Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          R0bv1UG4y6uZZeYXR1TsEgClbnk5OZNMPe2KaXCWjuI=
Subject key identifier:   BD:81:85:D2:16:8A:C6:C0:BD:03:A0:C6:F7:22:92:D6:2E:46:14:48
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       019357D2D060652FB40DC6026325AAFAF4E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          1002
Signing time:             Sat 23 Nov 2024 07:00:53 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:53 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:53 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: xXOKA9Zubd4kNjC1PvmOo9r8DhbOmU/BtSG5HZP31HI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:d0:60:65:2f:b4:0d:c6:02:63:25:aa:fa:f4:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Nov 23 07:00:53 2024 GMT
            Not After : Nov 24 07:00:53 2024 GMT
        Subject: CN=bd8185d2168ac6c0bd03a0c6f72292d62e461448
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f6:a0:b5:c2:b6:7c:b4:0e:6f:19:fa:b2:57:
                    49:cd:00:36:17:ad:a7:92:ac:77:e5:b8:dc:6c:99:
                    fc:e2:d6:cf:2e:24:7e:05:5a:75:77:94:7c:56:ae:
                    34:fc:01:a3:28:d4:13:de:6b:3a:d8:23:59:e4:29:
                    7d:b3:f7:57:a2:da:be:27:20:04:16:a4:9a:4e:e2:
                    13:fa:5c:43:cb:2b:df:00:5d:56:db:51:42:1d:ea:
                    d7:06:e0:fe:15:cf:83:d7:70:58:92:7d:fe:0a:65:
                    89:2a:7b:3a:8a:ef:db:49:b6:3d:38:7f:71:c2:4d:
                    e4:33:cd:41:d4:bc:14:19:21:5f:2d:e5:2d:1f:25:
                    9e:dc:36:0d:2f:ab:c4:f2:43:5e:1b:f6:74:07:68:
                    a5:52:0b:2b:45:83:38:e0:c8:8b:d8:dc:61:aa:f2:
                    f7:d6:b0:2d:03:76:56:b8:77:e0:d8:8e:54:e3:3a:
                    ed:dc:e9:21:02:e2:ae:bf:30:51:b7:88:71:53:f6:
                    00:1e:84:58:61:d8:3d:6e:23:73:8d:a7:4a:31:6c:
                    a1:01:2c:93:74:04:8a:8a:7b:df:e1:16:9e:59:b8:
                    ef:c6:73:55:43:7e:9c:05:aa:87:d8:3c:f9:bf:d2:
                    8f:1f:3d:89:56:d7:d7:56:85:da:b1:ad:3b:4b:da:
                    a3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:81:85:D2:16:8A:C6:C0:BD:03:A0:C6:F7:22:92:D6:2E:46:14:48
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:df:99:45:4f:07:8d:d9:73:14:d0:49:c0:5c:18:1e:da:4c:
         a0:18:9f:9d:3f:74:23:45:f5:21:9c:a9:09:bb:be:0b:ae:f1:
         1c:8f:3f:54:d9:7f:1b:47:e0:3c:c7:e3:2a:d4:10:8d:77:9e:
         b3:51:c5:77:c8:ab:dc:4f:6f:1b:d5:e3:8f:fc:8a:0f:20:57:
         2d:a0:5f:06:04:7e:d0:83:4d:70:30:dd:72:ee:2a:37:c6:af:
         30:96:d7:b8:8a:d8:dc:39:af:60:4c:4b:7b:ee:54:62:bd:d6:
         c5:43:ba:ec:34:60:0d:2e:4c:21:64:c2:cd:84:8c:22:1a:c2:
         33:a8:a8:22:62:c5:7c:43:2f:cc:b1:db:75:50:71:ac:f5:51:
         e8:6f:f4:df:56:df:52:87:8c:53:ff:1d:6b:d1:a8:68:6e:b0:
         e7:98:68:a8:6c:0f:8a:91:5d:96:d7:a3:e8:bc:ab:9a:6b:bd:
         50:8c:a3:e3:e4:a0:71:69:e2:09:3d:d2:a1:12:d6:49:54:5b:
         4a:65:16:3d:41:40:4c:1a:b8:af:76:14:6e:62:f4:db:b7:6d:
         6e:6f:28:fd:b0:ef:f1:ce:53:cf:95:3c:a4:5c:b4:6a:4b:e0:
         6b:8a:28:a9:09:d4:b9:a0:cc:88:62:6e:42:fd:20:53:a7:1a:
         0f:05:0f:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0tBgZS+0DcYCYyWq+vTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjQxMTIzMDcwMDUzWhcNMjQxMTI0MDcwMDUzWjAzMTEwLwYDVQQD
EyhiZDgxODVkMjE2OGFjNmMwYmQwM2EwYzZmNzIyOTJkNjJlNDYxNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPagtcK2fLQObxn6sldJzQA2F62n
kqx35bjcbJn84tbPLiR+BVp1d5R8Vq40/AGjKNQT3ms62CNZ5Cl9s/dXotq+JyAE
FqSaTuIT+lxDyyvfAF1W21FCHerXBuD+Fc+D13BYkn3+CmWJKns6iu/bSbY9OH9x
wk3kM81B1LwUGSFfLeUtHyWe3DYNL6vE8kNeG/Z0B2ilUgsrRYM44MiL2NxhqvL3
1rAtA3ZWuHfg2I5U4zrt3OkhAuKuvzBRt4hxU/YAHoRYYdg9biNzjadKMWyhASyT
dASKinvf4RaeWbjvxnNVQ36cBaqH2Dz5v9KPHz2JVtfXVoXasa07S9qjqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2BhdIWisbAvQOgxvciktYuRhRIMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9+ZRU8H
jdlzFNBJwFwYHtpMoBifnT90I0X1IZypCbu+C67xHI8/VNl/G0fgPMfjKtQQjXee
s1HFd8ir3E9vG9Xjj/yKDyBXLaBfBgR+0INNcDDdcu4qN8avMJbXuIrY3DmvYExL
e+5UYr3WxUO67DRgDS5MIWTCzYSMIhrCM6ioImLFfEMvzLHbdVBxrPVR6G/031bf
UoeMU/8da9GoaG6w55hoqGwPipFdltej6Lyrmmu9UIyj4+SgcWniCT3SoRLWSVRb
SmUWPUFATBq4r3YUbmL027dtbm8o/bDv8c5Tz5U8pFy0akvga4ooqQnUuaDMiGJu
Qv0gU6caDwUPbQ==
-----END CERTIFICATE-----