Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
File:                     4EHIW0dOi2wAiR2VQST_DIEgDYw.mft (raw, json)
Hash identifier:          T3Iz2FxCKexBtLOVVt5uEFtYqYpdDDQI8Kx9MRgmLU8=
Subject key identifier:   2D:97:69:E6:5A:24:E4:66:19:8C:35:05:92:86:DE:CF:1D:87:6D:1C
Authority key identifier: E0:41:C8:5B:47:4E:8B:6C:00:89:1D:95:41:24:FF:0C:81:20:0D:8C
Certificate issuer:       /CN=e041c85b474e8b6c00891d954124ff0c81200d8c
Certificate serial:       018F3E55045106C39C5FED911167695BF96C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
Manifest number:          04A9
Signing time:             Fri 03 May 2024 12:01:49 +0000
Manifest this update:     Fri 03 May 2024 12:01:49 +0000
Manifest next update:     Sat 04 May 2024 12:01:49 +0000
Files and hashes:         1: 4EHIW0dOi2wAiR2VQST_DIEgDYw.crl (hash: ru79ru5/X5kfXHwdeeQFfKpiCDAWd+PP5oHOz2kQcaQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3e:55:04:51:06:c3:9c:5f:ed:91:11:67:69:5b:f9:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e041c85b474e8b6c00891d954124ff0c81200d8c
        Validity
            Not Before: May  3 12:01:49 2024 GMT
            Not After : May  4 12:01:49 2024 GMT
        Subject: CN=2d9769e65a24e466198c35059286decf1d876d1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:71:2a:9c:7e:24:1b:15:f6:63:45:26:cd:00:
                    22:59:91:5a:78:aa:71:5a:9b:64:83:12:16:24:a8:
                    6e:cb:8b:90:58:f8:9a:90:33:65:08:2f:d7:b9:71:
                    ed:10:8c:61:05:64:fa:7e:b5:80:2f:71:c4:ac:e9:
                    ec:d1:0c:d0:9b:4b:06:e1:40:28:fa:a9:22:20:2a:
                    36:65:5e:c5:b9:67:89:71:75:40:d9:85:35:e9:43:
                    3a:6b:52:fd:56:05:36:e0:a8:a8:00:78:ea:ec:82:
                    69:97:61:9e:2a:fc:b3:0b:88:56:a4:57:45:c6:c9:
                    95:27:94:50:f7:98:7f:29:a6:6e:36:7a:3e:92:fc:
                    84:54:a8:44:53:41:2e:59:8d:c2:22:ab:3d:8b:78:
                    76:e5:7c:aa:a8:f9:63:02:12:65:66:d1:c0:76:a9:
                    34:15:ae:db:13:56:2d:07:4b:1d:88:1d:75:cd:4a:
                    28:80:d4:51:15:19:12:96:db:ae:08:8a:67:c6:cc:
                    c7:00:47:22:41:6a:29:51:af:03:65:e3:79:63:25:
                    de:96:7d:49:85:ea:03:91:ed:c1:7b:ec:1f:06:48:
                    4f:e7:f3:49:a9:14:53:35:d9:39:38:37:88:21:66:
                    fd:b3:f9:c2:4a:a0:35:0a:da:7b:52:91:e5:38:6e:
                    5a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:97:69:E6:5A:24:E4:66:19:8C:35:05:92:86:DE:CF:1D:87:6D:1C
            X509v3 Authority Key Identifier:
