Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          74vScgokyHY1M5p9QO6g2XM6t5bUYyYXzobKeKHvFKU=
Subject key identifier:   5D:85:C4:47:8D:C5:9B:64:F3:83:B4:80:8B:2B:09:9B:59:8C:F9:EA
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       01936A7DA729F025E1EA9D5B1CA7B5FB7336
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 22:00:39 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:39 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:39 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: cp4NVNuswN9NevLRNSmfDJ6S03YPBQXhCS24T2tLC+Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:a7:29:f0:25:e1:ea:9d:5b:1c:a7:b5:fb:73:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Nov 26 22:00:39 2024 GMT
            Not After : Nov 27 22:00:39 2024 GMT
        Subject: CN=5d85c4478dc59b64f383b4808b2b099b598cf9ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:80:1b:2b:0b:8d:92:09:ac:84:c6:13:d7:2d:
                    f9:94:4f:70:bb:ea:ac:14:43:b4:d4:03:60:73:f1:
                    f3:0b:2f:80:1b:66:2f:16:f1:c4:a9:3a:01:22:2a:
                    e1:07:e3:46:14:7e:c2:86:51:36:39:8d:fe:5b:45:
                    9a:cd:3e:61:77:0a:fb:e5:6e:24:cc:35:6c:55:fd:
                    c6:8d:2a:df:96:96:11:56:5a:c4:8a:2d:f0:e7:d1:
                    db:e9:b3:2d:fb:b9:2d:3d:a0:2b:30:cf:a6:90:6a:
                    10:6f:74:77:12:d5:41:f8:3f:8e:5d:10:8c:b5:21:
                    9a:92:25:5d:85:6f:dd:da:88:ca:68:8c:29:32:83:
                    f3:fb:d2:e3:dc:08:79:8e:d2:72:89:ba:a8:7b:8c:
                    10:ad:fe:cc:1b:a7:59:ec:4c:4b:0c:27:23:15:e1:
                    82:02:6a:23:6d:96:38:41:ed:85:41:a2:45:af:95:
                    8a:96:d8:a2:7c:dd:72:88:19:69:33:a0:6d:a3:91:
                    b0:a6:15:61:91:7d:b8:81:19:22:68:14:3c:2b:7a:
                    cd:dc:19:80:17:6b:c8:9c:cf:03:bb:38:4f:60:14:
                    fb:db:d4:7a:bd:04:ce:d0:7b:60:c3:c3:ba:04:de:
                    c3:ab:13:92:b2:a6:a7:9b:0b:ee:39:26:dd:82:7d:
                    9e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:85:C4:47:8D:C5:9B:64:F3:83:B4:80:8B:2B:09:9B:59:8C:F9:EA
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:9f:2f:73:a3:6b:56:61:64:6b:a0:aa:e3:2b:18:87:21:9a:
         78:95:cd:69:08:02:53:66:7c:c8:37:d9:4a:0d:7a:44:e9:18:
         4d:7a:ae:e0:74:93:88:18:9f:37:4a:66:9a:77:d2:ab:26:2b:
         23:4f:15:24:ff:18:2c:87:d8:0b:86:af:2f:55:9d:49:e3:df:
         f3:83:b7:82:e3:2d:02:75:58:35:7f:a5:4c:50:b7:02:be:b5:
         a7:8d:bf:99:3c:e4:c2:39:cc:9b:16:79:0e:d4:2a:5d:19:fd:
         a7:41:63:60:9b:af:49:db:8c:84:93:1b:72:4a:6e:d1:62:d9:
         40:ba:c0:06:6d:07:29:45:03:ae:6b:a8:34:00:91:35:0e:32:
         45:3d:06:ae:17:f8:26:b6:a2:2e:87:66:45:99:c5:26:9a:a6:
         a8:87:c3:01:43:a6:ab:0a:34:df:31:bc:29:36:5a:12:cd:88:
         0d:ed:d0:b4:49:49:4d:1c:24:03:44:ff:d4:58:13:a0:75:a3:
         64:b2:3b:6d:b3:c6:72:1c:ba:9e:ec:97:25:16:5d:c2:ff:2c:
         df:71:37:4e:f9:b1:85:3d:cb:e0:6a:e0:f7:58:d9:5c:fc:c8:
         6c:1e:84:84:07:73:19:e9:c0:04:28:38:0f:9d:b6:2d:03:66:
         fd:fa:e3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfacp8CXh6p1bHKe1+3M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjQxMTI2MjIwMDM5WhcNMjQxMTI3MjIwMDM5WjAzMTEwLwYDVQQD
Eyg1ZDg1YzQ0NzhkYzU5YjY0ZjM4M2I0ODA4YjJiMDk5YjU5OGNmOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIAbKwuNkgmshMYT1y35lE9wu+qs
FEO01ANgc/HzCy+AG2YvFvHEqToBIirhB+NGFH7ChlE2OY3+W0WazT5hdwr75W4k
zDVsVf3GjSrflpYRVlrEii3w59Hb6bMt+7ktPaArMM+mkGoQb3R3EtVB+D+OXRCM
tSGakiVdhW/d2ojKaIwpMoPz+9Lj3Ah5jtJyibqoe4wQrf7MG6dZ7ExLDCcjFeGC
AmojbZY4Qe2FQaJFr5WKltiifN1yiBlpM6Bto5GwphVhkX24gRkiaBQ8K3rN3BmA
F2vInM8DuzhPYBT729R6vQTO0Htgw8O6BN7DqxOSsqanmwvuOSbdgn2eAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2FxEeNxZtk84O0gIsrCZtZjPnqMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC58vc6Nr
VmFka6Cq4ysYhyGaeJXNaQgCU2Z8yDfZSg16ROkYTXqu4HSTiBifN0pmmnfSqyYr
I08VJP8YLIfYC4avL1WdSePf84O3guMtAnVYNX+lTFC3Ar61p42/mTzkwjnMmxZ5
DtQqXRn9p0FjYJuvSduMhJMbckpu0WLZQLrABm0HKUUDrmuoNACRNQ4yRT0Grhf4
JraiLodmRZnFJpqmqIfDAUOmqwo03zG8KTZaEs2IDe3QtElJTRwkA0T/1FgToHWj
ZLI7bbPGchy6nuyXJRZdwv8s33E3TvmxhT3L4Grg91jZXPzIbB6EhAdzGenABCg4
D522LQNm/frj3A==
-----END CERTIFICATE-----