Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          kZkF42nNrHk577CVtvPdaGQeDnCMSbL9hkJexCajicM=
Subject key identifier:   3D:DA:F4:FE:03:78:E1:EE:B3:F2:93:16:10:1A:10:AC:B9:B2:4C:5F
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019406B417F98D0CFD0F0EA585241730EAC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          13C6
Signing time:             Fri 27 Dec 2024 06:00:53 +0000
Manifest this update:     Fri 27 Dec 2024 06:00:53 +0000
Manifest next update:     Sat 28 Dec 2024 06:00:53 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: 5bJDx28qBrKTxvuHVPunqe4ZvjWadElo4Yaz3yJSTGo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 06:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:b4:17:f9:8d:0c:fd:0f:0e:a5:85:24:17:30:ea:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Dec 27 06:00:53 2024 GMT
            Not After : Dec 28 06:00:53 2024 GMT
        Subject: CN=3ddaf4fe0378e1eeb3f29316101a10acb9b24c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:1f:a6:ef:05:a6:b8:74:1e:f5:fe:d5:6c:3e:
                    21:26:88:27:e9:e9:07:83:e5:94:ab:d7:73:af:b8:
                    cb:c9:09:51:2c:54:3e:ed:da:fd:82:cc:6d:2d:e6:
                    62:b4:b8:cf:13:4f:79:2c:26:50:10:7a:2e:5a:a3:
                    1d:30:e7:c9:6a:69:bd:c6:70:be:85:90:f3:b3:ef:
                    67:3e:a7:cc:da:37:7c:9a:8d:20:c7:44:b5:56:43:
                    42:c5:2b:b3:ff:ad:2c:12:55:5a:99:6c:11:7c:7c:
                    a7:6d:6f:08:e0:a8:8e:db:4f:fa:f8:81:75:14:04:
                    25:63:f3:e2:ac:5e:54:4f:94:95:cf:f1:a9:17:79:
                    5c:49:f0:79:7f:6a:6d:18:7a:81:18:33:09:f0:68:
                    54:71:3d:98:db:c0:50:de:77:e7:c4:32:b4:c3:d8:
                    9f:94:24:0e:9d:33:7d:44:db:67:83:49:a0:e2:9b:
                    e6:2e:4c:81:92:b4:f9:fe:b3:73:7a:9d:f8:78:2e:
                    f6:c0:db:d8:f7:db:ce:e8:dd:8b:83:f9:18:15:6d:
                    8c:3a:89:ef:85:0a:89:1f:be:97:dc:27:f5:95:38:
                    3a:f4:a4:50:1a:d6:e5:ed:67:9e:2f:38:46:9c:d6:
                    f9:5f:a2:7f:64:6a:e8:ba:01:72:90:a5:9b:41:34:
                    b9:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:DA:F4:FE:03:78:E1:EE:B3:F2:93:16:10:1A:10:AC:B9:B2:4C:5F
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:a8:11:11:29:50:b9:41:a8:77:31:70:23:b5:be:b4:5f:ed:
         d5:89:ab:df:e1:a4:42:85:db:0c:d1:10:71:3b:39:b9:83:68:
         7b:4f:96:19:6b:3b:a5:9a:69:b9:28:5f:7d:ac:03:84:f0:7f:
         b6:ad:68:1b:17:0e:57:81:64:f6:67:dd:4f:7e:24:a6:00:52:
         11:2a:c1:5f:e1:f2:07:05:6b:cc:b7:b9:c2:62:03:48:49:a4:
         8c:b0:a9:7b:2d:a9:2e:4c:c9:19:d4:3b:f1:9f:fc:d6:cf:77:
         17:78:ea:46:f5:d9:0d:e8:72:7e:96:f4:be:e3:84:50:4d:2d:
         1f:30:b1:4b:7e:89:33:cc:3d:f7:9f:28:de:48:56:af:0d:85:
         a0:0b:f1:ee:e5:42:82:f5:c2:75:d1:58:36:7b:11:5c:c5:c7:
         ad:28:6d:62:de:35:1b:ad:f0:b9:56:0d:93:4e:d0:07:74:30:
         ab:3e:6b:7e:83:3f:84:8f:e2:ef:bc:48:bc:e9:62:e0:14:12:
         ed:8a:96:ff:20:f4:56:8f:ec:93:46:99:b4:34:95:a9:07:b3:
         6d:87:c6:d5:fb:02:41:00:80:04:d9:03:0e:39:1d:dc:3b:3d:
         e6:5f:96:fb:03:d6:d2:c6:00:0c:1e:fd:08:95:b6:9d:cb:aa:
         62:82:93:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGtBf5jQz9Dw6lhSQXMOrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjQxMjI3MDYwMDUzWhcNMjQxMjI4MDYwMDUzWjAzMTEwLwYDVQQD
EygzZGRhZjRmZTAzNzhlMWVlYjNmMjkzMTYxMDFhMTBhY2I5YjI0YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx+m7wWmuHQe9f7VbD4hJogn6ekH
g+WUq9dzr7jLyQlRLFQ+7dr9gsxtLeZitLjPE095LCZQEHouWqMdMOfJamm9xnC+
hZDzs+9nPqfM2jd8mo0gx0S1VkNCxSuz/60sElVamWwRfHynbW8I4KiO20/6+IF1
FAQlY/PirF5UT5SVz/GpF3lcSfB5f2ptGHqBGDMJ8GhUcT2Y28BQ3nfnxDK0w9if
lCQOnTN9RNtng0mg4pvmLkyBkrT5/rNzep34eC72wNvY99vO6N2Lg/kYFW2MOonv
hQqJH76X3Cf1lTg69KRQGtbl7WeeLzhGnNb5X6J/ZGrougFykKWbQTS5hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3a9P4DeOHus/KTFhAaEKy5skxfMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKgRESlQ
uUGodzFwI7W+tF/t1Ymr3+GkQoXbDNEQcTs5uYNoe0+WGWs7pZppuShffawDhPB/
tq1oGxcOV4Fk9mfdT34kpgBSESrBX+HyBwVrzLe5wmIDSEmkjLCpey2pLkzJGdQ7
8Z/81s93F3jqRvXZDehyfpb0vuOEUE0tHzCxS36JM8w9958o3khWrw2FoAvx7uVC
gvXCddFYNnsRXMXHrShtYt41G63wuVYNk07QB3Qwqz5rfoM/hI/i77xIvOli4BQS
7YqW/yD0Vo/sk0aZtDSVqQezbYfG1fsCQQCABNkDDjkd3Ds95l+W+wPW0sYADB79
CJW2ncuqYoKT4w==
-----END CERTIFICATE-----