Manifest

$ rpki-client -vvf rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.mft
File:                     54D437D91283DD46E66C6D998B68CFE98587AEA1.mft (raw, json)
Hash identifier:          COPdQn/iUT2VXC2Yw2Leiv18kUGb4wQ5rAov56zibpI=
Subject key identifier:   77:DA:FA:6F:C2:DB:C0:E9:57:0D:74:20:E0:D4:23:EE:5C:11:DE:9D
Authority key identifier: 54:D4:37:D9:12:83:DD:46:E6:6C:6D:99:8B:68:CF:E9:85:87:AE:A1
Certificate issuer:       /CN=54d437d91283dd46e66c6d998b68cfe98587aea1
Certificate serial:       09241C77CF320DA8126D3201D92B0FC69DA9B762
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VNQ32RKD3UbmbG2Zi2jP6YWHrqE.cer
Subject info access:      rsync://rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.mft
Manifest number:          032E
Signing time:             Fri 22 Nov 2024 19:11:22 +0000
Manifest this update:     Fri 22 Nov 2024 19:06:22 +0000
Manifest next update:     Sat 23 Nov 2024 22:20:22 +0000
Files and hashes:         1: AS200879.asa (hash: ON5j2SuEO8h1s8+zjNe1NX1C1K5eU37tI+bEHt2kZHc=)
                          2: 54D437D91283DD46E66C6D998B68CFE98587AEA1.crl (hash: IM5+IUuUWmTFC4X0tWno+loC7WSk60sJeEkkhOsV/yM=)

Validation:               OK
Signature path:           rsync://rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.crl
                          rsync://rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VNQ32RKD3UbmbG2Zi2jP6YWHrqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:24:1c:77:cf:32:0d:a8:12:6d:32:01:d9:2b:0f:c6:9d:a9:b7:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54d437d91283dd46e66c6d998b68cfe98587aea1
        Validity
            Not Before: Nov 22 19:06:22 2024 GMT
            Not After : Nov 23 22:20:22 2024 GMT
        Subject: CN=77DAFA6FC2DBC0E9570D7420E0D423EE5C11DE9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c2:ea:a6:b4:75:30:d0:85:b6:20:e1:7a:08:
                    f9:79:c5:52:27:1e:04:7b:77:2f:f1:3a:26:7f:7d:
                    61:c9:31:2f:b3:2f:03:8e:a1:6a:ef:1a:4b:75:34:
                    9d:f5:df:07:95:aa:48:cf:03:c1:59:3f:d3:fe:27:
                    01:d0:a7:92:1d:12:3e:bb:8a:e7:75:7a:07:6f:67:
                    06:ea:c9:8e:76:d1:aa:f4:8b:2d:42:86:92:10:3a:
                    4e:c5:64:bc:b7:86:3d:7c:8e:98:d5:ff:00:93:27:
                    67:67:8f:b4:2f:9a:b4:28:51:e0:ec:5b:ad:39:32:
                    74:58:0f:4e:70:31:e4:1d:4a:f0:9c:19:61:c8:74:
                    74:47:1d:76:c9:b4:70:38:f7:b8:7f:aa:19:e0:53:
                    70:80:30:88:89:bb:02:af:d1:0e:69:45:60:c3:fd:
                    bf:4b:ff:d0:ad:8c:ac:cb:a6:22:b8:e9:76:eb:7e:
                    fc:ac:1e:1d:58:bd:15:9e:2f:33:82:6c:a3:1c:d8:
                    66:a0:93:ff:75:3e:4d:ed:a4:48:78:1b:7e:f2:e2:
                    08:ed:1e:97:9a:f7:6c:6f:46:9f:20:f6:76:6a:a1:
                    ae:5d:40:bf:e3:1c:cc:78:f6:cb:83:3b:00:01:81:
                    10:04:96:29:3c:4a:f3:8e:66:1f:76:80:6b:2a:9f:
                    58:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:DA:FA:6F:C2:DB:C0:E9:57:0D:74:20:E0:D4:23:EE:5C:11:DE:9D
