Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          fw52ghXWDe3tNLrS2CyIa9VHZTrsyohv935QCr+vgng=
Subject key identifier:   DF:51:AD:E4:F6:4F:EE:FE:71:C3:2D:5B:0B:B8:3C:0C:32:8F:B4:CC
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       018F22385B6A3FA9B45955583AC094E6290E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0626
Signing time:             Sun 28 Apr 2024 01:01:09 +0000
Manifest this update:     Sun 28 Apr 2024 01:01:09 +0000
Manifest next update:     Mon 29 Apr 2024 01:01:09 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: K2/1mJwc3V/aEX3vUJCt66Ca3uttXJZSO6RVmdBnUu0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:22:38:5b:6a:3f:a9:b4:59:55:58:3a:c0:94:e6:29:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Apr 28 01:01:09 2024 GMT
            Not After : Apr 29 01:01:09 2024 GMT
        Subject: CN=df51ade4f64feefe71c32d5b0bb83c0c328fb4cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:69:8f:53:3b:84:29:6b:c1:8c:1e:f2:7e:ff:
                    f0:66:26:e1:cb:12:db:17:7e:25:17:b3:5e:c7:03:
                    72:fd:db:98:ba:fc:d3:59:a8:f2:ee:b6:8f:57:18:
                    a7:85:5f:95:38:46:88:78:1c:91:fd:d5:ce:45:9f:
                    ce:a8:56:ef:a9:19:0b:43:56:c9:52:6c:6e:c2:1b:
                    00:f4:a5:e9:43:f3:f6:b6:f8:16:7b:ee:80:7f:e8:
                    b0:28:41:13:e4:95:ec:8f:14:b8:d6:c3:34:43:4e:
                    60:e9:ae:2b:75:2b:03:65:e9:b8:ab:18:aa:5a:e5:
                    22:24:46:b2:54:89:2f:da:ee:72:3b:1b:4b:65:a6:
                    03:85:84:5b:6a:fe:cf:de:51:dc:28:0f:9a:e8:2b:
                    12:83:34:1c:ef:9c:0e:32:59:d2:83:48:a4:7d:7b:
                    82:fd:1c:88:58:03:eb:a3:a3:ab:45:1e:9b:b5:0f:
                    82:6d:b8:db:7a:28:e2:af:87:2e:fd:6e:89:79:c2:
                    87:a3:49:a9:2a:5a:57:08:ee:f7:6b:4f:da:6e:65:
                    58:92:c7:09:7a:65:ce:37:1b:64:96:91:b8:59:5d:
                    76:a5:fd:8e:0f:ca:c1:a2:bb:3e:f1:75:7e:6f:d4:
                    4e:27:38:03:1e:d4:f4:d7:0e:89:2c:34:18:c4:2d:
                    6c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:51:AD:E4:F6:4F:EE:FE:71:C3:2D:5B:0B:B8:3C:0C:32:8F:B4:CC
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:9d:be:3c:b6:64:10:d9:98:49:4b:9d:fd:66:b9:4e:9d:6a:
         a0:dd:79:c3:3b:d2:c7:f8:30:6b:bc:6d:2a:10:41:ea:9d:c1:
         61:bd:ea:99:fd:a5:06:ac:c1:34:8e:76:f1:13:8c:4f:fb:03:
         d5:33:82:0d:4e:0a:95:a7:4d:96:58:59:7f:01:f9:59:85:7e:
         53:3b:46:e4:18:08:57:03:de:10:b5:e6:b7:df:07:3f:e8:ca:
         b8:4c:6d:c5:d3:9a:bd:9b:ba:ec:39:4a:82:53:0b:cf:60:83:
         c1:c8:68:a1:07:f5:db:3c:3e:22:24:89:80:83:da:f3:50:1e:
         61:3f:b5:e9:92:07:6f:a7:d8:c2:36:07:c3:28:bf:e0:58:ef:
         6a:e3:7b:aa:19:32:d8:30:22:b5:a4:78:a8:66:b2:09:b5:4d:
         3e:11:c5:fa:e8:32:08:2d:86:62:e8:14:6e:da:5e:08:af:c4:
         64:19:99:20:d2:44:75:df:02:a8:b6:4b:65:d2:6f:d6:bb:ac:
         29:80:53:3c:e7:25:09:22:dc:64:fe:e5:18:a2:68:50:cb:4a:
         b2:1e:17:b2:2a:1f:bf:56:42:ab:7d:46:fe:f0:86:36:bb:59:
         9e:aa:c0:da:8b:b9:12:46:bb:96:0d:a7:3d:2a:10:99:21:25:
         b9:51:dc:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8iOFtqP6m0WVVYOsCU5ikOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjQwNDI4MDEwMTA5WhcNMjQwNDI5MDEwMTA5WjAzMTEwLwYDVQQD
EyhkZjUxYWRlNGY2NGZlZWZlNzFjMzJkNWIwYmI4M2MwYzMyOGZiNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmmPUzuEKWvBjB7yfv/wZibhyxLb
F34lF7NexwNy/duYuvzTWajy7raPVxinhV+VOEaIeByR/dXORZ/OqFbvqRkLQ1bJ
UmxuwhsA9KXpQ/P2tvgWe+6Af+iwKEET5JXsjxS41sM0Q05g6a4rdSsDZem4qxiq
WuUiJEayVIkv2u5yOxtLZaYDhYRbav7P3lHcKA+a6CsSgzQc75wOMlnSg0ikfXuC
/RyIWAPro6OrRR6btQ+Cbbjbeijir4cu/W6JecKHo0mpKlpXCO73a0/abmVYkscJ
emXONxtklpG4WV12pf2OD8rBors+8XV+b9ROJzgDHtT01w6JLDQYxC1s6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9RreT2T+7+ccMtWwu4PAwyj7TMMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP52+PLZk
ENmYSUud/Wa5Tp1qoN15wzvSx/gwa7xtKhBB6p3BYb3qmf2lBqzBNI528ROMT/sD
1TOCDU4KladNllhZfwH5WYV+UztG5BgIVwPeELXmt98HP+jKuExtxdOavZu67DlK
glMLz2CDwchooQf12zw+IiSJgIPa81AeYT+16ZIHb6fYwjYHwyi/4FjvauN7qhky
2DAitaR4qGayCbVNPhHF+ugyCC2GYugUbtpeCK/EZBmZINJEdd8CqLZLZdJv1rus
KYBTPOclCSLcZP7lGKJoUMtKsh4Xsiofv1ZCq31G/vCGNrtZnqrA2ou5Eka7lg2n
PSoQmSEluVHcXQ==
-----END CERTIFICATE-----