Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          HwayVJMDSDzHuwW8Y80K5i9+eu/6oNJKHCDMd1IBiiM=
Subject key identifier:   3F:35:A5:17:41:83:75:47:C1:8F:D3:F3:E8:FE:49:70:F7:01:5C:7C
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       018F8DB8C5D6A3F606C998ED12F48D96BEEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          1178
Signing time:             Sat 18 May 2024 22:00:47 +0000
Manifest this update:     Sat 18 May 2024 22:00:47 +0000
Manifest next update:     Sun 19 May 2024 22:00:47 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: 4crz0ec0+8uFo6aDqtKaAsyNfq5elvwMiRravUD/UXY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 20:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:8d:b8:c5:d6:a3:f6:06:c9:98:ed:12:f4:8d:96:be:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: May 18 22:00:47 2024 GMT
            Not After : May 19 22:00:47 2024 GMT
        Subject: CN=3f35a51741837547c18fd3f3e8fe4970f7015c7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:39:5d:02:29:d1:45:c2:1e:8a:e5:3c:95:dc:
                    21:9d:8b:37:1b:ad:2a:c2:4a:b4:6e:b7:2e:b5:33:
                    3e:a6:ed:95:2e:c4:29:ca:c4:1b:b4:39:28:b1:cf:
                    e7:ce:26:d4:60:b3:15:8c:3a:29:19:da:4e:77:29:
                    bb:b0:36:97:eb:37:b0:fc:7a:a7:0f:6d:07:78:e2:
                    02:41:a1:71:33:a0:3f:41:93:7d:a8:92:21:7c:85:
                    91:10:74:3f:70:0b:e9:15:8a:31:8c:ca:5b:70:db:
                    06:b4:b3:79:e0:a2:67:c2:61:a1:b8:d8:52:87:89:
                    89:9f:b2:87:57:97:03:2c:a5:eb:d7:6a:b2:55:04:
                    e7:65:b0:0f:80:9e:14:bf:e2:1c:65:90:0b:74:a9:
                    ee:0a:1c:73:0f:ab:05:15:73:ed:65:6c:d3:20:a2:
                    12:2b:ab:e3:6f:61:09:87:cb:af:66:b1:ae:09:37:
                    5c:eb:39:5e:fc:86:cf:81:12:d6:33:c3:e7:51:14:
                    05:be:ea:a7:99:f5:53:a0:b5:23:7d:48:12:bf:2c:
                    dc:25:b3:ca:93:49:f5:60:13:3a:32:4c:0f:9d:97:
                    ca:c5:e4:8e:5b:4f:91:4e:51:c8:20:8e:92:27:ea:
                    21:30:a6:3c:d1:3b:bf:a8:99:f3:61:40:13:af:eb:
                    25:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:35:A5:17:41:83:75:47:C1:8F:D3:F3:E8:FE:49:70:F7:01:5C:7C
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:27:3a:64:aa:de:c4:0e:bb:da:20:cf:fe:86:59:8d:ef:0c:
         a0:cc:e2:79:a0:89:f6:09:6f:fa:b1:32:0a:08:9f:d3:ad:c6:
         ee:d5:ed:24:18:52:91:e4:06:b1:7a:ad:6b:b4:af:b9:a1:b2:
         de:48:66:ee:1f:f9:c1:05:d4:01:ed:cc:cb:5f:16:cb:8d:7f:
         05:9d:b9:86:88:56:a6:87:e0:d1:ca:a8:eb:02:a2:d8:c8:4c:
         a3:85:83:43:cf:9c:0a:f4:b3:33:f2:af:a5:71:8f:49:5b:13:
         eb:75:60:96:c2:eb:14:9d:ea:b3:b7:e6:d1:ad:d9:4d:8d:c6:
         f7:0a:00:dc:af:3a:fc:88:9b:30:61:fb:90:4c:5f:1a:bb:08:
         ab:da:d9:20:92:e0:9d:07:76:11:12:35:5d:5f:07:e1:07:cb:
         30:16:fc:e4:32:dd:ed:f7:a4:07:88:3a:cc:b1:e3:2c:37:6b:
         66:e1:85:b8:d4:5c:54:56:74:90:2f:08:b5:16:29:4f:ff:50:
         e7:15:a5:c8:e4:93:14:04:08:67:dd:ba:b7:72:b3:08:6a:0e:
         ba:98:6c:8f:f0:59:99:99:b7:51:1c:89:7b:a2:32:48:d6:8f:
         ce:cf:10:c2:e6:4c:38:39:a3:f1:06:83:40:e6:3f:7c:08:13:
         84:fa:1d:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+NuMXWo/YGyZjtEvSNlr7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjQwNTE4MjIwMDQ3WhcNMjQwNTE5MjIwMDQ3WjAzMTEwLwYDVQQD
EygzZjM1YTUxNzQxODM3NTQ3YzE4ZmQzZjNlOGZlNDk3MGY3MDE1YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjldAinRRcIeiuU8ldwhnYs3G60q
wkq0brcutTM+pu2VLsQpysQbtDkosc/nzibUYLMVjDopGdpOdym7sDaX6zew/Hqn
D20HeOICQaFxM6A/QZN9qJIhfIWREHQ/cAvpFYoxjMpbcNsGtLN54KJnwmGhuNhS
h4mJn7KHV5cDLKXr12qyVQTnZbAPgJ4Uv+IcZZALdKnuChxzD6sFFXPtZWzTIKIS
K6vjb2EJh8uvZrGuCTdc6zle/IbPgRLWM8PnURQFvuqnmfVToLUjfUgSvyzcJbPK
k0n1YBM6MkwPnZfKxeSOW0+RTlHIII6SJ+ohMKY80Tu/qJnzYUATr+slUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD81pRdBg3VHwY/T8+j+SXD3AVx8MB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKSc6ZKre
xA672iDP/oZZje8MoMzieaCJ9glv+rEyCgif063G7tXtJBhSkeQGsXqta7SvuaGy
3khm7h/5wQXUAe3My18Wy41/BZ25hohWpofg0cqo6wKi2MhMo4WDQ8+cCvSzM/Kv
pXGPSVsT63VglsLrFJ3qs7fm0a3ZTY3G9woA3K86/IibMGH7kExfGrsIq9rZIJLg
nQd2ERI1XV8H4QfLMBb85DLd7fekB4g6zLHjLDdrZuGFuNRcVFZ0kC8ItRYpT/9Q
5xWlyOSTFAQIZ926t3KzCGoOuphsj/BZmZm3URyJe6IySNaPzs8QwuZMODmj8QaD
QOY/fAgThPod6g==
-----END CERTIFICATE-----