Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          3q1Pu4dzvg49AjnqhMrlBkp+a4EAgtrjyoN7an/b8hY=
Subject key identifier:   41:30:0F:F0:86:CC:F6:0E:7F:C5:E5:7D:71:35:5C:1A:72:57:44:F4
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       019405D7EEC71E9CADED6CC99C473C65A07A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          52
Signing time:             Fri 27 Dec 2024 02:00:24 +0000
Manifest this update:     Fri 27 Dec 2024 02:00:24 +0000
Manifest next update:     Sat 28 Dec 2024 02:00:24 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: nz3ZJbquHUZxJK5uhlbXRCAtz3cpEc3uI9iUqFnw43w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:d7:ee:c7:1e:9c:ad:ed:6c:c9:9c:47:3c:65:a0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Dec 27 02:00:24 2024 GMT
            Not After : Dec 28 02:00:24 2024 GMT
        Subject: CN=41300ff086ccf60e7fc5e57d71355c1a725744f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:15:85:42:c1:01:2d:9a:c8:5b:16:ce:1c:f2:
                    73:9c:d5:9d:49:08:b5:9d:27:ae:08:82:85:ca:36:
                    9b:8e:c0:b1:b4:14:1b:53:ac:37:e5:86:b9:a1:bc:
                    72:8b:c7:43:89:c1:32:6c:e7:3b:db:2f:15:28:f4:
                    a1:ed:4d:26:e4:41:65:05:0c:13:be:30:52:da:3c:
                    62:91:0d:d5:a8:c0:46:50:bf:0f:a1:ef:b6:75:25:
                    e9:b3:14:38:a7:2d:bb:18:af:54:30:09:f9:02:3f:
                    02:f7:d8:0f:43:b4:54:8b:13:51:90:11:bc:63:09:
                    4e:bd:45:0d:49:63:b3:21:41:2f:b5:a2:a1:42:c0:
                    22:1b:5d:a2:f9:66:f2:2e:69:04:ff:31:c0:0d:4b:
                    5a:61:aa:40:47:22:dd:3a:66:d7:18:5c:80:dd:7f:
                    a4:f2:68:8e:86:ff:d3:ff:56:5d:1f:ba:10:66:4c:
                    29:a8:25:18:9e:5d:ae:57:09:8b:df:99:bd:6a:9c:
                    a5:4c:a2:4e:80:f4:6b:56:ff:b9:df:94:d6:81:0c:
                    6c:3a:c5:4f:83:63:71:8b:09:73:bd:b8:07:6d:0b:
                    66:ab:6d:cd:0f:c2:66:f8:42:b4:35:1a:f9:d8:86:
                    6d:76:7e:c3:22:c1:18:6c:bd:0c:22:20:de:91:1c:
                    24:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:30:0F:F0:86:CC:F6:0E:7F:C5:E5:7D:71:35:5C:1A:72:57:44:F4
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:1e:99:b1:74:f4:a5:67:1e:a7:7f:98:8d:b4:11:4a:53:e4:
         29:8a:6d:db:10:58:3b:71:4f:d5:f0:27:36:e0:30:e8:3e:3b:
         b6:4b:6b:1b:64:69:4e:69:0a:3f:ad:7f:d7:45:dc:16:43:33:
         3f:27:81:be:95:8e:ca:51:0d:1d:7c:74:40:44:78:33:8f:b7:
         24:1a:ef:db:56:c0:1a:8e:48:67:5b:50:cd:73:88:5f:6b:59:
         89:7b:eb:9e:28:ae:b5:ca:3a:a7:a8:6d:57:dd:40:83:9d:dc:
         fc:70:2c:56:e1:04:7f:88:cb:15:ec:58:ae:8c:fb:3c:82:5a:
         74:37:98:06:8f:30:51:a3:62:e2:00:01:61:3c:9c:ec:e0:d6:
         10:bc:98:fe:5a:e9:9e:bc:dc:fe:30:a4:ad:7d:ec:ca:6e:48:
         90:50:44:66:63:33:20:33:ce:b0:5b:8e:41:66:c7:41:32:0f:
         b1:6b:ff:2b:13:df:e8:4d:82:97:78:c1:be:09:f2:10:ad:ad:
         37:1c:7b:ae:e9:23:13:d1:f3:09:c8:f6:f8:9f:d6:f8:9d:7a:
         ee:62:d2:87:76:20:39:a9:21:22:ad:44:48:7c:f2:5c:68:6c:
         2c:ba:96:4c:15:b1:64:71:d6:75:de:ed:3c:3e:5b:af:fe:99:
         e3:d0:8c:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQF1+7HHpyt7WzJnEc8ZaB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjQxMjI3MDIwMDI0WhcNMjQxMjI4MDIwMDI0WjAzMTEwLwYDVQQD
Eyg0MTMwMGZmMDg2Y2NmNjBlN2ZjNWU1N2Q3MTM1NWMxYTcyNTc0NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxWFQsEBLZrIWxbOHPJznNWdSQi1
nSeuCIKFyjabjsCxtBQbU6w35Ya5obxyi8dDicEybOc72y8VKPSh7U0m5EFlBQwT
vjBS2jxikQ3VqMBGUL8Poe+2dSXpsxQ4py27GK9UMAn5Aj8C99gPQ7RUixNRkBG8
YwlOvUUNSWOzIUEvtaKhQsAiG12i+WbyLmkE/zHADUtaYapARyLdOmbXGFyA3X+k
8miOhv/T/1ZdH7oQZkwpqCUYnl2uVwmL35m9apylTKJOgPRrVv+535TWgQxsOsVP
g2NxiwlzvbgHbQtmq23ND8Jm+EK0NRr52IZtdn7DIsEYbL0MIiDekRwkiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEwD/CGzPYOf8XlfXE1XBpyV0T0MB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGh6ZsXT0
pWcep3+YjbQRSlPkKYpt2xBYO3FP1fAnNuAw6D47tktrG2RpTmkKP61/10XcFkMz
PyeBvpWOylENHXx0QER4M4+3JBrv21bAGo5IZ1tQzXOIX2tZiXvrniiutco6p6ht
V91Ag53c/HAsVuEEf4jLFexYroz7PIJadDeYBo8wUaNi4gABYTyc7ODWELyY/lrp
nrzc/jCkrX3sym5IkFBEZmMzIDPOsFuOQWbHQTIPsWv/KxPf6E2Cl3jBvgnyEK2t
Nxx7rukjE9HzCcj2+J/W+J167mLSh3YgOakhIq1ESHzyXGhsLLqWTBWxZHHWdd7t
PD5br/6Z49CMmA==
-----END CERTIFICATE-----