Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
File:                     nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json)
Hash identifier:          duzBEJ6B8EjHugWDppsw4aLoOxmkupIoz852ydwdkj0=
Subject key identifier:   7D:4F:01:DA:2D:FC:68:B0:84:35:AE:22:7D:48:32:20:4A:4E:64:8B
Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70
Certificate issuer:       /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
Certificate serial:       019369D98172CCAF06F9AB629EBED1E208E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
Manifest number:          0529
Signing time:             Tue 26 Nov 2024 19:01:22 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:22 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:22 +0000
Files and hashes:         1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: 6c9Ap22duJbovYZieAoGEWDBtZUMMc/onSyVEc6jwH4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:81:72:cc:af:06:f9:ab:62:9e:be:d1:e2:08:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
        Validity
            Not Before: Nov 26 19:01:22 2024 GMT
            Not After : Nov 27 19:01:22 2024 GMT
        Subject: CN=7d4f01da2dfc68b08435ae227d4832204a4e648b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b1:44:cb:6d:2c:8e:09:24:1e:a5:81:43:93:
                    bf:ff:0c:17:22:74:1f:a4:fd:16:84:1b:bd:10:ad:
                    59:41:92:98:1c:7d:8a:e5:9a:b3:03:10:33:60:a3:
                    5c:af:dc:64:de:5a:29:a2:b0:ab:dc:ec:7b:2b:68:
                    55:75:d5:77:11:c9:1e:d8:24:0f:f3:10:27:12:11:
                    21:e6:23:eb:5d:70:53:39:33:ac:ee:90:58:40:71:
                    9c:27:bf:0d:42:5b:c2:10:9d:82:90:d9:07:7b:c2:
                    93:ed:79:ad:fb:c8:b6:59:89:13:7f:44:de:74:4e:
                    dc:72:cc:93:39:c1:ad:87:8a:f8:27:ec:12:70:8e:
                    ce:43:59:83:d7:2f:fa:75:75:c4:93:a7:96:e4:b5:
                    f2:4f:95:07:fa:af:c1:6d:f0:d3:00:40:28:78:84:
                    cb:94:9b:77:b0:c2:94:11:3a:df:f9:ce:6f:8e:b8:
                    0d:cd:65:11:51:04:b8:90:01:cc:e2:42:c6:12:5f:
                    47:1e:89:12:99:a4:b2:f0:f7:65:8d:e0:1f:1a:95:
                    ae:0e:4f:c7:64:ae:af:2c:00:e8:6f:70:a3:f2:8d:
                    53:fc:2e:f1:2e:86:c7:b3:8f:1b:c8:c6:a0:8e:d0:
                    6e:84:33:8e:5c:89:c8:4c:eb:18:59:5c:78:b4:5c:
                    41:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:4F:01:DA:2D:FC:68:B0:84:35:AE:22:7D:48:32:20:4A:4E:64:8B
            X509v3 Authority Key Identifier:
                keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:9e:1f:73:89:4f:04:3c:49:21:c9:3f:af:a2:11:d1:00:e5:
         f5:88:32:25:c2:36:41:f2:2c:26:05:0d:22:2d:af:e7:94:2b:
         7a:2e:ac:8e:11:04:53:10:b9:8b:98:f8:c1:68:1f:e2:e1:d5:
         d3:23:05:6b:9b:05:b6:5c:a7:3b:a6:16:69:90:a8:3e:ec:68:
         91:3d:da:98:a5:95:15:9d:6d:fa:90:aa:ee:22:2d:c5:43:b2:
         03:81:ff:f4:64:d8:83:71:65:89:46:50:70:4e:82:19:56:de:
         45:1a:35:f7:71:b6:ec:3c:22:4d:19:a8:bf:e3:ea:f0:db:c0:
         36:15:ef:59:79:1b:30:94:cb:ec:72:aa:4b:93:e4:27:86:98:
         08:33:a5:ee:b8:f1:85:6f:80:36:e8:2f:87:3c:e9:ac:23:f7:
         7a:de:47:19:1b:01:52:53:0a:eb:0d:cb:c2:b2:66:5b:68:90:
         58:48:e6:82:41:04:26:01:fe:63:bf:93:ce:56:d8:98:c3:8c:
         d8:cf:a4:2b:6e:89:83:9f:b0:99:a4:6f:75:58:0d:be:3f:07:
         30:59:de:e9:aa:b7:ae:4c:88:17:88:6e:55:a7:7a:0e:d8:c0:
         b8:07:87:32:07:b1:5b:bc:dc:d8:fc:95:cf:a9:d4:f6:8a:14:
         13:40:e6:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2YFyzK8G+atinr7R4gjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx
YmRiNzAwHhcNMjQxMTI2MTkwMTIyWhcNMjQxMTI3MTkwMTIyWjAzMTEwLwYDVQQD
Eyg3ZDRmMDFkYTJkZmM2OGIwODQzNWFlMjI3ZDQ4MzIyMDRhNGU2NDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LFEy20sjgkkHqWBQ5O//wwXInQf
pP0WhBu9EK1ZQZKYHH2K5ZqzAxAzYKNcr9xk3loporCr3Ox7K2hVddV3Ecke2CQP
8xAnEhEh5iPrXXBTOTOs7pBYQHGcJ78NQlvCEJ2CkNkHe8KT7Xmt+8i2WYkTf0Te
dE7ccsyTOcGth4r4J+wScI7OQ1mD1y/6dXXEk6eW5LXyT5UH+q/BbfDTAEAoeITL
lJt3sMKUETrf+c5vjrgNzWURUQS4kAHM4kLGEl9HHokSmaSy8PdljeAfGpWuDk/H
ZK6vLADob3Cj8o1T/C7xLobHs48byMagjtBuhDOOXInITOsYWVx4tFxB6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1PAdot/GiwhDWuIn1IMiBKTmSLMB8GA1UdIwQY
MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt
ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi
LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALJ4fc4lP
BDxJIck/r6IR0QDl9YgyJcI2QfIsJgUNIi2v55Qrei6sjhEEUxC5i5j4wWgf4uHV
0yMFa5sFtlynO6YWaZCoPuxokT3amKWVFZ1t+pCq7iItxUOyA4H/9GTYg3FliUZQ
cE6CGVbeRRo193G27DwiTRmov+Pq8NvANhXvWXkbMJTL7HKqS5PkJ4aYCDOl7rjx
hW+ANugvhzzprCP3et5HGRsBUlMK6w3LwrJmW2iQWEjmgkEEJgH+Y7+TzlbYmMOM
2M+kK26Jg5+wmaRvdVgNvj8HMFne6aq3rkyIF4huVad6DtjAuAeHMgexW7zc2PyV
z6nU9ooUE0Dm8g==
-----END CERTIFICATE-----