Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.mft
File:                     hZfW68haW48W_Ofl922HOGnUPoE.mft (raw, json)
Hash identifier:          HSKzYk5YYFOcTq5OIVagiLFlBU85560A7nMDwNouvhI=
Subject key identifier:   A5:D7:5F:2E:0C:D0:68:02:9B:34:C8:67:FB:37:83:C1:29:D1:CD:91
Authority key identifier: 85:97:D6:EB:C8:5A:5B:8F:16:FC:E7:E5:F7:6D:87:38:69:D4:3E:81
Certificate issuer:       /CN=8597d6ebc85a5b8f16fce7e5f76d873869d43e81
Certificate serial:       01901DEB929877077E86FD08793B81C9CAA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hZfW68haW48W_Ofl922HOGnUPoE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.mft
Manifest number:          05A5
Signing time:             Sat 15 Jun 2024 22:01:35 +0000
Manifest this update:     Sat 15 Jun 2024 22:01:35 +0000
Manifest next update:     Sun 16 Jun 2024 22:01:35 +0000
Files and hashes:         1: hZfW68haW48W_Ofl922HOGnUPoE.crl (hash: xIzwB7NFTN3g72l/wyoeKxj5DW0frRCgHXpEbr/FjgI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hZfW68haW48W_Ofl922HOGnUPoE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:eb:92:98:77:07:7e:86:fd:08:79:3b:81:c9:ca:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8597d6ebc85a5b8f16fce7e5f76d873869d43e81
        Validity
            Not Before: Jun 15 22:01:35 2024 GMT
            Not After : Jun 16 22:01:35 2024 GMT
        Subject: CN=a5d75f2e0cd068029b34c867fb3783c129d1cd91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:04:94:57:48:c2:f3:6d:25:76:af:e3:44:32:
                    1a:75:4d:da:e6:95:79:97:59:a5:2f:b5:61:35:b6:
                    91:42:41:9e:89:20:73:38:5c:94:97:fe:4c:19:26:
                    87:27:55:13:bf:95:d5:5c:29:82:37:6d:fb:0a:d2:
                    1c:d6:3e:e3:d8:69:b2:39:32:13:da:59:7d:b9:b9:
                    f1:75:21:b3:b9:e5:dc:2e:79:2a:47:e5:c5:b7:c5:
                    b3:43:d3:38:49:2b:b9:8d:b8:de:12:17:f6:f7:a3:
                    3c:30:1b:ab:ef:a7:27:44:9e:36:52:a2:5a:42:04:
                    9c:0f:20:8c:22:3a:35:cb:62:55:55:0e:14:3d:67:
                    47:38:5d:95:37:84:4c:ae:6e:86:dd:a1:30:27:da:
                    51:da:8d:68:f5:e8:5f:76:38:85:d4:5a:b4:01:08:
                    9d:2a:80:c0:f4:51:30:8c:f4:cc:3a:3b:5d:fb:c9:
                    53:4c:b8:ed:96:f2:2d:c1:7f:f3:83:a0:4c:8d:6e:
                    87:49:d7:7d:d3:06:d3:99:2a:3c:27:c8:c5:70:64:
                    0f:af:82:6f:66:12:0b:62:08:20:0d:7c:72:1f:cb:
                    9c:38:2a:e8:e0:41:f8:14:77:44:ef:db:44:7a:c3:
                    09:36:83:09:f0:c7:58:33:b5:2f:c7:00:73:d6:b6:
                    50:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D7:5F:2E:0C:D0:68:02:9B:34:C8:67:FB:37:83:C1:29:D1:CD:91
            X509v3 Authority Key Identifier:
