Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
File:                     0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json)
Hash identifier:          TiBymO2MSKARHE4q+fQJ8Robp104fI1KK0TdRBjVXSM=
Subject key identifier:   71:CD:19:E1:79:A8:00:30:30:32:1C:93:81:01:6E:A8:B0:E7:3E:8A
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Certificate issuer:       /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial:       018F497D28667218AC01B6E164F390BCB36A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
Manifest number:          1154
Signing time:             Sun 05 May 2024 16:01:30 +0000
Manifest this update:     Sun 05 May 2024 16:01:30 +0000
Manifest next update:     Mon 06 May 2024 16:01:30 +0000
Files and hashes:         1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: 6bZKhtMQ+vhOaGCFmJibnLOJKqFq/8/FES6AVCtRj+Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:49:7d:28:66:72:18:ac:01:b6:e1:64:f3:90:bc:b3:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
        Validity
            Not Before: May  5 16:01:30 2024 GMT
            Not After : May  6 16:01:30 2024 GMT
        Subject: CN=71cd19e179a8003030321c9381016ea8b0e73e8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:74:83:07:63:d8:93:08:e5:17:b8:1c:92:27:
                    94:fa:1d:48:e8:7e:04:ce:e0:b6:d6:1b:1f:6a:2c:
                    77:93:f5:9a:7d:d0:ca:2e:37:d2:f8:b1:9a:58:a8:
                    8e:c4:17:db:05:3f:cc:b5:4c:1b:59:4e:56:00:25:
                    3b:ff:a8:f2:c5:93:9b:08:93:be:e3:12:ec:33:19:
                    68:ff:15:7a:b4:0e:4c:8e:40:5e:2c:26:2e:a7:82:
                    96:b9:f4:04:ff:2b:8f:74:a6:36:f0:3f:c6:32:69:
                    15:12:1d:1f:f3:bb:26:74:6a:68:0e:a7:6b:8a:33:
                    2f:21:24:fa:df:56:97:fb:a1:e0:fb:d0:5b:b1:f7:
                    ea:c2:11:cd:7c:b3:b5:a5:0f:9e:b5:f8:5a:1d:23:
                    69:e9:a5:4d:6e:8f:e7:0c:9f:ed:41:a5:39:97:25:
                    d3:e6:b2:9a:5f:0f:02:a8:0d:c6:d6:e5:7a:94:dd:
                    c2:89:ae:37:17:cf:24:ad:21:f8:e9:9e:2d:ac:68:
                    03:fd:ce:32:85:fb:1d:5d:ee:3c:3d:c0:04:2d:cb:
                    c7:af:6f:48:58:5e:ec:ea:a0:55:c6:da:3f:e0:a9:
                    36:11:59:25:ed:1d:5a:82:c8:e2:b1:15:b0:12:79:
                    58:e8:ff:16:52:8a:2f:23:4a:c3:9c:55:72:44:95:
                    bc:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:CD:19:E1:79:A8:00:30:30:32:1C:93:81:01:6E:A8:B0:E7:3E:8A
            X509v3 Authority Key Identifier:
                keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:5a:4f:2a:ed:16:53:6d:75:38:e1:4e:3c:57:ba:c9:e1:ca:
         16:72:1b:ff:b4:f7:52:83:b1:07:5c:43:c3:a6:ae:9e:6f:60:
         11:45:43:5f:b2:50:a6:d8:43:d2:68:32:18:ba:d3:a3:bb:67:
         2d:45:55:57:9d:95:00:1a:c4:72:af:b1:78:5a:95:c5:23:6a:
         70:e2:4b:6a:a3:d1:3e:f0:35:83:ed:93:24:7d:f0:6d:8b:cb:
         4f:74:d7:21:ab:84:fa:4b:5f:00:7d:fe:3c:7b:dd:e6:5b:2c:
         6b:81:71:8c:df:de:94:66:ec:0d:ee:8a:e9:02:2f:ee:ad:28:
         7a:c2:05:68:1d:a5:0c:c9:a5:d9:e6:f9:ff:66:c0:5f:87:c4:
         dd:2c:19:83:ec:34:52:72:d8:f3:4d:be:76:71:45:04:7f:ab:
         b8:3a:f4:66:a5:b3:32:1b:1e:a3:33:b5:04:25:36:f9:f0:48:
         db:93:34:e2:60:3b:a9:0f:fa:68:e5:d4:d7:24:2f:cc:e4:74:
         c9:7a:13:ec:49:cc:4f:73:b3:99:ce:9f:70:4f:0d:2d:9b:ad:
         ee:b4:02:d4:0c:ae:52:59:8e:09:3a:ae:62:70:8f:3f:76:d8:
         87:3a:29:6f:33:42:04:28:0f:05:60:da:c5:4f:ae:03:ca:46:
         08:86:17:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9JfShmchisAbbhZPOQvLNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjQwNTA1MTYwMTMwWhcNMjQwNTA2MTYwMTMwWjAzMTEwLwYDVQQD
Eyg3MWNkMTllMTc5YTgwMDMwMzAzMjFjOTM4MTAxNmVhOGIwZTczZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3SDB2PYkwjlF7gckieU+h1I6H4E
zuC21hsfaix3k/WafdDKLjfS+LGaWKiOxBfbBT/MtUwbWU5WACU7/6jyxZObCJO+
4xLsMxlo/xV6tA5MjkBeLCYup4KWufQE/yuPdKY28D/GMmkVEh0f87smdGpoDqdr
ijMvIST631aX+6Hg+9BbsffqwhHNfLO1pQ+etfhaHSNp6aVNbo/nDJ/tQaU5lyXT
5rKaXw8CqA3G1uV6lN3Cia43F88krSH46Z4trGgD/c4yhfsdXe48PcAELcvHr29I
WF7s6qBVxto/4Kk2EVkl7R1agsjisRWwEnlY6P8WUoovI0rDnFVyRJW8jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHNGeF5qAAwMDIck4EBbqiw5z6KMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAplpPKu0W
U211OOFOPFe6yeHKFnIb/7T3UoOxB1xDw6aunm9gEUVDX7JQpthD0mgyGLrTo7tn
LUVVV52VABrEcq+xeFqVxSNqcOJLaqPRPvA1g+2TJH3wbYvLT3TXIauE+ktfAH3+
PHvd5lssa4FxjN/elGbsDe6K6QIv7q0oesIFaB2lDMml2eb5/2bAX4fE3SwZg+w0
UnLY802+dnFFBH+ruDr0ZqWzMhseozO1BCU2+fBI25M04mA7qQ/6aOXU1yQvzOR0
yXoT7EnMT3Ozmc6fcE8NLZut7rQC1AyuUlmOCTquYnCPP3bYhzopbzNCBCgPBWDa
xU+uA8pGCIYXJw==
-----END CERTIFICATE-----