Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
File:                     yHfSSx1xwCFHafEZ33KY_wz4l7A.mft (raw, json)
Hash identifier:          94/cl0F/p8KUTWo5LFMPdJy/8wre9ET4kfLSimO3E5M=
Subject key identifier:   85:A3:A1:4D:2D:4C:D1:58:45:A7:E1:96:91:88:EE:D0:42:EB:C3:76
Authority key identifier: C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0
Certificate issuer:       /CN=c877d24b1d71c0214769f119df7298ff0cf897b0
Certificate serial:       0194C4630AF8AB65269A56E6DF7DB6D2C6BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
Manifest number:          0898
Signing time:             Sun 02 Feb 2025 02:00:12 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:12 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:12 +0000
Files and hashes:         1: yHfSSx1xwCFHafEZ33KY_wz4l7A.crl (hash: YaMvVRxpLTK94eSlAZ48WePydVl4nooP8RSQS+Neh+4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:0a:f8:ab:65:26:9a:56:e6:df:7d:b6:d2:c6:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c877d24b1d71c0214769f119df7298ff0cf897b0
        Validity
            Not Before: Feb  2 02:00:12 2025 GMT
            Not After : Feb  3 02:00:12 2025 GMT
        Subject: CN=85a3a14d2d4cd15845a7e1969188eed042ebc376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d4:9c:dd:3d:13:6a:f5:cd:9c:e3:3a:e0:a6:
                    76:e3:a8:ab:b4:08:ba:cc:aa:bb:03:be:6a:d5:b0:
                    e3:dc:a8:4d:fe:82:fe:29:b0:38:71:c4:d6:69:9c:
                    43:b3:08:e1:cb:4b:0d:d1:c9:e4:7d:4a:01:d8:09:
                    eb:23:81:09:c3:4e:1a:7c:a4:65:4d:b5:71:55:5c:
                    cb:81:28:18:87:f9:f9:e8:dc:0a:ce:40:e2:2e:51:
                    6b:f3:51:f2:3e:8f:bb:40:99:2e:58:c6:99:22:ac:
                    12:d1:d3:ba:88:80:19:84:4f:a6:7c:e7:de:50:f3:
                    14:3a:35:f8:69:b6:ae:4a:f3:5e:1b:a4:60:21:c5:
                    7f:05:5d:9f:c9:33:5a:4f:ed:e2:98:53:97:9b:8d:
                    00:dc:f5:7d:73:5b:3e:82:ce:b4:f5:e3:46:ee:f7:
                    eb:28:66:16:02:5c:3b:18:e4:5c:c9:8e:8b:67:4a:
                    c8:3d:67:a2:98:4f:10:7e:f8:22:2b:98:6f:9c:da:
                    70:46:da:a3:4f:60:7b:bb:6c:b0:a2:8e:06:8e:3e:
                    64:c5:41:4f:20:3d:1e:97:92:e0:df:23:25:d4:dc:
                    e3:28:c3:6f:0f:30:c1:fa:9c:71:47:bf:99:ad:40:
                    03:eb:dd:4c:b0:ad:5f:f1:b1:4d:f2:0c:85:7a:cf:
                    49:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:A3:A1:4D:2D:4C:D1:58:45:A7:E1:96:91:88:EE:D0:42:EB:C3:76
            X509v3 Authority Key Identifier:
                keyid:C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:a8:67:a5:b3:a9:c7:d9:ba:37:21:7a:92:52:0c:7e:f7:5c:
         5b:78:4c:7f:a4:39:4a:b9:1b:ca:74:d2:88:81:26:a3:a5:d1:
         33:11:7c:ec:8a:79:bf:4b:b3:03:f0:cb:59:47:ce:69:87:65:
         aa:0a:fe:8e:1f:ab:82:0c:46:d8:49:9c:12:35:8f:06:bd:bb:
         74:53:93:25:c3:26:35:db:77:d8:00:7a:d0:af:b5:83:34:17:
         08:5a:bc:9a:74:fc:fd:10:09:d2:09:b5:c2:9f:21:ef:75:eb:
         42:03:29:73:e7:95:c7:d1:24:05:bb:87:d5:ef:36:03:46:6e:
         ad:48:d3:3e:b6:a8:4b:6f:85:22:ca:6c:99:38:36:ae:b3:93:
         ca:ee:4a:ef:2b:26:4d:7f:0a:9b:7f:e1:10:fd:6e:01:81:5c:
         c5:ab:76:7b:ca:61:42:2d:75:85:c1:d1:2d:a2:c8:51:45:fa:
         c1:8f:57:9c:27:b6:87:27:e2:b3:96:d7:e7:a0:30:45:4c:2f:
         ed:96:c7:06:74:40:3b:fc:27:41:c6:8d:f5:c0:b0:7f:56:d7:
         bc:fa:75:7a:e9:43:6e:75:26:de:95:21:91:be:18:27:5a:99:
         ef:c4:f8:ca:84:71:70:ce:6a:65:81:bb:5e:7d:bf:ee:a1:3c:
         a0:04:fc:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEYwr4q2Ummlbm33220sa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzdkMjRiMWQ3MWMwMjE0NzY5ZjExOWRmNzI5OGZmMGNm
ODk3YjAwHhcNMjUwMjAyMDIwMDEyWhcNMjUwMjAzMDIwMDEyWjAzMTEwLwYDVQQD
Eyg4NWEzYTE0ZDJkNGNkMTU4NDVhN2UxOTY5MTg4ZWVkMDQyZWJjMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdSc3T0TavXNnOM64KZ246irtAi6
zKq7A75q1bDj3KhN/oL+KbA4ccTWaZxDswjhy0sN0cnkfUoB2AnrI4EJw04afKRl
TbVxVVzLgSgYh/n56NwKzkDiLlFr81HyPo+7QJkuWMaZIqwS0dO6iIAZhE+mfOfe
UPMUOjX4abauSvNeG6RgIcV/BV2fyTNaT+3imFOXm40A3PV9c1s+gs609eNG7vfr
KGYWAlw7GORcyY6LZ0rIPWeimE8QfvgiK5hvnNpwRtqjT2B7u2ywoo4Gjj5kxUFP
ID0el5Lg3yMl1NzjKMNvDzDB+pxxR7+ZrUAD691MsK1f8bFN8gyFes9JjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWjoU0tTNFYRafhlpGI7tBC68N2MB8GA1UdIwQY
MBaAFMh30ksdccAhR2nxGd9ymP8M+JewMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYt
OWVjMjhhZTY1NzQ1LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYtOWVjMjhhZTY1NzQ1
LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKhnpbOp
x9m6NyF6klIMfvdcW3hMf6Q5SrkbynTSiIEmo6XRMxF87Ip5v0uzA/DLWUfOaYdl
qgr+jh+rggxG2EmcEjWPBr27dFOTJcMmNdt32AB60K+1gzQXCFq8mnT8/RAJ0gm1
wp8h73XrQgMpc+eVx9EkBbuH1e82A0ZurUjTPraoS2+FIspsmTg2rrOTyu5K7ysm
TX8Km3/hEP1uAYFcxat2e8phQi11hcHRLaLIUUX6wY9XnCe2hyfis5bX56AwRUwv
7ZbHBnRAO/wnQcaN9cCwf1bXvPp1eulDbnUm3pUhkb4YJ1qZ78T4yoRxcM5qZYG7
Xn2/7qE8oAT84w==
-----END CERTIFICATE-----