Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          ylXMJ4mBhghkw8r4mOVQ9B0BusDhvX/pwr3+PJepNv8=
Subject key identifier:   FB:E9:B6:E5:22:B6:1D:DD:34:27:65:0E:8E:E0:32:39:2D:FD:06:CE
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       0194C3F637839D2DDFAA9A0096857B3AA8C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          3D
Signing time:             Sun 02 Feb 2025 00:01:20 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:20 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:20 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: 6bmvmbMsY4fE1QJLgJjwjJwM4lOPgA38QnAyeF4qVuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:37:83:9d:2d:df:aa:9a:00:96:85:7b:3a:a8:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Feb  2 00:01:20 2025 GMT
            Not After : Feb  3 00:01:20 2025 GMT
        Subject: CN=fbe9b6e522b61ddd3427650e8ee032392dfd06ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:98:95:3c:70:84:89:90:4b:9b:df:ea:21:fe:
                    ef:52:11:0f:db:3f:f0:e4:31:be:25:7d:01:a8:65:
                    d7:7a:b7:7a:e9:d0:f3:a8:ab:f0:da:0e:ee:d8:f6:
                    3a:89:fa:9d:21:1e:b2:85:07:7b:8a:b3:45:11:a5:
                    a7:55:06:5d:3e:61:b7:fa:60:e7:a5:98:be:90:b8:
                    82:ef:44:98:6e:de:35:2d:00:bd:ca:05:ee:65:4f:
                    46:c3:72:2a:c0:90:69:56:0b:98:f4:88:b8:b5:90:
                    d1:6d:2e:30:d3:81:62:22:b4:05:a3:6a:23:b5:51:
                    de:ba:eb:a7:d7:7c:8a:85:e5:54:fd:67:51:81:47:
                    57:92:de:09:02:58:07:24:07:a7:da:44:a7:61:cf:
                    1b:ad:9b:6e:63:d6:de:0a:c9:d7:3d:75:c8:a7:5d:
                    e4:16:c3:a8:9a:cc:d5:60:76:37:1f:2f:88:43:67:
                    51:04:dc:14:30:26:59:ec:ef:4d:e4:3c:ec:d3:ed:
                    7f:36:1f:e1:6a:de:f0:ba:09:79:de:11:48:ba:fe:
                    66:6a:da:95:b1:6d:80:10:5c:a4:0a:e9:0b:58:f6:
                    bd:3e:ad:15:bb:36:f7:fa:67:32:91:76:a3:27:cf:
                    b0:56:bd:b2:7a:b2:56:95:f5:1c:86:22:13:a9:2f:
                    24:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:E9:B6:E5:22:B6:1D:DD:34:27:65:0E:8E:E0:32:39:2D:FD:06:CE
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:fe:ef:32:79:c9:6c:1e:95:ad:3a:52:b9:8e:f4:f6:00:40:
         ce:1d:2d:4b:83:b3:c0:61:ff:13:de:9b:ab:11:81:06:36:13:
         e9:f2:f4:b2:48:b1:85:ba:27:30:96:63:f1:72:a4:d8:d8:c9:
         47:bf:99:a1:62:f6:e3:c9:6a:c5:4d:80:77:ab:c0:3d:fd:36:
         11:59:40:3c:6e:f7:f7:cd:7e:8a:a5:04:0c:7e:93:e2:e7:c7:
         cc:8c:6f:18:0f:ea:8f:55:f1:bc:72:1e:6c:64:fd:44:12:45:
         8d:a1:83:3d:80:09:a3:bc:6f:4d:a5:20:f9:ae:6c:8f:e8:00:
         65:09:ef:32:1d:10:2e:54:e2:79:ef:c4:0c:60:93:a9:61:ea:
         0a:b3:e0:70:6f:50:7f:35:db:3c:1c:d8:ae:2c:b2:2f:b7:41:
         b1:34:d8:24:ae:f6:8d:53:ea:da:92:d9:79:76:e4:b6:3a:64:
         e1:d3:62:e2:8d:07:5c:27:9e:78:56:8d:0d:18:8c:65:91:cb:
         9f:77:29:b3:43:04:fa:ae:eb:08:28:80:99:74:bf:01:95:e3:
         52:5c:58:53:18:c3:1b:30:da:2c:ba:95:3f:c8:4f:1a:04:29:
         25:fb:d3:51:51:5f:cd:91:28:45:9d:8f:f7:89:a2:9c:d6:17:
         48:6c:c8:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9jeDnS3fqpoAloV7OqjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUwMjAyMDAwMTIwWhcNMjUwMjAzMDAwMTIwWjAzMTEwLwYDVQQD
EyhmYmU5YjZlNTIyYjYxZGRkMzQyNzY1MGU4ZWUwMzIzOTJkZmQwNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JiVPHCEiZBLm9/qIf7vUhEP2z/w
5DG+JX0BqGXXerd66dDzqKvw2g7u2PY6ifqdIR6yhQd7irNFEaWnVQZdPmG3+mDn
pZi+kLiC70SYbt41LQC9ygXuZU9Gw3IqwJBpVguY9Ii4tZDRbS4w04FiIrQFo2oj
tVHeuuun13yKheVU/WdRgUdXkt4JAlgHJAen2kSnYc8brZtuY9beCsnXPXXIp13k
FsOomszVYHY3Hy+IQ2dRBNwUMCZZ7O9N5Dzs0+1/Nh/hat7wugl53hFIuv5matqV
sW2AEFykCukLWPa9Pq0Vuzb3+mcykXajJ8+wVr2yerJWlfUchiITqS8k5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvptuUith3dNCdlDo7gMjkt/QbOMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABf7vMnnJ
bB6VrTpSuY709gBAzh0tS4OzwGH/E96bqxGBBjYT6fL0skixhbonMJZj8XKk2NjJ
R7+ZoWL248lqxU2Ad6vAPf02EVlAPG73981+iqUEDH6T4ufHzIxvGA/qj1XxvHIe
bGT9RBJFjaGDPYAJo7xvTaUg+a5sj+gAZQnvMh0QLlTiee/EDGCTqWHqCrPgcG9Q
fzXbPBzYriyyL7dBsTTYJK72jVPq2pLZeXbktjpk4dNi4o0HXCeeeFaNDRiMZZHL
n3cps0ME+q7rCCiAmXS/AZXjUlxYUxjDGzDaLLqVP8hPGgQpJfvTUVFfzZEoRZ2P
94minNYXSGzI4Q==
-----END CERTIFICATE-----