Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          Jta68ZTBA/DZr61XkEPXukLQmYyYj0JTbkGnif4liLQ=
Subject key identifier:   B8:35:F4:1C:34:18:A4:5E:5D:A5:F5:2C:9E:38:9C:EA:69:59:07:D2
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0193568A7B3CE156A8B17BE0A07789F93C47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0CA2
Signing time:             Sat 23 Nov 2024 01:02:16 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:16 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:16 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: bYM4wPobLBrVu0fxc+6JU6irKc6JpNGMbYeXcTJg2TY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:7b:3c:e1:56:a8:b1:7b:e0:a0:77:89:f9:3c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Nov 23 01:02:16 2024 GMT
            Not After : Nov 24 01:02:16 2024 GMT
        Subject: CN=b835f41c3418a45e5da5f52c9e389cea695907d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d5:de:67:af:45:d7:eb:f0:5c:fd:cc:01:bb:
                    18:86:b9:ab:cf:cb:ea:8a:6b:38:e4:39:6e:8d:82:
                    ba:39:44:9b:27:38:92:77:22:66:65:5c:36:99:00:
                    3d:90:e6:81:9e:bd:78:2a:9b:bb:23:ae:d9:27:6b:
                    a2:b4:d9:d9:1e:0c:9f:ad:55:dc:0c:9f:72:d7:d1:
                    8e:0e:e7:ef:f1:1b:b4:72:8e:4a:49:2f:cc:d2:28:
                    e6:66:4a:42:e7:42:73:54:6d:9b:a2:cd:d3:04:19:
                    38:d7:f5:d8:5b:11:c3:a0:ba:13:ab:4c:69:c9:d4:
                    2b:0f:ac:34:63:f0:9a:7e:78:0e:3e:fd:a7:d5:67:
                    a7:9b:d7:29:51:c7:db:50:28:a4:b6:7d:fd:75:ce:
                    0c:93:90:64:90:a7:d1:49:d7:18:6f:d3:c5:7d:c6:
                    eb:10:d3:5e:8c:d8:77:37:95:7f:9d:29:98:20:65:
                    e6:30:22:7c:ed:70:fa:fc:f2:77:6e:43:54:40:55:
                    93:8a:54:db:ac:43:ff:0a:13:b2:da:43:4f:a4:7c:
                    32:ad:59:cb:f1:92:d4:01:30:37:4b:3d:4d:a5:58:
                    20:b6:ac:9a:f3:af:c1:c9:ca:14:29:5a:aa:92:00:
                    16:f6:25:71:61:5a:da:24:dc:58:ef:1e:20:2c:3c:
                    ab:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:35:F4:1C:34:18:A4:5E:5D:A5:F5:2C:9E:38:9C:EA:69:59:07:D2
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:7b:f8:13:85:22:e0:eb:07:f9:a1:dd:1f:29:d3:75:44:f0:
         c3:a9:32:b8:d8:95:4c:38:ab:43:9e:89:24:eb:a4:c3:e2:fc:
         de:05:f0:e1:20:a1:f7:df:38:59:57:f2:cf:82:6e:1f:06:a3:
         51:8a:b8:33:3f:31:a0:c2:e0:f7:c0:4e:14:6f:38:cf:9c:c1:
         0f:2c:35:41:a9:d7:34:54:21:52:06:db:fc:f8:7a:d1:8b:24:
         98:69:32:f4:f0:2b:ca:8c:55:11:0e:4d:e2:ab:6a:d1:9a:b1:
         f2:7b:b1:ad:ea:6c:a0:46:5d:81:76:6b:93:a2:c9:dc:a3:3e:
         49:f0:d3:ac:b1:de:b3:88:bc:6f:bc:af:05:16:78:e2:4e:59:
         75:67:e4:b9:56:05:55:cb:23:a1:64:8a:c2:36:ac:49:e5:60:
         29:4d:4d:35:62:8d:12:aa:bf:62:4e:db:70:b8:7a:a1:43:71:
         f4:85:30:f6:72:76:e9:ca:91:0c:78:1b:79:5f:6c:db:30:fa:
         69:80:37:e3:2d:e3:4a:f2:fc:77:68:99:71:f7:9b:aa:fd:65:
         c7:fb:39:b0:a5:71:91:6a:a8:e5:c3:0b:26:83:82:ea:c2:1c:
         dc:ed:27:27:a7:85:d8:66:37:56:1c:bd:66:72:b2:2c:0d:a6:
         95:64:ad:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWins84VaosXvgoHeJ+TxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjQxMTIzMDEwMjE2WhcNMjQxMTI0MDEwMjE2WjAzMTEwLwYDVQQD
EyhiODM1ZjQxYzM0MThhNDVlNWRhNWY1MmM5ZTM4OWNlYTY5NTkwN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNXeZ69F1+vwXP3MAbsYhrmrz8vq
ims45DlujYK6OUSbJziSdyJmZVw2mQA9kOaBnr14Kpu7I67ZJ2uitNnZHgyfrVXc
DJ9y19GODufv8Ru0co5KSS/M0ijmZkpC50JzVG2bos3TBBk41/XYWxHDoLoTq0xp
ydQrD6w0Y/CafngOPv2n1Wenm9cpUcfbUCiktn39dc4Mk5BkkKfRSdcYb9PFfcbr
ENNejNh3N5V/nSmYIGXmMCJ87XD6/PJ3bkNUQFWTilTbrEP/ChOy2kNPpHwyrVnL
8ZLUATA3Sz1NpVggtqya86/BycoUKVqqkgAW9iVxYVraJNxY7x4gLDyrbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg19Bw0GKReXaX1LJ44nOppWQfSMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXv4E4Ui
4OsH+aHdHynTdUTww6kyuNiVTDirQ56JJOukw+L83gXw4SCh9984WVfyz4JuHwaj
UYq4Mz8xoMLg98BOFG84z5zBDyw1QanXNFQhUgbb/Ph60YskmGky9PAryoxVEQ5N
4qtq0Zqx8nuxrepsoEZdgXZrk6LJ3KM+SfDTrLHes4i8b7yvBRZ44k5ZdWfkuVYF
VcsjoWSKwjasSeVgKU1NNWKNEqq/Yk7bcLh6oUNx9IUw9nJ26cqRDHgbeV9s2zD6
aYA34y3jSvL8d2iZcfebqv1lx/s5sKVxkWqo5cMLJoOC6sIc3O0nJ6eF2GY3Vhy9
ZnKyLA2mlWSt/A==
-----END CERTIFICATE-----