Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          zsmMLBfTP5Spa/Rko/peH21uGhp61FNAlJwAPid1xK4=
Subject key identifier:   23:49:5F:1E:59:3E:F4:6D:FF:46:E2:4F:BE:21:10:26:9A:6B:91:49
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       0194BA845FDC383D845D386A43E3A326767F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0909
Signing time:             Fri 31 Jan 2025 04:00:24 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:24 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:24 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: Ps/pXDX4znVKtxUJZfdBxOGGX0D8yGhM/zEf4pxTHW8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:5f:dc:38:3d:84:5d:38:6a:43:e3:a3:26:76:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Jan 31 04:00:24 2025 GMT
            Not After : Feb  1 04:00:24 2025 GMT
        Subject: CN=23495f1e593ef46dff46e24fbe2110269a6b9149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d6:00:de:e3:fc:6c:c3:8a:d3:6f:8b:f0:07:
                    a2:b5:fd:9c:da:f1:80:40:7f:24:8e:ab:19:1c:df:
                    04:bb:ad:c4:73:85:b5:ec:9f:1c:c9:46:ea:44:5a:
                    0c:59:12:a0:47:fe:a0:7b:b1:51:72:02:46:07:ac:
                    37:2d:60:d2:b6:1d:ad:a1:34:04:e1:09:ca:ab:4a:
                    0a:9a:a1:9e:1a:a3:e6:2e:54:38:75:78:f1:75:84:
                    bd:e3:40:13:56:7c:0f:93:d8:d4:c0:7b:c8:8f:b2:
                    34:86:4f:67:f0:de:08:bd:18:c2:e4:15:3e:0a:c4:
                    97:10:e3:31:f1:34:24:39:59:ed:19:48:38:d5:3b:
                    3a:8f:ad:ca:6a:d1:10:e5:c8:b5:57:8e:68:4c:21:
                    84:b9:b0:fd:12:63:05:39:2d:5f:d4:5f:99:1b:d2:
                    80:e2:0d:a2:58:52:9d:97:ca:09:6a:50:67:3f:70:
                    d9:d8:2f:7d:46:0b:65:58:99:51:65:e4:2b:3c:28:
                    7b:bb:87:ec:d8:4c:12:77:ed:7e:b1:f4:85:8d:b2:
                    16:8f:44:4c:60:3d:c6:f4:22:ba:22:88:04:ea:d2:
                    ba:ac:3c:8f:70:20:5a:1c:2e:86:e0:4d:1c:1e:d2:
                    aa:a0:bb:92:f5:6a:ec:8a:ba:bf:e8:d6:94:b7:20:
                    18:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:49:5F:1E:59:3E:F4:6D:FF:46:E2:4F:BE:21:10:26:9A:6B:91:49
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:b7:ff:cf:93:7d:4c:6a:2e:0c:b6:62:76:3f:ed:81:2a:0d:
         cf:e2:9a:7f:84:48:2d:4d:44:3f:fb:b8:b3:bf:f3:a3:50:1d:
         53:1e:e6:89:6b:2c:83:65:62:15:46:ac:b9:db:38:0e:69:6d:
         c5:70:4a:3f:44:55:7a:46:76:6d:04:14:95:26:5d:95:e0:fc:
         de:4a:ea:40:0a:b1:3a:84:95:76:1f:2b:4e:ef:53:6b:87:3c:
         11:52:25:06:3a:96:7d:3d:c5:dc:89:2e:6a:fa:be:2a:9f:8b:
         9d:56:af:7f:f3:01:7d:c8:06:05:14:84:9e:cf:74:4f:ef:8e:
         0d:ae:25:8a:18:ec:a9:8c:6d:32:56:c7:b7:37:a3:ec:95:97:
         22:89:13:4d:f0:cb:b4:8b:5d:bd:a8:ad:e9:12:c0:65:d7:a0:
         5d:cb:3f:65:1a:a6:7c:8e:8f:a0:5d:88:a1:12:3e:bd:27:52:
         d5:ab:7a:39:f3:1d:a5:51:84:d5:07:89:c2:53:a0:5d:15:1b:
         d7:25:58:56:68:e1:a7:3d:48:d7:9c:5c:ac:82:c9:8f:9f:e6:
         b6:31:6f:6b:b2:e9:db:b4:65:cb:00:48:68:c6:79:ab:42:97:
         64:f0:d7:22:79:cc:5a:ae:81:a5:46:eb:a0:d2:9f:27:fb:bd:
         7d:ea:a6:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hF/cOD2EXThqQ+OjJnZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUwMTMxMDQwMDI0WhcNMjUwMjAxMDQwMDI0WjAzMTEwLwYDVQQD
EygyMzQ5NWYxZTU5M2VmNDZkZmY0NmUyNGZiZTIxMTAyNjlhNmI5MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtYA3uP8bMOK02+L8Aeitf2c2vGA
QH8kjqsZHN8Eu63Ec4W17J8cyUbqRFoMWRKgR/6ge7FRcgJGB6w3LWDSth2toTQE
4QnKq0oKmqGeGqPmLlQ4dXjxdYS940ATVnwPk9jUwHvIj7I0hk9n8N4IvRjC5BU+
CsSXEOMx8TQkOVntGUg41Ts6j63KatEQ5ci1V45oTCGEubD9EmMFOS1f1F+ZG9KA
4g2iWFKdl8oJalBnP3DZ2C99RgtlWJlRZeQrPCh7u4fs2EwSd+1+sfSFjbIWj0RM
YD3G9CK6IogE6tK6rDyPcCBaHC6G4E0cHtKqoLuS9Wrsirq/6NaUtyAYGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNJXx5ZPvRt/0biT74hECaaa5FJMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7f/z5N9
TGouDLZidj/tgSoNz+Kaf4RILU1EP/u4s7/zo1AdUx7miWssg2ViFUasuds4Dmlt
xXBKP0RVekZ2bQQUlSZdleD83krqQAqxOoSVdh8rTu9Ta4c8EVIlBjqWfT3F3Iku
avq+Kp+LnVavf/MBfcgGBRSEns90T++ODa4lihjsqYxtMlbHtzej7JWXIokTTfDL
tItdvait6RLAZdegXcs/ZRqmfI6PoF2IoRI+vSdS1at6OfMdpVGE1QeJwlOgXRUb
1yVYVmjhpz1I15xcrILJj5/mtjFva7Lp27RlywBIaMZ5q0KXZPDXInnMWq6BpUbr
oNKfJ/u9feqm4Q==
-----END CERTIFICATE-----