Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
File:                     J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json)
Hash identifier:          XDALEHDQ8DmRXLwInhZb8CBGEeSF/mhFqhVjc82VWZs=
Subject key identifier:   C4:23:64:45:3A:AE:B3:B0:24:38:2D:46:13:D4:AD:94:E0:9B:A9:65
Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0
Certificate issuer:       /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
Certificate serial:       0193572DAD7950BC3EA776E98359311BBB73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
Manifest number:          03EA
Signing time:             Sat 23 Nov 2024 04:00:31 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:31 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:31 +0000
Files and hashes:         1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: LgNlkz44R11wzsp7S5qHKABFByTIOdGcp/rNbGJUu9s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:ad:79:50:bc:3e:a7:76:e9:83:59:31:1b:bb:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0
        Validity
            Not Before: Nov 23 04:00:31 2024 GMT
            Not After : Nov 24 04:00:31 2024 GMT
        Subject: CN=c42364453aaeb3b024382d4613d4ad94e09ba965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9e:ca:ee:7b:ce:c3:e5:4b:c9:0e:19:08:2a:
                    a5:fd:00:95:06:cf:fb:41:ac:c5:da:14:ec:df:fd:
                    0f:98:cd:b0:2d:d0:81:39:fd:02:66:f0:55:d5:a3:
                    68:68:74:45:d0:d8:35:df:a7:39:ce:ac:a5:8a:2e:
                    51:76:65:c3:7f:ea:a8:bf:b9:c4:63:18:47:9b:41:
                    3b:35:08:48:a6:fb:8a:e5:22:b4:be:f2:a9:e8:c3:
                    2d:12:36:92:30:f6:e1:85:0e:cc:54:a3:6b:3b:73:
                    b3:93:e5:90:3e:e1:5c:f6:4b:ec:76:76:1e:19:d1:
                    2f:6d:00:7a:54:4e:f5:1b:12:fb:34:72:9b:e7:b7:
                    43:45:07:5d:49:cc:f1:e3:94:6b:20:0b:74:d7:1a:
                    36:04:17:07:f2:58:7c:70:fd:89:ad:67:90:36:e2:
                    6a:f3:95:86:a8:d6:29:cc:db:52:85:b6:9a:20:1d:
                    a6:f6:f3:28:b0:de:c8:48:6c:a1:31:54:e3:03:f1:
                    29:41:7e:dc:e5:b5:cf:68:01:6b:7f:b0:32:56:23:
                    5c:51:1e:7c:ce:db:77:95:5b:62:b6:86:9f:f4:39:
                    ae:09:a6:c2:95:ff:8e:c0:e6:8b:6d:44:2f:a7:93:
                    6a:d5:58:ed:70:72:8a:b3:24:6d:cf:ef:dd:0e:dc:
                    e8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:23:64:45:3A:AE:B3:B0:24:38:2D:46:13:D4:AD:94:E0:9B:A9:65
            X509v3 Authority Key Identifier:
                keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:32:65:ac:54:44:bf:c6:79:1e:0f:0f:1a:89:fc:6b:15:a8:
         9c:73:3a:d6:6a:b6:14:ae:78:6f:45:f8:b2:b6:44:5e:38:cb:
         a4:14:cd:d9:db:f8:b5:60:05:74:4c:4b:6f:8c:bd:df:89:16:
         bc:ca:76:dc:75:d9:54:3f:64:69:aa:f9:dc:4c:67:e9:25:be:
         29:59:df:13:1a:78:eb:f4:2f:72:a4:13:ac:30:07:de:74:9f:
         95:07:7a:67:eb:c1:46:96:10:3d:76:55:82:8b:d7:b7:1c:42:
         9e:d9:0b:34:1c:ee:62:f4:93:a6:3e:af:71:8e:55:fb:ba:d4:
         75:b5:f6:64:c3:01:ef:9b:55:82:81:a8:1c:60:dc:b2:f1:97:
         b0:08:4e:5f:b7:21:79:62:97:4c:dc:06:0f:c7:7c:44:9d:8d:
         7b:92:70:82:7b:50:e8:1a:17:ad:06:ed:b5:0d:5a:2d:0f:d8:
         f4:91:d1:02:31:e0:49:95:bb:1d:6f:55:1c:ac:0a:e2:73:05:
         f6:c8:47:a0:a3:9e:76:0d:36:b1:2f:37:e0:44:e5:de:c9:c6:
         46:9d:57:d3:a9:81:4f:55:7d:a2:a6:34:5d:44:bf:36:a1:f4:
         bd:c0:cb:ae:8e:c2:18:f4:4a:bb:b3:e1:4d:94:75:a0:64:5a:
         57:2f:4d:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLa15ULw+p3bpg1kxG7tzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk
MWFmYTAwHhcNMjQxMTIzMDQwMDMxWhcNMjQxMTI0MDQwMDMxWjAzMTEwLwYDVQQD
EyhjNDIzNjQ0NTNhYWViM2IwMjQzODJkNDYxM2Q0YWQ5NGUwOWJhOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ7K7nvOw+VLyQ4ZCCql/QCVBs/7
QazF2hTs3/0PmM2wLdCBOf0CZvBV1aNoaHRF0Ng136c5zqylii5RdmXDf+qov7nE
YxhHm0E7NQhIpvuK5SK0vvKp6MMtEjaSMPbhhQ7MVKNrO3Ozk+WQPuFc9kvsdnYe
GdEvbQB6VE71GxL7NHKb57dDRQddSczx45RrIAt01xo2BBcH8lh8cP2JrWeQNuJq
85WGqNYpzNtShbaaIB2m9vMosN7ISGyhMVTjA/EpQX7c5bXPaAFrf7AyViNcUR58
ztt3lVtitoaf9DmuCabClf+OwOaLbUQvp5Nq1VjtcHKKsyRtz+/dDtzoUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQjZEU6rrOwJDgtRhPUrZTgm6llMB8GA1UdIwQY
MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt
MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw
LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczJlrFRE
v8Z5Hg8PGon8axWonHM61mq2FK54b0X4srZEXjjLpBTN2dv4tWAFdExLb4y934kW
vMp23HXZVD9kaar53Exn6SW+KVnfExp46/QvcqQTrDAH3nSflQd6Z+vBRpYQPXZV
govXtxxCntkLNBzuYvSTpj6vcY5V+7rUdbX2ZMMB75tVgoGoHGDcsvGXsAhOX7ch
eWKXTNwGD8d8RJ2Ne5JwgntQ6BoXrQbttQ1aLQ/Y9JHRAjHgSZW7HW9VHKwK4nMF
9shHoKOedg02sS834ETl3snGRp1X06mBT1V9oqY0XUS/NqH0vcDLro7CGPRKu7Ph
TZR1oGRaVy9NtQ==
-----END CERTIFICATE-----