Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          FzyjjAC/oMq2WESkl02gZqRWC++5ru4LJB3TihW6JIM=
Subject key identifier:   C3:EF:CB:28:D7:C9:8E:73:D2:79:14:97:43:01:79:0C:01:FC:46:4A
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       0193568B26EC48945696269A1E95127F7C90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 01:03:00 +0000
Manifest this update:     Sat 23 Nov 2024 01:03:00 +0000
Manifest next update:     Sun 24 Nov 2024 01:03:00 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: W9YNwYLsGp4qby4e52g5DglxzHW9qr0pDf67ypQQdVs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:03:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8b:26:ec:48:94:56:96:26:9a:1e:95:12:7f:7c:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Nov 23 01:03:00 2024 GMT
            Not After : Nov 24 01:03:00 2024 GMT
        Subject: CN=c3efcb28d7c98e73d27914974301790c01fc464a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:42:f0:7e:00:63:60:c7:af:d8:8e:57:61:fa:
                    7c:8e:a2:8c:6d:29:22:81:25:dd:5a:8b:20:81:ec:
                    9a:77:7c:5e:c4:d5:7e:f4:63:4d:05:4f:f2:8e:eb:
                    6f:ad:23:76:9e:0b:8a:a9:be:a4:70:79:62:77:42:
                    83:f6:33:75:15:02:eb:e1:89:76:65:de:a4:7e:02:
                    33:30:0a:f7:b9:bd:cb:98:49:b1:f5:20:84:ba:3e:
                    84:76:78:d1:76:b3:c0:f8:56:ae:48:2f:2f:33:c5:
                    7e:9e:9b:4d:c2:d9:39:9b:26:13:2c:e5:d4:be:67:
                    ff:40:1d:13:18:94:56:d0:b9:4b:d9:74:78:e6:9e:
                    09:62:10:10:84:32:13:81:c2:e1:1f:b2:a6:ff:d0:
                    0c:85:f2:cf:ff:79:b6:e1:f9:74:87:d3:ac:98:26:
                    b4:e1:c6:9e:5b:fa:0b:d5:4d:37:3b:e7:ae:87:0e:
                    bc:88:5e:0c:13:30:ed:c8:48:b0:5e:b6:4d:cf:35:
                    1f:c6:59:6b:27:2a:b6:df:9b:64:32:e0:fe:70:6e:
                    20:c7:d9:66:ea:81:86:68:33:78:a2:74:ab:12:48:
                    fb:6d:7a:57:ba:d2:1c:ef:67:12:8f:db:fa:2d:26:
                    93:83:57:3d:cc:ec:76:c2:6c:ed:99:43:1b:10:95:
                    f4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:EF:CB:28:D7:C9:8E:73:D2:79:14:97:43:01:79:0C:01:FC:46:4A
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:ed:a5:49:2e:d9:fe:fc:de:e5:99:6c:42:bb:47:6a:c6:ca:
         ab:9a:8f:97:a9:ec:62:68:f4:86:7f:24:1d:1c:25:ce:39:59:
         5d:d9:c8:38:9d:4a:77:e1:66:a0:7e:60:7a:3c:9c:7d:4e:b9:
         94:f9:b6:dd:8c:f2:5d:6c:7c:b5:29:0c:b9:fa:68:9c:b8:dd:
         7b:a1:91:f7:b0:c3:12:0c:9f:ca:5e:8a:39:83:d9:0d:f3:ac:
         8a:f2:bd:51:57:6b:67:f3:13:80:ca:20:b5:32:7e:f7:d7:dd:
         b6:64:d4:a1:24:44:88:7a:7c:c0:2e:db:f1:fb:ff:ce:3d:fb:
         8b:7e:c6:8e:49:a9:45:09:e1:4d:cf:1a:b3:1d:5a:3d:ac:cb:
         ca:c0:a9:0f:fc:be:2a:e4:0d:74:e5:40:d4:c2:be:1b:59:a3:
         6c:3f:26:46:85:8f:0a:12:16:d3:a9:3e:e5:b2:1b:8f:cf:18:
         fe:16:ee:c9:23:c7:b9:d1:99:45:43:4f:0e:4e:f5:b6:3e:24:
         17:1c:9d:c1:c8:f7:5a:0e:8b:d4:41:c7:45:b8:b7:19:d6:d6:
         e9:2c:af:b1:e7:1a:4f:e5:13:c3:3f:8d:c3:e9:05:8b:64:3e:
         23:74:74:d6:b4:a5:b9:ef:40:be:33:27:a7:b3:38:55:c9:63:
         a8:2a:1d:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiybsSJRWliaaHpUSf3yQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjQxMTIzMDEwMzAwWhcNMjQxMTI0MDEwMzAwWjAzMTEwLwYDVQQD
EyhjM2VmY2IyOGQ3Yzk4ZTczZDI3OTE0OTc0MzAxNzkwYzAxZmM0NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0LwfgBjYMev2I5XYfp8jqKMbSki
gSXdWosggeyad3xexNV+9GNNBU/yjutvrSN2nguKqb6kcHlid0KD9jN1FQLr4Yl2
Zd6kfgIzMAr3ub3LmEmx9SCEuj6EdnjRdrPA+FauSC8vM8V+nptNwtk5myYTLOXU
vmf/QB0TGJRW0LlL2XR45p4JYhAQhDITgcLhH7Km/9AMhfLP/3m24fl0h9OsmCa0
4caeW/oL1U03O+euhw68iF4MEzDtyEiwXrZNzzUfxllrJyq235tkMuD+cG4gx9lm
6oGGaDN4onSrEkj7bXpXutIc72cSj9v6LSaTg1c9zOx2wmztmUMbEJX0XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPvyyjXyY5z0nkUl0MBeQwB/EZKMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYe2lSS7Z
/vze5ZlsQrtHasbKq5qPl6nsYmj0hn8kHRwlzjlZXdnIOJ1Kd+FmoH5gejycfU65
lPm23YzyXWx8tSkMufponLjde6GR97DDEgyfyl6KOYPZDfOsivK9UVdrZ/MTgMog
tTJ+99fdtmTUoSREiHp8wC7b8fv/zj37i37GjkmpRQnhTc8asx1aPazLysCpD/y+
KuQNdOVA1MK+G1mjbD8mRoWPChIW06k+5bIbj88Y/hbuySPHudGZRUNPDk71tj4k
Fxydwcj3Wg6L1EHHRbi3GdbW6SyvsecaT+UTwz+Nw+kFi2Q+I3R01rSlue9AvjMn
p7M4VcljqCodUA==
-----END CERTIFICATE-----