                keyid:85:97:D6:EB:C8:5A:5B:8F:16:FC:E7:E5:F7:6D:87:38:69:D4:3E:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZfW68haW48W_Ofl922HOGnUPoE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/dc02bf-02e4-4e85-a76f-72f3a32375bc/1/hZfW68haW48W_Ofl922HOGnUPoE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:2f:2a:1c:ca:59:f8:8c:a1:4e:f7:64:80:e6:da:37:07:fd:
         cf:f0:be:c6:9c:4a:f3:27:c8:5a:5d:c9:3a:79:a4:09:96:e9:
         81:56:fd:6d:90:fe:c8:38:30:ea:b1:cd:0f:38:6c:0b:84:b2:
         47:40:de:7f:9a:55:79:d8:0c:1a:42:0d:a3:07:a6:20:79:c5:
         ee:03:a4:d6:cd:f4:02:06:41:69:ed:31:31:ca:eb:27:39:11:
         15:d5:e7:70:63:46:3e:b0:7f:ad:dc:8e:60:ea:9b:34:3f:3e:
         11:4f:fe:bd:e9:9a:e8:74:44:57:16:c6:d8:96:c4:8d:01:68:
         f7:4b:fd:f2:1d:68:99:0b:92:65:77:81:07:85:e1:51:57:9d:
         e4:58:3e:25:b8:93:e8:67:40:5d:57:e5:d9:b4:7c:a0:18:8b:
         66:db:38:c8:52:26:37:c9:d6:73:07:4b:18:06:d3:c3:65:3f:
         59:d0:6d:ad:57:0c:d6:34:b5:dc:b1:81:98:89:7e:84:9b:00:
         53:e8:9f:41:68:87:f6:d7:1f:94:97:d0:25:78:1b:c5:82:b2:
         14:b8:f7:46:db:f9:14:1d:8e:31:fa:96:03:26:c9:9e:fc:db:
         9c:fe:5a:13:a2:20:70:ce:01:b8:0d:d2:14:0d:12:e6:48:56:
         7e:2b:60:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd65KYdwd+hv0IeTuBycqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTdkNmViYzg1YTViOGYxNmZjZTdlNWY3NmQ4NzM4Njlk
NDNlODEwHhcNMjQwNjE1MjIwMTM1WhcNMjQwNjE2MjIwMTM1WjAzMTEwLwYDVQQD
EyhhNWQ3NWYyZTBjZDA2ODAyOWIzNGM4NjdmYjM3ODNjMTI5ZDFjZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQSUV0jC820ldq/jRDIadU3a5pV5
l1mlL7VhNbaRQkGeiSBzOFyUl/5MGSaHJ1UTv5XVXCmCN237CtIc1j7j2GmyOTIT
2ll9ubnxdSGzueXcLnkqR+XFt8WzQ9M4SSu5jbjeEhf296M8MBur76cnRJ42UqJa
QgScDyCMIjo1y2JVVQ4UPWdHOF2VN4RMrm6G3aEwJ9pR2o1o9ehfdjiF1Fq0AQid
KoDA9FEwjPTMOjtd+8lTTLjtlvItwX/zg6BMjW6HSdd90wbTmSo8J8jFcGQPr4Jv
ZhILYgggDXxyH8ucOCro4EH4FHdE79tEesMJNoMJ8MdYM7UvxwBz1rZQewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXXXy4M0GgCmzTIZ/s3g8Ep0c2RMB8GA1UdIwQY
MBaAFIWX1uvIWluPFvzn5fdthzhp1D6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpmVzY4aGFXNDhXX09mbDkyMkhPR25VUG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYzAyYmYtMDJlNC00ZTg1LWE3NmYt
NzJmM2EzMjM3NWJjLzEvaFpmVzY4aGFXNDhXX09mbDkyMkhPR25VUG9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYzAyYmYtMDJlNC00ZTg1LWE3NmYtNzJmM2EzMjM3NWJj
LzEvaFpmVzY4aGFXNDhXX09mbDkyMkhPR25VUG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARC8qHMpZ
+IyhTvdkgObaNwf9z/C+xpxK8yfIWl3JOnmkCZbpgVb9bZD+yDgw6rHNDzhsC4Sy
R0Def5pVedgMGkINowemIHnF7gOk1s30AgZBae0xMcrrJzkRFdXncGNGPrB/rdyO
YOqbND8+EU/+vema6HREVxbG2JbEjQFo90v98h1omQuSZXeBB4XhUVed5Fg+JbiT
6GdAXVfl2bR8oBiLZts4yFImN8nWcwdLGAbTw2U/WdBtrVcM1jS13LGBmIl+hJsA
U+ifQWiH9tcflJfQJXgbxYKyFLj3Rtv5FB2OMfqWAybJnvzbnP5aE6IgcM4BuA3S
FA0S5khWfitgEQ==
-----END CERTIFICATE-----