Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
File:                     M4YMg3IhmQcJz1rqKduBaJU-feA.mft (raw, json)
Hash identifier:          CdRMdAVGL2lkc4RUusTDHj5LuQijynxFxWx3lWZ5OHU=
Subject key identifier:   49:82:C6:CD:85:64:AC:C5:FC:EB:F5:72:B8:2D:9F:44:92:0A:89:87
Authority key identifier: 33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0
Certificate issuer:       /CN=33860c837221990709cf5aea29db8168953e7de0
Certificate serial:       019366A09A3E5AF29AFC4CAC083EDC085AF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
Manifest number:          04B0
Signing time:             Tue 26 Nov 2024 04:00:21 +0000
Manifest this update:     Tue 26 Nov 2024 04:00:21 +0000
Manifest next update:     Wed 27 Nov 2024 04:00:21 +0000
Files and hashes:         1: M4YMg3IhmQcJz1rqKduBaJU-feA.crl (hash: wDJe0C6ihzJepEd0bDCH7328NLINWZH1pfSiiWJb/PY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:66:a0:9a:3e:5a:f2:9a:fc:4c:ac:08:3e:dc:08:5a:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33860c837221990709cf5aea29db8168953e7de0
        Validity
            Not Before: Nov 26 04:00:21 2024 GMT
            Not After : Nov 27 04:00:21 2024 GMT
        Subject: CN=4982c6cd8564acc5fcebf572b82d9f44920a8987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5d:d4:39:97:31:94:a8:56:fe:9d:cf:e0:4c:
                    dc:92:5a:bc:e6:f1:7d:ab:25:4a:72:81:06:25:31:
                    06:9c:da:8a:2f:07:be:ba:c2:38:08:96:07:96:29:
                    9f:44:80:ba:f8:d3:c3:26:ab:c4:9d:b0:75:fa:a7:
                    65:2d:79:0a:dd:8c:d7:7d:8f:09:fd:43:99:f2:fd:
                    47:69:d7:05:3e:60:91:c2:87:66:24:ef:8c:d3:0c:
                    b7:1d:31:08:83:7b:ee:12:44:d5:b2:2d:de:f1:67:
                    17:78:4c:9c:57:18:bd:7b:60:cc:0d:39:2e:e4:82:
                    b1:bc:bc:af:cc:7c:74:09:60:34:05:f2:e0:f2:e4:
                    c7:79:45:83:49:d0:8c:92:f4:89:1a:dc:63:16:98:
                    80:60:96:fb:fc:7f:ca:72:b6:f1:00:87:a0:dc:bb:
                    83:c6:40:b3:ea:98:22:97:2d:05:8f:08:e9:66:c4:
                    3d:4f:5f:ad:a9:62:f7:66:56:14:67:cc:47:15:07:
                    8d:34:2f:b2:39:25:31:ae:ed:ab:e9:79:0a:e6:ef:
                    ce:9c:22:41:63:1f:1b:64:86:06:da:ce:a6:7e:d6:
                    ae:e6:32:22:8d:37:48:da:b3:56:61:0e:23:61:30:
                    5a:54:31:93:49:5a:11:02:47:d8:82:8f:0c:ba:e1:
                    b4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:82:C6:CD:85:64:AC:C5:FC:EB:F5:72:B8:2D:9F:44:92:0A:89:87
            X509v3 Authority Key Identifier:
                keyid:33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:c5:bb:02:41:36:ed:6f:2a:4c:98:bf:5e:e1:3f:c2:70:e8:
         b5:4f:50:b0:b0:67:40:23:4d:e9:31:6b:90:ce:33:7f:8f:e8:
         b2:04:70:bb:3a:5c:8f:51:cc:18:5b:79:45:35:c1:2a:09:c3:
         19:4c:ef:ba:88:9f:3a:bc:64:74:6a:05:55:1e:98:31:26:9a:
         f9:e7:fa:c6:90:19:a5:a5:cd:0f:5e:88:a1:9f:73:e7:6d:dd:
         63:4d:32:7e:55:06:80:0e:c0:a3:ed:f7:3e:d4:dd:4e:1c:0e:
         52:69:ea:2c:ca:2a:67:0c:35:c8:8c:bc:f3:45:a5:92:dc:55:
         c9:0c:d0:e4:98:a3:19:73:ea:10:38:dc:99:70:44:1c:2d:c4:
         5b:c2:31:30:90:fc:d3:80:db:3a:bf:20:8b:93:2b:a3:6b:82:
         41:09:46:f9:75:42:43:1d:dc:1a:da:0b:59:28:06:03:20:eb:
         43:e3:5d:ac:b2:4e:bb:45:44:c5:1d:94:71:0b:f0:1c:fe:71:
         c9:7c:78:65:b4:aa:7c:40:44:44:23:9d:8f:68:39:cf:b0:13:
         a5:46:91:03:99:cc:6a:ae:4b:4d:c4:97:e3:26:bc:43:1a:f2:
         68:a7:cc:d8:67:1e:90:52:f9:8b:c8:6c:43:8c:27:b0:07:00:
         7f:3a:a9:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNmoJo+WvKa/EysCD7cCFrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzODYwYzgzNzIyMTk5MDcwOWNmNWFlYTI5ZGI4MTY4OTUz
ZTdkZTAwHhcNMjQxMTI2MDQwMDIxWhcNMjQxMTI3MDQwMDIxWjAzMTEwLwYDVQQD
Eyg0OTgyYzZjZDg1NjRhY2M1ZmNlYmY1NzJiODJkOWY0NDkyMGE4OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv13UOZcxlKhW/p3P4Ezcklq85vF9
qyVKcoEGJTEGnNqKLwe+usI4CJYHlimfRIC6+NPDJqvEnbB1+qdlLXkK3YzXfY8J
/UOZ8v1HadcFPmCRwodmJO+M0wy3HTEIg3vuEkTVsi3e8WcXeEycVxi9e2DMDTku
5IKxvLyvzHx0CWA0BfLg8uTHeUWDSdCMkvSJGtxjFpiAYJb7/H/KcrbxAIeg3LuD
xkCz6pgily0FjwjpZsQ9T1+tqWL3ZlYUZ8xHFQeNNC+yOSUxru2r6XkK5u/OnCJB
Yx8bZIYG2s6mftau5jIijTdI2rNWYQ4jYTBaVDGTSVoRAkfYgo8MuuG0RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmCxs2FZKzF/Ov1crgtn0SSComHMB8GA1UdIwQY
MBaAFDOGDINyIZkHCc9a6inbgWiVPn3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYt
YjgyZTUzMDEwNTk3LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYtYjgyZTUzMDEwNTk3
LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArsW7AkE2
7W8qTJi/XuE/wnDotU9QsLBnQCNN6TFrkM4zf4/osgRwuzpcj1HMGFt5RTXBKgnD
GUzvuoifOrxkdGoFVR6YMSaa+ef6xpAZpaXND16IoZ9z523dY00yflUGgA7Ao+33
PtTdThwOUmnqLMoqZww1yIy880WlktxVyQzQ5JijGXPqEDjcmXBEHC3EW8IxMJD8
04DbOr8gi5Mro2uCQQlG+XVCQx3cGtoLWSgGAyDrQ+NdrLJOu0VExR2UcQvwHP5x
yXx4ZbSqfEBERCOdj2g5z7ATpUaRA5nMaq5LTcSX4ya8QxryaKfM2GcekFL5i8hs
Q4wnsAcAfzqptA==
-----END CERTIFICATE-----