Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          +tVB9v7aK+LqEJlYTzoqmmVHsjgNlsMERsU+j7CaWq8=
Subject key identifier:   98:8A:6F:24:01:E7:70:AF:11:53:8F:5F:43:BE:B2:14:82:A4:C1:56
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       01901D0EEA9896CA762025FF2637D8C73318
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          0141
Signing time:             Sat 15 Jun 2024 18:00:35 +0000
Manifest this update:     Sat 15 Jun 2024 18:00:35 +0000
Manifest next update:     Sun 16 Jun 2024 18:00:35 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: MrfvZU+58D4/UKVTRHFmD5i+pWXD6gwhlaJZEmKkxsw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:0e:ea:98:96:ca:76:20:25:ff:26:37:d8:c7:33:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Jun 15 18:00:35 2024 GMT
            Not After : Jun 16 18:00:35 2024 GMT
        Subject: CN=988a6f2401e770af11538f5f43beb21482a4c156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:15:9c:f2:ac:65:fd:12:81:76:bd:cc:8a:a4:
                    e2:81:1d:fb:97:d5:85:6b:2d:fd:c7:bc:40:91:1b:
                    ec:16:c2:96:01:cc:81:0c:48:6b:a3:fb:3b:8a:64:
                    b9:1f:1a:36:4b:e1:4a:a5:02:91:92:98:11:82:e8:
                    05:bf:10:ce:5c:8f:de:d2:69:03:f0:5a:c6:49:b5:
                    f0:8c:86:56:ef:4b:03:86:ad:02:88:84:31:b9:92:
                    5d:8f:62:0c:63:16:db:89:d1:58:fc:9f:78:c2:28:
                    65:d5:eb:f8:63:fb:4a:b8:33:fb:41:b0:4e:8b:1c:
                    d7:3e:b2:21:20:27:9d:63:71:e1:ac:75:1a:1f:3a:
                    39:fa:85:74:41:58:a3:15:3f:65:81:54:22:bc:d7:
                    c0:56:c8:f5:17:d8:c6:94:8d:7f:b9:68:89:66:ba:
                    cc:1e:98:df:20:ab:4e:0a:2e:49:26:df:04:09:cf:
                    7c:32:38:90:2e:e7:c9:c6:4d:50:72:c3:14:7c:31:
                    66:1e:67:cd:c4:54:7b:87:6d:26:9d:5b:b5:c4:58:
                    ed:05:40:0e:e3:7d:7f:66:6d:6d:ba:23:6f:68:35:
                    18:1d:96:88:fd:8d:bc:f9:b5:37:d7:b3:9a:f1:8f:
                    cc:bc:18:d9:d3:80:18:36:28:84:2f:4e:08:4c:31:
                    f9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:8A:6F:24:01:E7:70:AF:11:53:8F:5F:43:BE:B2:14:82:A4:C1:56
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:64:19:d9:a7:6e:cf:ec:54:cc:bc:b1:c8:b0:27:07:8f:0d:
         83:d8:72:cb:99:3c:e8:96:78:d1:cc:36:d7:d9:d1:a7:f0:9a:
         7c:61:20:80:2a:33:90:af:ed:7f:d9:7e:13:ab:f8:8e:46:98:
         9b:3f:a2:aa:8e:08:78:ef:a0:42:c3:03:f0:ab:33:41:09:3a:
         e7:01:78:c9:76:b0:8f:33:df:5c:ec:db:33:21:be:70:ef:17:
         77:c2:a8:ee:32:c3:64:89:20:9e:8c:c3:27:52:2c:46:45:e0:
         be:6c:b0:c3:72:1b:59:47:fb:c3:18:bf:e7:fb:a9:10:05:da:
         46:60:d6:e8:f0:13:4a:79:37:f5:aa:e4:00:7b:8a:55:b0:a9:
         c9:ee:b2:15:a1:1c:f6:59:48:fa:d8:9b:cb:11:b5:e7:9f:47:
         92:b9:22:fd:7b:52:4f:db:2c:42:96:42:45:92:0b:7d:b5:a3:
         3e:f4:93:b0:f3:5c:af:bf:ed:42:7d:d1:ae:6f:61:c0:73:5e:
         d4:6d:71:6b:41:e2:c7:6d:7f:78:83:5d:69:ae:12:59:96:23:
         9e:bc:6f:3b:e4:38:8c:4f:d1:fe:26:ee:2d:16:9c:b8:3f:59:
         14:b6:1c:b4:58:d4:fc:e1:1e:25:4e:d6:07:6c:d3:0e:8f:a6:
         dc:42:e4:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdDuqYlsp2ICX/JjfYxzMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjQwNjE1MTgwMDM1WhcNMjQwNjE2MTgwMDM1WjAzMTEwLwYDVQQD
Eyg5ODhhNmYyNDAxZTc3MGFmMTE1MzhmNWY0M2JlYjIxNDgyYTRjMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxWc8qxl/RKBdr3MiqTigR37l9WF
ay39x7xAkRvsFsKWAcyBDEhro/s7imS5Hxo2S+FKpQKRkpgRgugFvxDOXI/e0mkD
8FrGSbXwjIZW70sDhq0CiIQxuZJdj2IMYxbbidFY/J94wihl1ev4Y/tKuDP7QbBO
ixzXPrIhICedY3HhrHUaHzo5+oV0QVijFT9lgVQivNfAVsj1F9jGlI1/uWiJZrrM
HpjfIKtOCi5JJt8ECc98MjiQLufJxk1QcsMUfDFmHmfNxFR7h20mnVu1xFjtBUAO
431/Zm1tuiNvaDUYHZaI/Y28+bU317Oa8Y/MvBjZ04AYNiiEL04ITDH56wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiKbyQB53CvEVOPX0O+shSCpMFWMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKmQZ2adu
z+xUzLyxyLAnB48Ng9hyy5k86JZ40cw219nRp/CafGEggCozkK/tf9l+E6v4jkaY
mz+iqo4IeO+gQsMD8KszQQk65wF4yXawjzPfXOzbMyG+cO8Xd8Ko7jLDZIkgnozD
J1IsRkXgvmyww3IbWUf7wxi/5/upEAXaRmDW6PATSnk39arkAHuKVbCpye6yFaEc
9llI+tibyxG1559Hkrki/XtST9ssQpZCRZILfbWjPvSTsPNcr7/tQn3Rrm9hwHNe
1G1xa0Hix21/eINdaa4SWZYjnrxvO+Q4jE/R/ibuLRacuD9ZFLYctFjU/OEeJU7W
B2zTDo+m3ELkZA==
-----END CERTIFICATE-----