Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          QDa9urG64T8+3rRGe8KBpcyvB+zOL5M6XexJSpqHpr8=
Subject key identifier:   69:B8:0A:5E:0F:DF:33:B6:5A:98:97:73:3F:2E:A0:D2:54:3C:2F:56
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       018F3FD5A0415979762317F67313FF7B31F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          08F4
Signing time:             Fri 03 May 2024 19:01:55 +0000
Manifest this update:     Fri 03 May 2024 19:01:55 +0000
Manifest next update:     Sat 04 May 2024 19:01:55 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: Mg5FSuf9hk3b1URV488FGxc9oiZGC2u4nzPQFiwK+as=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 19:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3f:d5:a0:41:59:79:76:23:17:f6:73:13:ff:7b:31:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: May  3 19:01:55 2024 GMT
            Not After : May  4 19:01:55 2024 GMT
        Subject: CN=69b80a5e0fdf33b65a9897733f2ea0d2543c2f56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:67:7c:23:a1:87:17:5a:d7:81:a4:24:26:7f:
                    42:5a:b2:21:a5:65:a2:70:e0:53:e8:67:a4:c0:37:
                    c8:b0:6a:39:70:69:5c:66:b4:e9:a0:b0:f5:e5:2a:
                    76:91:d3:cd:f9:c8:a9:bc:99:5b:f3:3b:65:52:28:
                    1d:c9:db:98:84:f4:5e:6f:27:53:89:25:0f:1a:11:
                    59:16:ea:e0:54:bc:5a:c4:37:3c:56:f2:2f:db:87:
                    5b:05:06:4b:53:38:ee:38:98:66:8c:6c:67:a5:09:
                    f7:de:ff:16:fb:2c:2e:be:e0:6c:09:9b:5c:bf:99:
                    02:76:30:cb:90:da:cf:a1:64:f4:2d:49:72:30:56:
                    03:85:5b:7e:91:06:09:7b:ec:29:10:1d:6f:02:14:
                    8d:0f:fd:2f:36:a9:9a:b3:9a:df:82:78:7a:86:ff:
                    d1:15:00:0a:88:03:6a:b7:ca:a7:d3:0c:f2:e1:1e:
                    81:5b:e0:a9:6f:6b:04:1c:02:a9:8a:0c:d4:a7:ea:
                    cd:9b:c9:7d:09:e3:f1:18:fc:07:8f:29:0e:5a:05:
                    41:ba:67:c3:ce:4a:19:1e:55:35:be:97:5f:37:15:
                    63:2f:51:8a:48:9e:c8:02:e3:37:43:2b:4c:bb:7d:
                    f5:2a:3b:ae:66:87:95:9c:6f:65:20:2a:67:28:a0:
                    52:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B8:0A:5E:0F:DF:33:B6:5A:98:97:73:3F:2E:A0:D2:54:3C:2F:56
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:f2:f7:b1:b9:09:a6:49:34:ad:e5:0e:06:aa:f1:4d:7a:c8:
         29:92:81:c2:45:0e:27:06:ad:5d:79:61:f1:92:0c:a3:a9:eb:
         83:22:42:f4:bc:b4:6e:55:01:04:ab:f9:27:83:d1:85:24:b2:
         3c:68:c8:e5:de:c7:3a:65:43:53:93:0b:18:13:38:98:67:a1:
         ce:15:b5:f2:81:93:1a:16:46:36:63:b2:70:95:92:ee:13:d3:
         73:ca:63:29:d2:09:0f:c1:d0:c2:c7:f8:7b:12:88:22:f7:36:
         66:d3:c5:3c:a6:f2:d0:8b:e7:58:b5:7c:8d:16:eb:33:39:54:
         e3:7f:37:3c:b3:7f:71:97:80:08:a9:5b:a4:e0:25:ce:1a:41:
         86:76:87:73:02:1d:75:b5:d0:96:e5:37:f3:4a:b4:28:64:43:
         18:df:21:e3:df:30:b3:15:6e:9b:55:57:e7:48:bd:17:58:3f:
         42:eb:dc:e0:b0:21:de:84:e7:7c:ff:1d:1c:05:39:59:3a:54:
         d2:a6:61:54:35:10:12:86:73:13:dc:59:74:3b:c3:9e:17:7b:
         a9:87:d2:90:7c:cf:59:a0:7d:1b:c8:93:32:74:6c:39:d7:42:
         66:1b:df:22:33:b8:9a:52:e6:13:68:13:cf:95:f0:4d:15:f1:
         01:d8:61:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8/1aBBWXl2Ixf2cxP/ezH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjQwNTAzMTkwMTU1WhcNMjQwNTA0MTkwMTU1WjAzMTEwLwYDVQQD
Eyg2OWI4MGE1ZTBmZGYzM2I2NWE5ODk3NzMzZjJlYTBkMjU0M2MyZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82d8I6GHF1rXgaQkJn9CWrIhpWWi
cOBT6GekwDfIsGo5cGlcZrTpoLD15Sp2kdPN+cipvJlb8ztlUigdyduYhPRebydT
iSUPGhFZFurgVLxaxDc8VvIv24dbBQZLUzjuOJhmjGxnpQn33v8W+ywuvuBsCZtc
v5kCdjDLkNrPoWT0LUlyMFYDhVt+kQYJe+wpEB1vAhSND/0vNqmas5rfgnh6hv/R
FQAKiANqt8qn0wzy4R6BW+Cpb2sEHAKpigzUp+rNm8l9CePxGPwHjykOWgVBumfD
zkoZHlU1vpdfNxVjL1GKSJ7IAuM3QytMu331KjuuZoeVnG9lICpnKKBSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGm4Cl4P3zO2WpiXcz8uoNJUPC9WMB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvL3sbkJ
pkk0reUOBqrxTXrIKZKBwkUOJwatXXlh8ZIMo6nrgyJC9Ly0blUBBKv5J4PRhSSy
PGjI5d7HOmVDU5MLGBM4mGehzhW18oGTGhZGNmOycJWS7hPTc8pjKdIJD8HQwsf4
exKIIvc2ZtPFPKby0IvnWLV8jRbrMzlU4383PLN/cZeACKlbpOAlzhpBhnaHcwId
dbXQluU380q0KGRDGN8h498wsxVum1VX50i9F1g/Quvc4LAh3oTnfP8dHAU5WTpU
0qZhVDUQEoZzE9xZdDvDnhd7qYfSkHzPWaB9G8iTMnRsOddCZhvfIjO4mlLmE2gT
z5XwTRXxAdhhvA==
-----END CERTIFICATE-----