            X509v3 Authority Key Identifier:
                keyid:54:D4:37:D9:12:83:DD:46:E6:6C:6D:99:8B:68:CF:E9:85:87:AE:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNQ32RKD3UbmbG2Zi2jP6YWHrqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/John/0/54D437D91283DD46E66C6D998B68CFE98587AEA1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:0c:c6:ce:7a:52:96:1c:fe:3b:37:5b:3c:b2:0f:7b:e5:2f:
         63:b2:c5:ed:60:b6:d0:a1:4d:f5:a1:aa:92:83:c9:92:9a:d2:
         45:b9:48:3b:56:50:00:12:95:a2:59:05:96:57:1a:b2:b3:be:
         d3:55:04:21:27:8c:37:50:f3:a9:1c:f6:ff:c7:5c:3e:7a:97:
         55:91:d4:a5:e0:58:1f:43:d6:75:b5:b5:fd:39:58:4d:ae:e1:
         74:fb:e4:98:0d:72:20:ec:3c:d5:78:8b:cb:7c:ae:5f:f8:9b:
         89:0b:82:cc:86:98:70:36:a8:49:f5:63:1e:10:c8:fe:82:d4:
         f7:15:0a:11:cb:31:ab:f7:09:ef:56:0d:82:6f:9f:e2:84:c8:
         00:c2:51:04:52:42:01:c3:71:93:b8:2d:fd:9b:82:08:52:b0:
         19:41:16:58:1c:0c:b9:a2:cd:a4:d4:df:4f:4e:08:18:b5:ca:
         3e:61:a4:53:65:84:3b:1b:37:fb:e9:cc:f6:10:1c:10:6a:49:
         f4:9b:d3:54:33:56:ca:7d:a0:99:ac:91:b5:11:12:f0:d2:dc:
         e2:13:89:11:aa:89:51:fd:2e:fc:d4:99:ea:b2:8a:ea:71:0f:
         52:2d:65:1e:df:ba:72:b2:9d:a3:71:31:64:65:8d:6d:e6:58:
         4c:fb:cc:60
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUCSQcd88yDagSbTIB2SsPxp2pt2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTRkNDM3ZDkxMjgzZGQ0NmU2NmM2ZDk5OGI2OGNmZTk4
NTg3YWVhMTAeFw0yNDExMjIxOTA2MjJaFw0yNDExMjMyMjIwMjJaMDMxMTAvBgNV
BAMTKDc3REFGQTZGQzJEQkMwRTk1NzBENzQyMEUwRDQyM0VFNUMxMURFOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4wuqmtHUw0IW2IOF6CPl5xVIn
HgR7dy/xOiZ/fWHJMS+zLwOOoWrvGkt1NJ313weVqkjPA8FZP9P+JwHQp5IdEj67
iud1egdvZwbqyY520ar0iy1ChpIQOk7FZLy3hj18jpjV/wCTJ2dnj7QvmrQoUeDs
W605MnRYD05wMeQdSvCcGWHIdHRHHXbJtHA497h/qhngU3CAMIiJuwKv0Q5pRWDD
/b9L/9CtjKzLpiK46XbrfvysHh1YvRWeLzOCbKMc2Gagk/91Pk3tpEh4G37y4gjt
Hpea92xvRp8g9nZqoa5dQL/jHMx49suDOwABgRAElik8SvOOZh92gGsqn1gTAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUd9r6b8LbwOlXDXQg4NQj7lwR3p0wHwYDVR0j
BBgwFoAUVNQ32RKD3UbmbG2Zi2jP6YWHrqEwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5jby9yZXBvL0pvaG4vMC81NEQ0MzdE
OTEyODNERDQ2RTY2QzZEOTk4QjY4Q0ZFOTg1ODdBRUExLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvVk5RMzJSS0QzVWJtYkcyWmkyalA2WVdIcnFFLmNlcjBkBggr
BgEFBQcBCwRYMFYwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraS5jby9yZXBvL0pv
aG4vMC81NEQ0MzdEOTEyODNERDQ2RTY2QzZEOTk4QjY4Q0ZFOTg1ODdBRUExLm1m
dDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAG
BAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0B
AQsFAAOCAQEAjQzGznpSlhz+OzdbPLIPe+UvY7LF7WC20KFN9aGqkoPJkprSRblI
O1ZQABKVolkFllcasrO+01UEISeMN1DzqRz2/8dcPnqXVZHUpeBYH0PWdbW1/TlY
Ta7hdPvkmA1yIOw81XiLy3yuX/ibiQuCzIaYcDaoSfVjHhDI/oLU9xUKEcsxq/cJ
71YNgm+f4oTIAMJRBFJCAcNxk7gt/ZuCCFKwGUEWWBwMuaLNpNTfT04IGLXKPmGk
U2WEOxs3++nM9hAcEGpJ9JvTVDNWyn2gmayRtRES8NLc4hOJEaqJUf0u/NSZ6rKK
6nEPUi1lHt+6crKdo3ExZGWNbeZYTPvMYA==
-----END CERTIFICATE-----