Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
File:                     M4YMg3IhmQcJz1rqKduBaJU-feA.mft (raw, json)
Hash identifier:          0mf5QrpEKFnhaN9yNMjj2kSdcEN48ElgGB1Lk+gFEOI=
Subject key identifier:   1C:DE:46:8D:FB:07:21:BD:AC:69:6B:5A:FE:63:B4:11:9E:05:F9:22
Authority key identifier: 33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0
Certificate issuer:       /CN=33860c837221990709cf5aea29db8168953e7de0
Certificate serial:       018F87ED35D1B79114DE9782801B8C8E5EE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
Manifest number:          02AF
Signing time:             Fri 17 May 2024 19:00:20 +0000
Manifest this update:     Fri 17 May 2024 19:00:20 +0000
Manifest next update:     Sat 18 May 2024 19:00:20 +0000
Files and hashes:         1: M4YMg3IhmQcJz1rqKduBaJU-feA.crl (hash: 1U5w//KyO7MaXZz3rSTVfu609kckEt3hTwvmlZjqmAU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:35:d1:b7:91:14:de:97:82:80:1b:8c:8e:5e:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33860c837221990709cf5aea29db8168953e7de0
        Validity
            Not Before: May 17 19:00:20 2024 GMT
            Not After : May 18 19:00:20 2024 GMT
        Subject: CN=1cde468dfb0721bdac696b5afe63b4119e05f922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c2:b6:d6:9e:ef:ca:fa:1d:15:db:18:69:f5:
                    b5:96:7a:0b:bd:65:4e:2a:40:54:d6:f3:43:e0:bf:
                    20:a7:4a:9f:e9:61:a5:5c:c7:00:62:6a:3b:7f:db:
                    4e:7c:81:b8:86:69:5c:c9:8e:b7:8b:f8:82:3a:56:
                    d8:8f:f5:a4:49:63:8e:02:e3:bf:6b:79:12:cc:c3:
                    8f:72:f4:48:e7:5e:23:15:35:b6:fe:9d:55:57:8d:
                    ce:1e:fa:93:27:22:0b:bb:b6:8e:52:00:c8:5f:c8:
                    24:38:e5:98:cc:97:0c:41:1f:04:83:3a:e4:fa:56:
                    fe:c0:9e:65:bc:e1:0e:68:eb:ea:b8:5c:98:91:ce:
                    7f:94:fb:9f:7c:c0:46:30:36:88:f7:2e:ed:9b:ce:
                    b9:90:b3:a0:74:6f:f3:bd:d3:7f:07:a5:c2:18:ab:
                    08:5b:4d:8d:91:2e:86:03:74:1a:0f:eb:28:b4:d0:
                    f6:a0:98:d5:b1:bb:0b:a8:0e:f9:c5:35:d6:9a:ae:
                    00:bf:41:49:4e:8d:73:81:2a:84:6f:bf:47:77:ca:
                    98:04:68:f6:27:c2:64:3e:01:17:2e:8b:4c:33:51:
                    73:0e:ad:6b:6a:f6:e9:d3:d1:67:74:9a:2f:41:2d:
                    1c:2a:9d:84:a6:d1:08:30:09:1f:e3:c4:05:71:ed:
                    c8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DE:46:8D:FB:07:21:BD:AC:69:6B:5A:FE:63:B4:11:9E:05:F9:22
            X509v3 Authority Key Identifier:
                keyid:33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:4d:2c:af:1c:c0:71:26:aa:68:c4:15:06:5e:02:63:b9:9f:
         4e:8e:1d:df:df:87:a3:ba:6c:bc:bd:14:46:70:89:eb:ca:d3:
         63:d7:23:46:8f:c3:fb:e8:6b:55:57:f8:fb:13:45:27:5c:23:
         d1:fa:60:d9:12:ce:fb:27:c8:32:0e:ca:9a:40:68:0b:9f:ac:
         64:87:83:a2:fd:96:ec:2b:f7:bb:18:93:ba:d3:86:ca:ef:d7:
         9f:eb:34:2d:ad:da:84:12:81:17:eb:cc:1f:8c:db:b5:d1:42:
         09:ab:b6:91:d2:c5:43:74:41:f8:1b:38:1d:01:39:19:a5:08:
         f0:c5:27:be:3e:24:1b:d3:51:4d:96:9a:92:8c:91:bc:95:73:
         7e:59:54:8f:9f:89:28:df:67:3f:fd:1c:c5:7d:61:60:f7:ea:
         67:85:e5:ea:8f:a6:77:de:88:01:4a:38:f2:6a:00:7c:6d:d5:
         7c:cd:bb:08:e5:cf:60:f3:cf:0d:47:44:33:b9:ed:d0:b2:f7:
         73:fe:0e:a7:18:ec:3d:fd:de:c6:61:57:af:d7:ae:e9:fa:e2:
         c5:e1:c6:73:45:e7:b6:42:cf:af:4a:aa:36:d7:59:4a:da:5b:
         83:16:8d:27:37:d1:5e:cd:96:75:88:a6:d0:56:cd:43:c1:ca:
         95:fe:50:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7TXRt5EU3peCgBuMjl7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzODYwYzgzNzIyMTk5MDcwOWNmNWFlYTI5ZGI4MTY4OTUz
ZTdkZTAwHhcNMjQwNTE3MTkwMDIwWhcNMjQwNTE4MTkwMDIwWjAzMTEwLwYDVQQD
EygxY2RlNDY4ZGZiMDcyMWJkYWM2OTZiNWFmZTYzYjQxMTllMDVmOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMK21p7vyvodFdsYafW1lnoLvWVO
KkBU1vND4L8gp0qf6WGlXMcAYmo7f9tOfIG4hmlcyY63i/iCOlbYj/WkSWOOAuO/
a3kSzMOPcvRI514jFTW2/p1VV43OHvqTJyILu7aOUgDIX8gkOOWYzJcMQR8Egzrk
+lb+wJ5lvOEOaOvquFyYkc5/lPuffMBGMDaI9y7tm865kLOgdG/zvdN/B6XCGKsI
W02NkS6GA3QaD+sotND2oJjVsbsLqA75xTXWmq4Av0FJTo1zgSqEb79Hd8qYBGj2
J8JkPgEXLotMM1FzDq1ravbp09FndJovQS0cKp2EptEIMAkf48QFce3IRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzeRo37ByG9rGlrWv5jtBGeBfkiMB8GA1UdIwQY
MBaAFDOGDINyIZkHCc9a6inbgWiVPn3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYt
YjgyZTUzMDEwNTk3LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYtYjgyZTUzMDEwNTk3
LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt00srxzA
cSaqaMQVBl4CY7mfTo4d39+Ho7psvL0URnCJ68rTY9cjRo/D++hrVVf4+xNFJ1wj
0fpg2RLO+yfIMg7KmkBoC5+sZIeDov2W7Cv3uxiTutOGyu/Xn+s0La3ahBKBF+vM
H4zbtdFCCau2kdLFQ3RB+Bs4HQE5GaUI8MUnvj4kG9NRTZaakoyRvJVzfllUj5+J
KN9nP/0cxX1hYPfqZ4Xl6o+md96IAUo48moAfG3VfM27COXPYPPPDUdEM7nt0LL3
c/4OpxjsPf3exmFXr9eu6frixeHGc0XntkLPr0qqNtdZStpbgxaNJzfRXs2WdYim
0FbNQ8HKlf5QlA==
-----END CERTIFICATE-----