Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          fruBtFS2nS8KJSFBi38yoM1jlmDnd4yU2pLOWChve58=
Subject key identifier:   16:72:02:F2:37:60:16:1D:76:5E:29:70:30:F8:FB:8F:F6:6E:FC:85
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       018F86A3E72A5F98FE0996B2F52F6F55EF96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0588
Signing time:             Fri 17 May 2024 13:00:39 +0000
Manifest this update:     Fri 17 May 2024 13:00:39 +0000
Manifest next update:     Sat 18 May 2024 13:00:39 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: 3hybecxM4eVds0q4JUrOUyviTajLVbyjQ3OaGko+/Kg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:e7:2a:5f:98:fe:09:96:b2:f5:2f:6f:55:ef:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: May 17 13:00:39 2024 GMT
            Not After : May 18 13:00:39 2024 GMT
        Subject: CN=167202f23760161d765e297030f8fb8ff66efc85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:43:2b:8a:73:1a:fe:bb:fa:6e:e7:51:0d:87:
                    25:8b:42:b3:58:9e:18:1e:a6:9e:72:66:f2:23:fc:
                    cc:19:59:71:81:22:70:10:4d:37:7e:ca:2a:34:29:
                    27:8a:87:db:57:31:d0:2d:9d:91:70:6c:6b:24:5d:
                    37:fa:af:25:98:07:c3:0c:24:20:44:31:39:60:bd:
                    9a:fa:7c:25:89:1b:c6:0e:12:44:7a:0a:66:79:54:
                    9b:b1:56:ab:ac:63:63:00:6f:42:d1:db:87:a3:33:
                    d3:ad:7a:0d:16:cd:d6:8c:f5:de:27:8c:b8:92:3e:
                    81:bb:f7:e5:cf:79:6a:4f:26:c7:3b:25:6f:3d:c4:
                    dd:17:cb:9d:2a:01:4b:47:35:11:d5:fc:5e:c2:bf:
                    09:fe:13:34:65:e0:87:4d:bc:cf:c4:1d:9a:ac:dc:
                    12:a9:05:cc:0c:f5:35:89:bb:f2:b0:31:fa:b8:4e:
                    67:4b:ed:75:f4:ca:d3:59:60:9a:5b:43:b4:70:3c:
                    aa:b0:f7:07:2a:50:a2:7b:05:23:c6:98:60:4a:9b:
                    b5:49:53:ed:44:c0:f3:b8:38:50:92:3c:64:7b:f9:
                    c5:1d:f8:36:24:21:81:ee:83:b4:b5:5d:17:d0:5b:
                    d5:c6:00:62:62:57:bd:d7:fe:6d:fc:00:62:2d:a0:
                    11:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:72:02:F2:37:60:16:1D:76:5E:29:70:30:F8:FB:8F:F6:6E:FC:85
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:f9:fd:93:18:a2:41:bf:27:8f:6e:95:42:cb:85:1a:c9:3b:
         b1:4e:42:b4:b5:da:41:2c:45:d8:4f:fa:42:53:10:b4:d2:54:
         24:1d:0e:56:a9:5d:a2:70:5f:ab:89:3c:73:78:10:7c:be:63:
         8d:a1:ed:24:7e:cf:5d:7b:51:0f:e8:d2:8c:a4:0a:ce:08:69:
         cc:fc:59:63:c8:32:0b:33:e5:e2:bb:31:09:8e:46:a7:ea:6d:
         1c:0e:d8:a6:2a:c8:b0:02:da:2d:ed:fa:97:fd:6c:71:a3:20:
         c5:c1:76:00:97:48:72:c9:71:b0:c3:38:44:30:2d:9d:2d:35:
         44:a9:f0:b6:91:8d:97:27:fd:27:7a:75:4c:92:6d:1e:d9:ce:
         13:56:b1:0b:da:9c:55:de:d4:a1:94:a0:a0:2a:ec:09:62:ee:
         14:b3:3f:90:66:ba:8f:ad:d8:23:bd:71:a8:f1:27:a4:0c:64:
         d8:b1:10:6a:28:2f:71:3e:70:97:f5:02:f8:55:fa:28:f7:68:
         38:43:7a:64:2c:bc:9b:77:b1:10:62:4e:3c:8d:18:ff:3b:90:
         53:f3:87:e7:79:d7:e0:3e:7a:36:40:50:a9:22:18:f5:2b:22:
         7c:32:e9:01:70:6d:d2:40:4b:ee:02:42:3e:68:a4:ae:56:3c:
         d7:88:2e:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go+cqX5j+CZay9S9vVe+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjQwNTE3MTMwMDM5WhcNMjQwNTE4MTMwMDM5WjAzMTEwLwYDVQQD
EygxNjcyMDJmMjM3NjAxNjFkNzY1ZTI5NzAzMGY4ZmI4ZmY2NmVmYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0MrinMa/rv6budRDYcli0KzWJ4Y
HqaecmbyI/zMGVlxgSJwEE03fsoqNCkniofbVzHQLZ2RcGxrJF03+q8lmAfDDCQg
RDE5YL2a+nwliRvGDhJEegpmeVSbsVarrGNjAG9C0duHozPTrXoNFs3WjPXeJ4y4
kj6Bu/flz3lqTybHOyVvPcTdF8udKgFLRzUR1fxewr8J/hM0ZeCHTbzPxB2arNwS
qQXMDPU1ibvysDH6uE5nS+119MrTWWCaW0O0cDyqsPcHKlCiewUjxphgSpu1SVPt
RMDzuDhQkjxke/nFHfg2JCGB7oO0tV0X0FvVxgBiYle91/5t/ABiLaARaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZyAvI3YBYddl4pcDD4+4/2bvyFMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwfn9kxii
Qb8nj26VQsuFGsk7sU5CtLXaQSxF2E/6QlMQtNJUJB0OVqldonBfq4k8c3gQfL5j
jaHtJH7PXXtRD+jSjKQKzghpzPxZY8gyCzPl4rsxCY5Gp+ptHA7YpirIsALaLe36
l/1scaMgxcF2AJdIcslxsMM4RDAtnS01RKnwtpGNlyf9J3p1TJJtHtnOE1axC9qc
Vd7UoZSgoCrsCWLuFLM/kGa6j63YI71xqPEnpAxk2LEQaigvcT5wl/UC+FX6KPdo
OEN6ZCy8m3exEGJOPI0Y/zuQU/OH53nX4D56NkBQqSIY9SsifDLpAXBt0kBL7gJC
PmikrlY814guqg==
-----END CERTIFICATE-----