Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File:                     rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier:          3dSu9QRU8xLDhCKoexjQlQ6Nx17iECGT80nebxkrkXk=
Subject key identifier:   76:B9:F8:AA:FA:4F:7B:83:5F:FC:FE:37:B5:A7:21:CA:D4:77:3C:D5
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer:       /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial:       019356F6CC0E2BF384FDA233D01BAE1701B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number:          0F2D
Signing time:             Sat 23 Nov 2024 03:00:34 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:34 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:34 +0000
Files and hashes:         1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: B5UjcHMtrcYz9ZV1c8IiJ2zAVIyarTPs85/UPzkeJDw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:cc:0e:2b:f3:84:fd:a2:33:d0:1b:ae:17:01:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
        Validity
            Not Before: Nov 23 03:00:34 2024 GMT
            Not After : Nov 24 03:00:34 2024 GMT
        Subject: CN=76b9f8aafa4f7b835ffcfe37b5a721cad4773cd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ee:b9:fb:76:f0:3d:a4:6e:e1:fe:ff:49:03:
                    41:3c:26:e7:00:83:c8:68:3c:36:d8:5d:ce:3b:42:
                    ce:14:65:e8:4d:86:fd:50:44:0f:a9:81:a5:d6:e0:
                    01:7b:d0:f2:b0:57:d1:21:41:4d:3b:85:a2:68:f0:
                    ce:53:98:0c:20:ef:0a:2d:21:1b:d6:02:c1:ef:5c:
                    4b:59:22:8f:69:e6:28:95:ca:e7:3a:aa:c4:11:b3:
                    49:2c:66:99:64:e5:7e:a7:f0:b8:a3:14:8f:f5:f7:
                    92:2f:9d:15:3c:1a:02:98:03:a2:a3:fc:ca:b5:19:
                    9c:96:15:75:68:d3:64:1e:8d:41:44:d7:a7:0c:dd:
                    d3:87:07:87:d0:af:5c:58:f8:5b:1e:58:74:30:2c:
                    3e:1d:22:e1:8e:12:f1:29:38:cc:b6:ee:07:32:6a:
                    ba:93:7c:f9:95:98:9a:d2:2e:38:20:b3:17:0d:e9:
                    1e:b6:85:26:fe:dc:5b:20:6b:52:0f:a4:74:71:06:
                    db:5a:a7:3b:cd:80:64:4d:0c:73:50:4f:9c:a6:f0:
                    8d:09:e3:fa:b4:33:21:6e:cc:aa:5a:97:4b:98:3d:
                    91:f5:4d:25:2d:f9:e8:84:08:66:02:7f:a0:87:e6:
                    49:57:6b:ef:d5:3f:91:24:67:66:3a:6e:44:b6:3b:
                    ed:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:B9:F8:AA:FA:4F:7B:83:5F:FC:FE:37:B5:A7:21:CA:D4:77:3C:D5
            X509v3 Authority Key Identifier:
                keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:46:72:c8:dc:bf:43:12:d0:78:e4:fe:ea:67:e9:7f:f6:7d:
         84:67:da:79:6d:a9:4f:0a:2b:62:27:17:fc:9f:d8:a4:6f:44:
         04:62:f7:c4:ca:0b:2d:79:6c:80:78:43:90:92:76:57:8b:51:
         92:21:0c:8c:20:c3:34:d4:81:f9:44:c5:e2:a5:6e:0e:d2:a3:
         ac:c1:61:22:73:17:8e:f2:49:6b:52:b5:bc:7d:29:bb:c4:3f:
         90:ea:d8:b2:bc:8e:c7:e8:7f:57:e1:69:1b:aa:da:d9:82:09:
         a1:21:c8:e8:82:ed:46:fa:92:8c:e7:b6:6c:01:6c:47:17:05:
         ac:2c:29:54:f2:82:84:8b:d3:da:c1:08:f0:75:49:34:9e:08:
         9c:13:7a:87:28:56:18:5a:0f:26:9c:98:df:ef:19:84:77:ef:
         12:98:b2:07:03:62:66:1b:26:54:4a:75:d2:55:b2:c6:36:c2:
         4c:d9:22:7b:a1:a8:5f:1a:ec:0d:39:da:e5:df:0f:66:8d:e9:
         7b:88:0a:f2:97:a7:2d:cc:6c:4e:7f:2d:72:6e:21:52:e9:81:
         ec:20:59:67:61:43:1c:1a:05:8c:bd:a0:30:2d:5f:8e:fb:f1:
         3b:f7:f3:ab:cd:61:dd:eb:c4:a2:e5:69:ad:fd:b3:f0:ff:34:
         df:63:fe:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9swOK/OE/aIz0BuuFwG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjQxMTIzMDMwMDM0WhcNMjQxMTI0MDMwMDM0WjAzMTEwLwYDVQQD
Eyg3NmI5ZjhhYWZhNGY3YjgzNWZmY2ZlMzdiNWE3MjFjYWQ0NzczY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu65+3bwPaRu4f7/SQNBPCbnAIPI
aDw22F3OO0LOFGXoTYb9UEQPqYGl1uABe9DysFfRIUFNO4WiaPDOU5gMIO8KLSEb
1gLB71xLWSKPaeYolcrnOqrEEbNJLGaZZOV+p/C4oxSP9feSL50VPBoCmAOio/zK
tRmclhV1aNNkHo1BRNenDN3ThweH0K9cWPhbHlh0MCw+HSLhjhLxKTjMtu4HMmq6
k3z5lZia0i44ILMXDeketoUm/txbIGtSD6R0cQbbWqc7zYBkTQxzUE+cpvCNCeP6
tDMhbsyqWpdLmD2R9U0lLfnohAhmAn+gh+ZJV2vv1T+RJGdmOm5EtjvtowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHa5+Kr6T3uDX/z+N7WnIcrUdzzVMB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC0ZyyNy/
QxLQeOT+6mfpf/Z9hGfaeW2pTworYicX/J/YpG9EBGL3xMoLLXlsgHhDkJJ2V4tR
kiEMjCDDNNSB+UTF4qVuDtKjrMFhInMXjvJJa1K1vH0pu8Q/kOrYsryOx+h/V+Fp
G6ra2YIJoSHI6ILtRvqSjOe2bAFsRxcFrCwpVPKChIvT2sEI8HVJNJ4InBN6hyhW
GFoPJpyY3+8ZhHfvEpiyBwNiZhsmVEp10lWyxjbCTNkie6GoXxrsDTna5d8PZo3p
e4gK8penLcxsTn8tcm4hUumB7CBZZ2FDHBoFjL2gMC1fjvvxO/fzq81h3evEouVp
rf2z8P8032P+gA==
-----END CERTIFICATE-----