                keyid:E0:41:C8:5B:47:4E:8B:6C:00:89:1D:95:41:24:FF:0C:81:20:0D:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4EHIW0dOi2wAiR2VQST_DIEgDYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/549e4d-8dee-459b-9283-46bb3fa28b00/1/4EHIW0dOi2wAiR2VQST_DIEgDYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:3a:5e:44:7d:47:5a:bb:34:13:b7:31:cf:a8:68:28:99:74:
         b7:f1:d4:cd:77:6b:66:03:d3:69:1a:cb:80:da:1c:95:5c:c0:
         be:c7:e2:1c:41:17:4a:54:05:40:c2:91:1c:e5:fb:f4:fb:97:
         ea:f1:2f:04:76:9e:c0:a1:18:dc:c7:0b:76:d9:d5:34:6a:3f:
         dc:00:2a:3f:11:84:fb:5e:7c:b1:89:02:5f:c8:cd:35:bc:11:
         33:cc:0c:49:3a:bf:4f:ac:27:9d:af:0a:47:9a:51:d8:d2:2b:
         af:d6:ad:7b:cb:ce:65:71:5b:a9:2c:c8:b3:52:06:8c:64:8b:
         81:70:63:f8:9e:2a:78:6d:04:fb:b3:e9:b2:19:8d:12:99:67:
         70:80:28:a3:a0:02:ea:d2:35:06:69:26:1a:1a:a5:65:e8:6a:
         e6:c7:d6:ba:76:bd:d0:18:49:1e:f6:17:96:ba:80:16:17:6b:
         f6:20:ec:d9:cf:a2:0e:0e:68:28:a6:2d:87:2b:7b:e2:96:ff:
         ca:97:cd:91:4b:e3:99:8c:6e:5f:1e:47:25:43:67:d8:b8:a1:
         cd:eb:83:c8:1b:7b:22:64:1b:03:8d:9e:88:70:83:f4:25:3d:
         d0:e7:35:85:ca:bb:f0:75:80:9c:d2:a4:c2:a8:82:a8:60:32:
         e6:db:94:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8+VQRRBsOcX+2REWdpW/lsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNDFjODViNDc0ZThiNmMwMDg5MWQ5NTQxMjRmZjBjODEy
MDBkOGMwHhcNMjQwNTAzMTIwMTQ5WhcNMjQwNTA0MTIwMTQ5WjAzMTEwLwYDVQQD
EygyZDk3NjllNjVhMjRlNDY2MTk4YzM1MDU5Mjg2ZGVjZjFkODc2ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3EqnH4kGxX2Y0UmzQAiWZFaeKpx
WptkgxIWJKhuy4uQWPiakDNlCC/XuXHtEIxhBWT6frWAL3HErOns0QzQm0sG4UAo
+qkiICo2ZV7FuWeJcXVA2YU16UM6a1L9VgU24KioAHjq7IJpl2GeKvyzC4hWpFdF
xsmVJ5RQ95h/KaZuNno+kvyEVKhEU0EuWY3CIqs9i3h25XyqqPljAhJlZtHAdqk0
Fa7bE1YtB0sdiB11zUoogNRRFRkSltuuCIpnxszHAEciQWopUa8DZeN5YyXeln1J
heoDke3Be+wfBkhP5/NJqRRTNdk5ODeIIWb9s/nCSqA1Ctp7UpHlOG5aAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2XaeZaJORmGYw1BZKG3s8dh20cMB8GA1UdIwQY
MBaAFOBByFtHTotsAIkdlUEk/wyBIA2MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81NDllNGQtOGRlZS00NTliLTkyODMt
NDZiYjNmYTI4YjAwLzEvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC81NDllNGQtOGRlZS00NTliLTkyODMtNDZiYjNmYTI4YjAw
LzEvNEVISVcwZE9pMndBaVIyVlFTVF9ESUVnRFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjpeRH1H
Wrs0E7cxz6hoKJl0t/HUzXdrZgPTaRrLgNoclVzAvsfiHEEXSlQFQMKRHOX79PuX
6vEvBHaewKEY3McLdtnVNGo/3AAqPxGE+158sYkCX8jNNbwRM8wMSTq/T6wnna8K
R5pR2NIrr9ate8vOZXFbqSzIs1IGjGSLgXBj+J4qeG0E+7PpshmNEplncIAoo6AC
6tI1BmkmGhqlZehq5sfWuna90BhJHvYXlrqAFhdr9iDs2c+iDg5oKKYthyt74pb/
ypfNkUvjmYxuXx5HJUNn2LihzeuDyBt7ImQbA42eiHCD9CU90Oc1hcq78HWAnNKk
wqiCqGAy5tuUCA==
-----END CERTIFICATE-----