
                    4c:b5:5b:5e:5c:a5:f1:63:89:d1:f3:2d:ad:e3:17:
                    26:22:5a:72:06:72:47:1e:3a:c8:fb:8a:95:be:a1:
                    77:23:00:07:a6:88:05:72:45:eb:f4:0c:49:96:3b:
                    5c:db:b9:39:8c:23:e9:81:e8:0c:da:80:69:d9:1e:
                    68:a4:f0:44:c4:4c:02:08:df:6b:3e:07:08:55:dc:
                    9e:bd:f5:bb:29:35:62:62:d6:5e:9c:af:46:9d:44:
                    06:6c:be:81:b3:d1:9c:3f:07:43:33:ad:8b:ea:73:
                    ea:a1:f9:5f:15:f6:c7:b2:a6:6e:7a:7e:db:3b:78:
                    e3:95:c1:a9:81:a9:de:58:1e:0e:b1:2e:f9:63:5d:
                    63:f4:9e:41:08:de:c4:13:6a:23:34:28:48:aa:55:
                    59:c2:b4:96:b3:69:75:88:d4:4d:c8:11:d3:64:c0:
                    0d:4b:02:e9:8f:97:04:c4:80:d2:9b:42:8c:37:1a:
                    18:7c:fc:27:46:c5:58:d8:2f:21:d5:59:95:de:d3:
                    a9:3a:e1:33:b6:ba:d8:67:8b:4e:48:80:01:03:ef:
                    65:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:8F:93:57:FE:20:1B:19:0E:ED:D1:0E:DA:C2:03:FB:FE:E5:2A:BF
            X509v3 Authority Key Identifier:
                keyid:88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:6b:5a:7f:af:99:1c:00:6a:24:29:86:dd:a1:11:c9:be:3f:
         a3:55:09:95:48:48:f7:d9:a9:11:0e:f2:5c:53:60:9c:28:80:
         e7:cf:5a:82:8f:a7:ec:7d:4e:b4:55:06:6e:ab:34:18:23:41:
         84:2f:8c:0b:17:54:6c:c2:fd:95:d5:0f:b4:87:ca:5a:05:df:
         ce:a8:7f:06:f8:82:e6:91:27:78:70:4a:fb:63:c9:48:3a:b3:
         d4:1b:df:b3:0f:10:9c:d5:22:65:bc:7d:7d:19:bb:5c:d4:ac:
         d3:c8:f3:a0:a7:54:04:df:3a:5d:82:3e:82:11:4e:d6:6a:3c:
         9d:fc:0d:d7:cc:a3:42:d6:7e:7a:63:3c:16:7c:94:88:54:a5:
         95:34:d9:07:e6:05:4e:15:8e:49:be:cc:e2:09:33:9b:c3:03:
         e6:4b:fe:75:45:cf:60:aa:8b:0c:95:be:6d:cd:c5:f8:cb:a4:
         7a:0e:5d:7b:38:ac:a7:1d:e4:cc:f5:77:12:81:d9:6a:e4:4c:
         23:74:56:2e:b5:88:89:e8:3b:cf:15:ce:35:67:dd:57:1d:a8:
         0c:b6:27:08:78:12:1a:10:e3:4f:f7:ba:3b:18:df:bd:72:dd:
         52:3f:3a:04:6f:d3:c0:b0:4e:06:6d:1d:56:f9:ca:60:68:9e:
         c1:0a:bc:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx4MraBKEyVw6HXE2OpUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NTc5MGYzYjVmNGE1NDUyMzRmMzIzMGJmODk2NjM4NTZl
MDdiYzcwHhcNMjUwMjE2MjIwMTA1WhcNMjUwMjE3MjIwMTA1WjAzMTEwLwYDVQQD
EyhhYzhmOTM1N2ZlMjAxYjE5MGVlZGQxMGVkYWMyMDNmYmZlZTUyYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfoV7ekaOY/yHH9kAvtYls4zr5mA
TJ5fQmMWHH4+Nt6CBBpyvdxFMPN9o/xMtVteXKXxY4nR8y2t4xcmIlpyBnJHHjrI
+4qVvqF3IwAHpogFckXr9AxJljtc27k5jCPpgegM2oBp2R5opPBExEwCCN9rPgcI
VdyevfW7KTViYtZenK9GnUQGbL6Bs9GcPwdDM62L6nPqoflfFfbHsqZuen7bO3jj
lcGpganeWB4OsS75Y11j9J5BCN7EE2ojNChIqlVZwrSWs2l1iNRNyBHTZMANSwLp
j5cExIDSm0KMNxoYfPwnRsVY2C8h1VmV3tOpOuEztrrYZ4tOSIABA+9lvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyPk1f+IBsZDu3RDtrCA/v+5Sq/MB8GA1UdIwQY
MBaAFIhXkPO19KVFI08yML+JZjhW4HvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2Mt
MzJiMmJlMDYyMjJjLzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2MtMzJiMmJlMDYyMjJj
LzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGtaf6+Z
HABqJCmG3aERyb4/o1UJlUhI99mpEQ7yXFNgnCiA589ago+n7H1OtFUGbqs0GCNB
hC+MCxdUbML9ldUPtIfKWgXfzqh/BviC5pEneHBK+2PJSDqz1Bvfsw8QnNUiZbx9
fRm7XNSs08jzoKdUBN86XYI+ghFO1mo8nfwN18yjQtZ+emM8FnyUiFSllTTZB+YF
ThWOSb7M4gkzm8MD5kv+dUXPYKqLDJW+bc3F+Mukeg5dezispx3kzPV3EoHZauRM
I3RWLrWIieg7zxXONWfdVx2oDLYnCHgSGhDjT/e6OxjfvXLdUj86BG/TwLBOBm0d
VvnKYGiewQq8Gw==
-----END CERTIFICATE-----