Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.mft
File:                     l8OiXUi_gek3G3sOuGjV2i2rkZU.mft (raw, json)
Hash identifier:          NafrNiSAWTlIV0TsBJC7Z8ewWAf3sBJEXvgupMtO/N0=
Subject key identifier:   18:3F:8D:56:05:18:D7:3F:05:36:76:4D:AA:2F:51:D0:AA:D4:50:32
Authority key identifier: 97:C3:A2:5D:48:BF:81:E9:37:1B:7B:0E:B8:68:D5:DA:2D:AB:91:95
Certificate issuer:       /CN=97c3a25d48bf81e9371b7b0eb868d5da2dab9195
Certificate serial:       019512105059EFA04E600E7BE9907AF7EC2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l8OiXUi_gek3G3sOuGjV2i2rkZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.mft
Manifest number:          045D
Signing time:             Mon 17 Feb 2025 04:00:13 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:13 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:13 +0000
Files and hashes:         1: l8OiXUi_gek3G3sOuGjV2i2rkZU.crl (hash: haa2UFzEcXvvhsKewuZ31f4/dq4nfzo2zP7cF4qH7ao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l8OiXUi_gek3G3sOuGjV2i2rkZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:50:59:ef:a0:4e:60:0e:7b:e9:90:7a:f7:ec:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97c3a25d48bf81e9371b7b0eb868d5da2dab9195
        Validity
            Not Before: Feb 17 04:00:13 2025 GMT
            Not After : Feb 18 04:00:13 2025 GMT
        Subject: CN=183f8d560518d73f0536764daa2f51d0aad45032
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:08:03:b2:0a:58:34:8f:bc:90:4d:7e:10:60:
                    f7:41:0b:63:8f:71:ec:96:c6:80:98:ad:c3:05:d4:
                    26:4a:63:75:02:22:ca:64:9d:4a:1a:7b:54:0a:4d:
                    b2:9a:fd:c7:7d:c9:4e:78:34:46:78:64:58:d8:15:
                    8d:42:14:e0:36:08:58:01:30:b3:9a:8d:cf:91:ac:
                    84:c4:16:9e:f7:a5:3a:22:ec:f8:22:8f:f2:18:93:
                    e9:b0:cd:43:37:f6:4f:61:59:13:f7:30:bd:6f:e4:
                    ea:67:df:d4:86:84:77:e8:9f:bd:89:cc:af:60:68:
                    ad:1c:b6:3b:42:c4:ec:bb:65:07:32:20:bb:ae:05:
                    fa:a8:b2:16:26:ae:63:f3:da:b9:66:6e:e1:96:23:
                    16:57:1d:b2:e5:f8:5d:74:a5:84:2e:6c:3b:02:22:
                    78:01:99:0d:02:7e:56:7d:30:1f:07:d2:0e:8f:62:
                    f4:ef:f8:4e:ce:4a:5d:7d:f7:89:95:b6:d4:49:06:
                    74:c5:c0:12:1c:6f:1c:fe:e3:9b:18:8d:20:a9:c3:
                    af:d7:40:18:81:44:e5:20:21:fb:af:1b:7d:d7:c9:
                    16:ad:89:64:68:29:ce:1c:29:66:8e:a5:e6:57:5f:
                    81:c2:19:84:fc:5f:5f:51:1d:f8:e5:74:84:c6:0d:
                    0d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:3F:8D:56:05:18:D7:3F:05:36:76:4D:AA:2F:51:D0:AA:D4:50:32
            X509v3 Authority Key Identifier:
