Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          DdADK374my08m+ka19iwH9lOZtypS+OjvFRC2S3CiiA=
Subject key identifier:   38:97:6B:CC:D9:DF:A1:3D:8A:CB:ED:BE:61:40:C8:C4:C7:72:85:29
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       0191F9D9F428C6DCE3E848D035E44C8B9B48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          FE
Signing time:             Mon 16 Sep 2024 08:01:36 +0000
Manifest this update:     Mon 16 Sep 2024 08:01:36 +0000
Manifest next update:     Tue 17 Sep 2024 08:01:36 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: ezCxPbppvGOInJvbgiZJYoxoQytoG0RLU7KiU0WtxvA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 08:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:d9:f4:28:c6:dc:e3:e8:48:d0:35:e4:4c:8b:9b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Sep 16 08:01:36 2024 GMT
            Not After : Sep 17 08:01:36 2024 GMT
        Subject: CN=38976bccd9dfa13d8acbedbe6140c8c4c7728529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:58:c2:5d:cc:c7:8b:fe:64:11:f5:d9:26:d7:
                    99:a3:0a:8f:1d:03:66:92:49:e9:70:dc:59:23:df:
                    bb:89:22:8d:21:6b:14:82:e4:d4:ca:31:9c:53:b7:
                    f6:4e:ab:08:82:cb:8a:b2:b0:91:27:d4:1b:fe:04:
                    94:0f:5e:5d:e4:27:d3:ea:c5:58:4b:bd:1f:dd:b0:
                    da:e0:0c:1c:73:78:ef:8b:82:13:81:41:72:11:e6:
                    8e:09:61:ca:30:58:e6:57:cf:f0:3c:90:b4:a1:a1:
                    90:21:15:3f:f0:5e:67:67:45:a1:1b:e8:c7:8e:89:
                    ba:aa:3c:5e:9e:0b:8e:7a:0a:29:e2:c4:01:3f:9d:
                    73:eb:eb:a3:7d:8f:cf:d5:70:0c:58:b6:2a:f8:45:
                    57:2d:fd:1c:60:80:44:f5:36:1f:f7:2a:c5:88:23:
                    a9:bc:4a:14:e5:69:38:62:97:a4:c6:c9:e0:59:ae:
                    46:7f:dd:59:27:f5:88:cf:0b:02:95:3f:0d:e7:7f:
                    0a:0e:3d:74:5b:b8:1e:9f:d4:2e:e2:29:3e:1f:23:
                    fd:5d:77:f2:06:1b:2f:68:18:d9:0a:b9:64:54:f1:
                    a3:47:43:27:e7:8d:42:21:dc:7f:0b:9b:1c:54:88:
                    f1:a9:b3:e8:4a:92:f7:70:e3:16:b0:fe:94:f5:f7:
                    83:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:97:6B:CC:D9:DF:A1:3D:8A:CB:ED:BE:61:40:C8:C4:C7:72:85:29
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:0e:b7:4e:e8:6d:b6:c5:59:3f:8a:7a:8f:96:91:14:f1:7e:
         00:05:d7:fd:1a:31:93:9d:ea:5a:19:e3:97:d8:c5:1c:16:29:
         8d:06:1b:4f:30:d1:71:62:d0:72:89:71:88:f9:a2:86:92:13:
         42:c1:7b:af:6e:b3:82:50:94:85:8c:1d:41:fd:5c:8a:5b:a6:
         58:42:4d:31:37:75:a4:ed:f1:f3:3d:db:40:1a:f8:9b:b9:21:
         9e:2a:30:a0:78:12:5d:4b:66:cd:ed:25:0f:94:54:8e:b1:66:
         87:ac:83:35:e8:a2:6a:76:03:71:65:37:65:8a:34:2f:6d:13:
         d5:f8:a8:e1:18:cf:86:fc:fa:30:71:7f:81:c6:e5:60:06:24:
         b8:5c:bb:64:2e:07:91:05:91:de:29:52:ef:a0:6a:de:12:9b:
         d7:aa:81:98:0f:c9:8b:f3:bc:6b:6f:25:ea:0a:7d:cb:03:aa:
         aa:51:7e:ea:30:32:a1:72:ff:f7:ff:8e:a3:cc:48:a1:15:f4:
         bf:19:ee:96:ae:89:83:a0:a4:f4:2c:dc:7b:22:4b:6f:fa:fd:
         83:1f:91:e7:9f:33:7d:eb:6a:ea:82:7e:9c:21:f4:c4:1d:56:
         ad:20:26:85:52:35:13:24:66:ba:9f:9a:4c:da:3e:25:97:16:
         4d:c7:68:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH52fQoxtzj6EjQNeRMi5tIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjQwOTE2MDgwMTM2WhcNMjQwOTE3MDgwMTM2WjAzMTEwLwYDVQQD
EygzODk3NmJjY2Q5ZGZhMTNkOGFjYmVkYmU2MTQwYzhjNGM3NzI4NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1jCXczHi/5kEfXZJteZowqPHQNm
kknpcNxZI9+7iSKNIWsUguTUyjGcU7f2TqsIgsuKsrCRJ9Qb/gSUD15d5CfT6sVY
S70f3bDa4Awcc3jvi4ITgUFyEeaOCWHKMFjmV8/wPJC0oaGQIRU/8F5nZ0WhG+jH
jom6qjxenguOegop4sQBP51z6+ujfY/P1XAMWLYq+EVXLf0cYIBE9TYf9yrFiCOp
vEoU5Wk4YpekxsngWa5Gf91ZJ/WIzwsClT8N538KDj10W7gen9Qu4ik+HyP9XXfy
BhsvaBjZCrlkVPGjR0Mn541CIdx/C5scVIjxqbPoSpL3cOMWsP6U9feDbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiXa8zZ36E9isvtvmFAyMTHcoUpMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQ63Tuht
tsVZP4p6j5aRFPF+AAXX/Roxk53qWhnjl9jFHBYpjQYbTzDRcWLQcolxiPmihpIT
QsF7r26zglCUhYwdQf1cilumWEJNMTd1pO3x8z3bQBr4m7khniowoHgSXUtmze0l
D5RUjrFmh6yDNeiianYDcWU3ZYo0L20T1fio4RjPhvz6MHF/gcblYAYkuFy7ZC4H
kQWR3ilS76Bq3hKb16qBmA/Ji/O8a28l6gp9ywOqqlF+6jAyoXL/9/+Oo8xIoRX0
vxnulq6Jg6Ck9CzceyJLb/r9gx+R558zfetq6oJ+nCH0xB1WrSAmhVI1EyRmup+a
TNo+JZcWTcdoHw==
-----END CERTIFICATE-----