Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          bVll4KYsbZuPzF9fU5wZKG+9jGNjgaDR86lLrfVxisM=
Subject key identifier:   01:62:57:79:3A:45:1D:9B:CC:BB:2A:0E:A7:84:62:F6:21:61:F5:49
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       018F87ED5960D68862DDC64694EC3B54479D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          01F1
Signing time:             Fri 17 May 2024 19:00:30 +0000
Manifest this update:     Fri 17 May 2024 19:00:30 +0000
Manifest next update:     Sat 18 May 2024 19:00:30 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: 6DbFCy0hnFp+nSNfaZFm9dSMRqymIKkKpXhZ8CYiVKg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:59:60:d6:88:62:dd:c6:46:94:ec:3b:54:47:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: May 17 19:00:30 2024 GMT
            Not After : May 18 19:00:30 2024 GMT
        Subject: CN=016257793a451d9bccbb2a0ea78462f62161f549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ed:6d:05:2c:79:fa:7e:6a:62:a6:61:09:a8:
                    67:d0:89:16:f6:b7:ee:1a:c9:1f:95:05:d6:80:41:
                    06:5b:60:b7:27:43:24:04:81:26:2b:9e:f6:fc:01:
                    b8:a3:ea:a8:07:f8:2d:f7:4e:dd:07:f8:c3:4c:25:
                    f8:80:41:e9:ac:bb:ab:68:79:db:2a:59:14:f4:0d:
                    da:62:a0:d5:2d:10:16:02:c1:89:2a:7c:65:0c:57:
                    48:19:77:43:eb:7a:c2:d7:0e:b4:59:74:21:f4:70:
                    39:35:e8:fa:00:1c:eb:52:c7:5f:32:82:35:0d:9a:
                    1f:d3:5b:e5:47:c2:42:90:dd:75:9e:a4:b2:d1:58:
                    0d:e2:71:8c:5d:1a:e2:4a:4b:45:d9:ca:bf:ab:3b:
                    d6:84:ad:e0:46:e4:08:7c:f1:16:f1:02:73:73:fc:
                    1a:0f:08:a7:3d:54:7b:72:e0:44:fc:8f:59:66:6f:
                    b9:c5:15:3e:ae:e8:87:72:78:b8:1c:8b:81:10:ab:
                    c6:68:2b:b5:08:cd:c7:15:93:19:9a:8e:cb:54:f7:
                    20:50:d5:4c:04:3d:e2:ab:cb:3f:57:29:b9:6a:88:
                    9e:9f:ae:69:e9:1b:e8:01:b0:97:d5:df:8c:0e:73:
                    61:49:2f:14:ad:24:61:c5:ff:ed:97:70:28:0b:53:
                    3c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:62:57:79:3A:45:1D:9B:CC:BB:2A:0E:A7:84:62:F6:21:61:F5:49
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:f0:89:6f:b1:fd:62:61:59:7d:6e:06:44:ad:36:7d:62:41:
         05:d1:fc:f9:ce:89:61:7e:46:0c:dc:69:9b:1e:32:5e:b3:d9:
         94:18:3f:9b:c1:eb:f0:5c:a9:e1:47:5a:81:b2:a6:26:9a:29:
         af:e9:9e:c7:71:8b:c1:a4:f3:fe:2b:66:0a:77:fc:75:1b:31:
         66:de:05:ea:cb:10:53:75:1f:dd:06:96:ad:3a:8e:d8:28:12:
         c0:4f:e4:5a:b4:3c:ba:7d:09:72:95:19:d7:63:d6:87:21:12:
         b4:b7:af:c3:9f:af:7b:1f:bc:59:ce:a1:f3:cd:42:df:b4:f6:
         55:c6:97:c4:39:ac:c4:8d:89:91:2e:0e:b7:fd:be:d2:d4:59:
         52:82:53:24:0d:b3:ef:a7:03:fa:d8:93:8e:17:ac:eb:b8:d3:
         c4:1d:ec:60:c3:b8:17:c0:f7:ae:b1:bd:00:1c:3c:a5:4f:e9:
         a3:1e:66:81:f8:77:56:a7:eb:02:a6:91:84:32:4a:07:97:bf:
         2a:e1:db:21:e2:28:2c:ed:21:0b:45:6f:35:99:54:70:db:08:
         8e:a1:72:3c:67:4b:48:72:6d:49:f5:f4:b4:67:d4:f0:4a:08:
         55:52:a9:c1:0d:e3:1d:4b:bd:b4:00:86:cf:e4:02:81:17:e9:
         cd:c4:71:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7Vlg1ohi3cZGlOw7VEedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjQwNTE3MTkwMDMwWhcNMjQwNTE4MTkwMDMwWjAzMTEwLwYDVQQD
EygwMTYyNTc3OTNhNDUxZDliY2NiYjJhMGVhNzg0NjJmNjIxNjFmNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze1tBSx5+n5qYqZhCahn0IkW9rfu
GskflQXWgEEGW2C3J0MkBIEmK572/AG4o+qoB/gt907dB/jDTCX4gEHprLuraHnb
KlkU9A3aYqDVLRAWAsGJKnxlDFdIGXdD63rC1w60WXQh9HA5Nej6ABzrUsdfMoI1
DZof01vlR8JCkN11nqSy0VgN4nGMXRriSktF2cq/qzvWhK3gRuQIfPEW8QJzc/wa
DwinPVR7cuBE/I9ZZm+5xRU+ruiHcni4HIuBEKvGaCu1CM3HFZMZmo7LVPcgUNVM
BD3iq8s/Vym5aoien65p6RvoAbCX1d+MDnNhSS8UrSRhxf/tl3AoC1M8YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFiV3k6RR2bzLsqDqeEYvYhYfVJMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/CJb7H9
YmFZfW4GRK02fWJBBdH8+c6JYX5GDNxpmx4yXrPZlBg/m8Hr8Fyp4UdagbKmJpop
r+mex3GLwaTz/itmCnf8dRsxZt4F6ssQU3Uf3QaWrTqO2CgSwE/kWrQ8un0JcpUZ
12PWhyEStLevw5+vex+8Wc6h881C37T2VcaXxDmsxI2JkS4Ot/2+0tRZUoJTJA2z
76cD+tiTjhes67jTxB3sYMO4F8D3rrG9ABw8pU/pox5mgfh3VqfrAqaRhDJKB5e/
KuHbIeIoLO0hC0VvNZlUcNsIjqFyPGdLSHJtSfX0tGfU8EoIVVKpwQ3jHUu9tACG
z+QCgRfpzcRxzQ==
-----END CERTIFICATE-----