                keyid:97:C3:A2:5D:48:BF:81:E9:37:1B:7B:0E:B8:68:D5:DA:2D:AB:91:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8OiXUi_gek3G3sOuGjV2i2rkZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/6c992b-bcdd-4203-b524-81a2fc0a0687/1/l8OiXUi_gek3G3sOuGjV2i2rkZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:43:9e:00:a8:b4:38:b4:21:df:e9:ec:d3:2c:1b:68:b4:e7:
         cc:44:c6:47:38:60:21:ef:15:0f:d6:6b:ef:66:da:ff:ed:f5:
         f4:3c:5c:c8:2d:1c:a0:51:9b:79:6b:68:cd:f5:33:12:9c:10:
         1c:23:41:85:90:a3:cc:30:00:ed:0a:91:3b:25:d4:84:c6:e0:
         30:2d:c1:51:e0:02:fc:83:03:80:4b:45:51:67:fa:0c:87:b0:
         fa:99:b2:58:c1:0d:d5:72:a9:68:2e:19:ca:6f:ec:4d:27:4c:
         71:8e:0d:15:ad:eb:30:da:7d:b9:55:5a:11:c6:ef:93:6d:cd:
         bf:e0:7e:b3:07:5c:94:07:f9:f0:8b:37:32:55:02:58:b9:62:
         c5:b6:17:c8:91:a7:53:5d:a5:43:1a:ea:84:56:81:46:1d:4e:
         e1:72:0a:d8:c0:d0:fe:a0:57:ba:f4:f8:c9:c7:af:ca:e7:46:
         06:3f:ad:2e:6c:fd:4b:bc:86:b8:73:1b:d1:c5:13:0e:00:2c:
         cf:44:2d:96:9b:6e:59:b8:7e:32:cd:d8:34:0a:db:52:70:7f:
         b4:59:68:4b:5b:0f:4d:4f:43:04:4b:fd:38:c9:52:ee:b5:64:
         a5:b6:01:12:f2:e9:2f:68:49:a4:2a:66:68:f8:58:ad:10:47:
         b5:0e:c9:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEFBZ76BOYA576ZB69+wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YzNhMjVkNDhiZjgxZTkzNzFiN2IwZWI4NjhkNWRhMmRh
YjkxOTUwHhcNMjUwMjE3MDQwMDEzWhcNMjUwMjE4MDQwMDEzWjAzMTEwLwYDVQQD
EygxODNmOGQ1NjA1MThkNzNmMDUzNjc2NGRhYTJmNTFkMGFhZDQ1MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQgDsgpYNI+8kE1+EGD3QQtjj3Hs
lsaAmK3DBdQmSmN1AiLKZJ1KGntUCk2ymv3HfclOeDRGeGRY2BWNQhTgNghYATCz
mo3PkayExBae96U6Iuz4Io/yGJPpsM1DN/ZPYVkT9zC9b+TqZ9/UhoR36J+9icyv
YGitHLY7QsTsu2UHMiC7rgX6qLIWJq5j89q5Zm7hliMWVx2y5fhddKWELmw7AiJ4
AZkNAn5WfTAfB9IOj2L07/hOzkpdffeJlbbUSQZ0xcASHG8c/uObGI0gqcOv10AY
gUTlICH7rxt918kWrYlkaCnOHClmjqXmV1+BwhmE/F9fUR345XSExg0NjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBg/jVYFGNc/BTZ2TaovUdCq1FAyMB8GA1UdIwQY
MBaAFJfDol1Iv4HpNxt7Drho1dotq5GVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDhPaVhVaV9nZWszRzNzT3VHalYyaTJya1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82Yzk5MmItYmNkZC00MjAzLWI1MjQt
ODFhMmZjMGEwNjg3LzEvbDhPaVhVaV9nZWszRzNzT3VHalYyaTJya1pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82Yzk5MmItYmNkZC00MjAzLWI1MjQtODFhMmZjMGEwNjg3
LzEvbDhPaVhVaV9nZWszRzNzT3VHalYyaTJya1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIkOeAKi0
OLQh3+ns0ywbaLTnzETGRzhgIe8VD9Zr72ba/+319DxcyC0coFGbeWtozfUzEpwQ
HCNBhZCjzDAA7QqROyXUhMbgMC3BUeAC/IMDgEtFUWf6DIew+pmyWMEN1XKpaC4Z
ym/sTSdMcY4NFa3rMNp9uVVaEcbvk23Nv+B+swdclAf58Is3MlUCWLlixbYXyJGn
U12lQxrqhFaBRh1O4XIK2MDQ/qBXuvT4ycevyudGBj+tLmz9S7yGuHMb0cUTDgAs
z0QtlptuWbh+Ms3YNArbUnB/tFloS1sPTU9DBEv9OMlS7rVkpbYBEvLpL2hJpCpm
aPhYrRBHtQ7JJA==
-----END CERTIFICATE-----