Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
File:                     TzLUClO7YLhnWebsClIHMAtBr3A.mft (raw, json)
Hash identifier:          ceXIa12aD1Af0jTjoX5ABjZTPJDFle9SwqGHZH081Hw=
Subject key identifier:   3B:A0:9E:27:8A:EF:86:B7:5E:15:B2:5E:D3:4B:E1:F0:19:62:19:7A
Authority key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70
Certificate issuer:       /CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
Certificate serial:       0196A08885D05BE09C917F6589F8C1C20D92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
Manifest number:          1523
Signing time:             Mon 05 May 2025 13:00:23 +0000
Manifest this update:     Mon 05 May 2025 13:00:23 +0000
Manifest next update:     Tue 06 May 2025 13:00:23 +0000
Files and hashes:         1: TzLUClO7YLhnWebsClIHMAtBr3A.crl (hash: FTABuXZ5Id9Lp/5qaMWYTTf8YFTPX+mlApu49a9WJXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:88:85:d0:5b:e0:9c:91:7f:65:89:f8:c1:c2:0d:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
        Validity
            Not Before: May  5 13:00:23 2025 GMT
            Not After : May  6 13:00:23 2025 GMT
        Subject: CN=3ba09e278aef86b75e15b25ed34be1f01962197a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a2:3d:50:77:9e:4f:6d:49:d4:c4:9f:11:d1:
                    72:01:0f:39:f5:44:52:4a:66:69:be:66:5e:7c:52:
                    b8:65:fc:46:95:3d:78:93:8f:00:c2:e5:35:e5:cd:
                    80:8c:30:30:f3:a9:ef:22:47:3b:92:dc:10:70:75:
                    23:46:f8:f8:16:1d:d9:07:f8:c8:7f:9b:2f:6e:65:
                    02:b7:55:9b:b4:d7:96:34:6f:e5:99:a1:48:32:b7:
                    70:0f:e9:82:68:ac:14:05:2d:e6:02:52:fc:89:36:
                    8b:b7:00:e4:d8:fe:a2:db:df:7c:15:26:6f:83:67:
                    e5:8b:e0:ed:7e:9f:85:17:47:5c:e1:f9:24:86:1e:
                    28:3c:c0:8b:9a:58:d4:a4:1a:3f:c2:d0:cd:64:a1:
                    10:06:39:13:cc:75:2a:7d:29:09:24:07:83:80:c5:
                    73:a4:b7:8b:c3:1c:08:bc:d5:0b:37:11:46:d2:01:
                    95:37:9f:4b:f9:99:bb:7f:02:96:9f:20:5c:65:dd:
                    a0:bf:38:12:5e:b5:e7:83:91:a5:dd:c7:ac:29:30:
                    ae:59:47:9e:fd:43:f6:88:64:d9:08:65:18:08:22:
                    b0:b8:f2:f5:89:ee:c9:71:70:58:59:97:95:4d:bf:
                    7e:12:43:db:2f:49:b8:3c:89:75:24:f7:25:fa:82:
                    8d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:A0:9E:27:8A:EF:86:B7:5E:15:B2:5E:D3:4B:E1:F0:19:62:19:7A
            X509v3 Authority Key Identifier:
                keyid:4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:20:9a:f2:bb:75:0b:5f:03:ab:5f:8a:0d:5c:df:49:6d:7b:
         cc:9d:41:31:19:d5:98:f4:92:3d:5f:ee:c0:7e:e5:50:d3:54:
         14:24:a4:fe:1f:9a:af:56:b2:da:2d:3b:3c:52:80:77:68:e5:
         68:2f:98:da:d2:7a:77:7f:8b:f6:d5:47:42:c2:6a:8f:50:c7:
         ad:8f:3a:7d:0b:22:f8:7a:b8:7c:13:16:10:1d:e6:a7:30:dd:
         75:26:48:0d:38:2b:e4:b4:65:a7:c3:24:0b:44:fd:d9:e3:79:
         14:f3:80:66:12:08:bb:45:f1:44:97:4c:10:fc:bc:44:dc:da:
         61:3e:60:d2:ed:fc:3e:85:e6:09:ef:d2:7c:ad:29:dd:23:d2:
         5b:9d:26:21:5b:5d:d6:92:54:35:ce:b7:58:a5:7b:0b:37:10:
         3a:90:64:7b:9b:47:e9:2e:4b:08:f7:d3:60:42:34:c3:12:20:
         1d:6a:7d:10:36:f5:24:45:ca:c2:2a:d8:29:a5:63:44:bf:43:
         8a:95:30:0e:13:e8:4e:1d:42:85:59:e8:e9:f1:8a:2f:d6:62:
         5d:e2:24:24:87:c5:4b:82:e7:0b:29:47:91:da:3d:14:dd:2f:
         f8:89:5e:56:3a:49:3f:5d:1e:27:e4:e1:67:28:57:4f:b7:9e:
         d5:20:ad:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiIXQW+CckX9lifjBwg2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzJkNDBhNTNiYjYwYjg2NzU5ZTZlYzBhNTIwNzMwMGI0
MWFmNzAwHhcNMjUwNTA1MTMwMDIzWhcNMjUwNTA2MTMwMDIzWjAzMTEwLwYDVQQD
EygzYmEwOWUyNzhhZWY4NmI3NWUxNWIyNWVkMzRiZTFmMDE5NjIxOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6I9UHeeT21J1MSfEdFyAQ859URS
SmZpvmZefFK4ZfxGlT14k48AwuU15c2AjDAw86nvIkc7ktwQcHUjRvj4Fh3ZB/jI
f5svbmUCt1WbtNeWNG/lmaFIMrdwD+mCaKwUBS3mAlL8iTaLtwDk2P6i2998FSZv
g2fli+Dtfp+FF0dc4fkkhh4oPMCLmljUpBo/wtDNZKEQBjkTzHUqfSkJJAeDgMVz
pLeLwxwIvNULNxFG0gGVN59L+Zm7fwKWnyBcZd2gvzgSXrXng5Gl3cesKTCuWUee
/UP2iGTZCGUYCCKwuPL1ie7JcXBYWZeVTb9+EkPbL0m4PIl1JPcl+oKNPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDugnieK74a3XhWyXtNL4fAZYhl6MB8GA1UdIwQY
MBaAFE8y1ApTu2C4Z1nm7ApSBzALQa9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYt
YzZiZjJmZmI3MjUzLzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYtYzZiZjJmZmI3MjUz
LzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSCa8rt1
C18Dq1+KDVzfSW17zJ1BMRnVmPSSPV/uwH7lUNNUFCSk/h+ar1ay2i07PFKAd2jl
aC+Y2tJ6d3+L9tVHQsJqj1DHrY86fQsi+Hq4fBMWEB3mpzDddSZIDTgr5LRlp8Mk
C0T92eN5FPOAZhIIu0XxRJdMEPy8RNzaYT5g0u38PoXmCe/SfK0p3SPSW50mIVtd
1pJUNc63WKV7CzcQOpBke5tH6S5LCPfTYEI0wxIgHWp9EDb1JEXKwirYKaVjRL9D
ipUwDhPoTh1ChVno6fGKL9ZiXeIkJIfFS4LnCylHkdo9FN0v+IleVjpJP10eJ+Th
ZyhXT7ee1SCtgA==
-----END CERTIFICATE-----