Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
File:                     4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft (raw, json)
Hash identifier:          glkE1kVnXkIgRTy33zyMC92Yy1Wnk4INDeVKlX5imUY=
Subject key identifier:   62:E5:04:E1:02:DB:E9:EB:1E:9A:01:B2:2F:7F:43:21:94:15:4E:66
Authority key identifier: E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89
Certificate issuer:       /CN=e039649faa8f9de3dae91be799a27e2ca6628789
Certificate serial:       018F5136B942C5FD090CF1DFF48E01CF522B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
Manifest number:          1158
Signing time:             Tue 07 May 2024 04:01:31 +0000
Manifest this update:     Tue 07 May 2024 04:01:31 +0000
Manifest next update:     Wed 08 May 2024 04:01:31 +0000
Files and hashes:         1: 4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl (hash: Nj08iJG21yQVctRADqGM2xgmWBo2zWtYzU6s9tgYL90=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 May 2024 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:51:36:b9:42:c5:fd:09:0c:f1:df:f4:8e:01:cf:52:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e039649faa8f9de3dae91be799a27e2ca6628789
        Validity
            Not Before: May  7 04:01:31 2024 GMT
            Not After : May  8 04:01:31 2024 GMT
        Subject: CN=62e504e102dbe9eb1e9a01b22f7f432194154e66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:91:1c:e8:38:b7:b8:d4:0a:63:85:c8:9e:71:
                    c3:d8:26:51:74:ce:f8:c7:d0:95:2a:18:70:34:e7:
                    46:84:cf:f1:63:38:c0:12:ae:08:0c:b3:13:90:00:
                    4c:de:d4:ef:ac:74:3a:78:20:f2:27:39:83:91:95:
                    b3:d5:ef:ff:16:8f:2a:55:67:90:3c:32:a0:01:a8:
                    9f:62:dc:c0:a5:ec:bb:7f:e2:57:27:f5:27:95:8e:
                    94:13:bb:d7:d6:b4:8d:1d:17:1f:39:6e:69:9c:b7:
                    33:6a:7c:4b:be:42:b5:18:54:08:80:f9:3b:6d:9a:
                    da:c2:36:da:45:64:43:a3:26:32:83:7e:c3:e8:db:
                    4a:96:85:f7:0f:3a:0e:89:c6:72:ad:73:b6:38:44:
                    5f:ca:b9:38:36:f6:7b:c1:fa:d6:aa:26:0a:2f:31:
                    ba:d8:a6:41:ee:d3:5f:10:67:57:17:90:fe:9d:c0:
                    69:bf:8a:e9:03:8e:59:fe:37:30:09:3e:67:18:a3:
                    01:e9:0b:9b:77:6f:c6:6c:e1:11:01:41:3f:27:c2:
                    af:7d:ed:e7:29:e7:a4:d5:b2:d2:01:ba:1e:dc:6f:
                    88:a3:ed:c6:aa:b8:56:71:a1:27:84:3f:9e:31:41:
                    b0:2f:9f:1b:df:b2:14:f0:bb:a6:7d:f6:36:98:98:
                    02:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:E5:04:E1:02:DB:E9:EB:1E:9A:01:B2:2F:7F:43:21:94:15:4E:66
            X509v3 Authority Key Identifier:
                keyid:E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:d8:6a:a9:eb:c8:d4:1c:5c:b6:df:2e:52:b4:22:68:23:67:
         94:b1:86:90:de:30:de:ef:a0:c9:6c:41:68:ec:24:5f:ed:aa:
         6f:94:fd:c9:72:53:a2:d2:5b:9e:b1:ba:b9:16:2c:51:c6:30:
         71:a6:16:79:e4:d2:52:42:fe:99:ea:60:b1:06:97:f3:f1:68:
         33:79:ba:8c:9a:38:6f:ec:e9:bd:85:c3:61:e1:3f:02:73:dc:
         92:20:40:45:9c:10:d7:11:63:6f:8c:fb:20:a9:5d:06:aa:da:
         4b:16:32:da:34:71:78:31:1c:66:81:23:be:5a:23:8e:d8:d5:
         02:15:1f:b1:c6:15:70:6a:da:0e:72:f0:7e:c4:2d:d7:2b:06:
         35:02:85:9b:da:3d:ae:57:2f:d6:ad:d2:d9:71:4f:d0:0e:89:
         e1:d0:3c:34:cc:8f:82:70:50:49:1f:70:d0:c2:7e:a8:1b:fc:
         7d:b2:6b:c1:9e:27:8e:fb:68:2f:db:8c:60:e7:d0:a1:3d:3d:
         85:21:e5:4a:d4:dc:bf:d1:0c:48:18:b8:68:27:0c:51:bd:c4:
         56:c5:70:4b:f5:77:21:6e:4f:cf:a5:47:a1:90:e9:81:05:40:
         75:26:0f:14:4d:e8:57:c5:d4:9e:d7:19:39:26:c4:ba:d9:34:
         7a:7f:c6:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9RNrlCxf0JDPHf9I4Bz1IrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMzk2NDlmYWE4ZjlkZTNkYWU5MWJlNzk5YTI3ZTJjYTY2
Mjg3ODkwHhcNMjQwNTA3MDQwMTMxWhcNMjQwNTA4MDQwMTMxWjAzMTEwLwYDVQQD
Eyg2MmU1MDRlMTAyZGJlOWViMWU5YTAxYjIyZjdmNDMyMTk0MTU0ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZEc6Di3uNQKY4XInnHD2CZRdM74
x9CVKhhwNOdGhM/xYzjAEq4IDLMTkABM3tTvrHQ6eCDyJzmDkZWz1e//Fo8qVWeQ
PDKgAaifYtzApey7f+JXJ/UnlY6UE7vX1rSNHRcfOW5pnLczanxLvkK1GFQIgPk7
bZrawjbaRWRDoyYyg37D6NtKloX3DzoOicZyrXO2OERfyrk4NvZ7wfrWqiYKLzG6
2KZB7tNfEGdXF5D+ncBpv4rpA45Z/jcwCT5nGKMB6Qubd2/GbOERAUE/J8Kvfe3n
Keek1bLSAboe3G+Io+3GqrhWcaEnhD+eMUGwL58b37IU8LumffY2mJgCUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLlBOEC2+nrHpoBsi9/QyGUFU5mMB8GA1UdIwQY
MBaAFOA5ZJ+qj53j2ukb55mifiymYoeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgt
ZDc2NzhhMDc4N2QxLzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgtZDc2NzhhMDc4N2Qx
LzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAONhqqevI
1Bxctt8uUrQiaCNnlLGGkN4w3u+gyWxBaOwkX+2qb5T9yXJTotJbnrG6uRYsUcYw
caYWeeTSUkL+mepgsQaX8/FoM3m6jJo4b+zpvYXDYeE/AnPckiBARZwQ1xFjb4z7
IKldBqraSxYy2jRxeDEcZoEjvlojjtjVAhUfscYVcGraDnLwfsQt1ysGNQKFm9o9
rlcv1q3S2XFP0A6J4dA8NMyPgnBQSR9w0MJ+qBv8fbJrwZ4njvtoL9uMYOfQoT09
hSHlStTcv9EMSBi4aCcMUb3EVsVwS/V3IW5Pz6VHoZDpgQVAdSYPFE3oV8XUntcZ
OSbEutk0en/GFw==
-----END CERTIFICATE-----