Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          F14ZckedqNF5p8BWcP+NNLjptiHJUFMl5+8Dwy/hl+k=
Subject key identifier:   89:F8:44:44:DA:F0:47:24:25:2E:38:AA:A9:C1:87:B5:E7:1C:F9:81
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       019358094FB136342AD4FD8D3E0F7210A82D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          021D
Signing time:             Sat 23 Nov 2024 08:00:25 +0000
Manifest this update:     Sat 23 Nov 2024 08:00:25 +0000
Manifest next update:     Sun 24 Nov 2024 08:00:25 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: +Ip3OqTOrIcCTNGQGk+HsEyQr6G7VwcMIC3J0+uBM3Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:09:4f:b1:36:34:2a:d4:fd:8d:3e:0f:72:10:a8:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Nov 23 08:00:25 2024 GMT
            Not After : Nov 24 08:00:25 2024 GMT
        Subject: CN=89f84444daf04724252e38aaa9c187b5e71cf981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:33:51:f2:07:c6:b9:ec:a6:4f:c0:a5:95:e6:
                    54:a7:a2:3d:3d:af:d6:33:c6:17:e4:37:b6:a5:82:
                    5b:d0:5d:b8:4c:12:3c:0c:06:78:9d:7e:3b:6c:aa:
                    59:a8:33:50:72:9d:2e:62:29:d1:70:48:e2:ce:c6:
                    74:4e:91:94:58:1e:f5:d1:b0:94:cf:bf:17:5e:34:
                    e0:c7:55:98:0c:d7:54:fc:92:ea:e5:74:f5:cf:c5:
                    3c:64:5e:c1:49:31:5b:a1:53:5e:37:e7:81:8c:b8:
                    20:21:e6:9f:10:12:7f:a3:44:39:cf:0c:fb:d5:82:
                    13:8c:db:5f:34:1e:b8:f9:68:4b:3d:91:b2:d0:77:
                    0c:f8:d1:f6:7a:c8:e3:20:f5:7a:2d:36:86:56:48:
                    55:59:6a:a1:d9:62:6a:96:03:84:4e:1c:eb:00:23:
                    04:34:57:0a:7d:4b:31:3c:a1:7f:fa:25:13:ca:81:
                    4b:cf:ed:60:03:a8:d7:e7:d4:9a:6f:71:19:08:7c:
                    10:ee:dc:30:48:4a:7a:05:12:d9:cd:23:df:10:cf:
                    89:de:5f:4c:31:31:73:a7:60:d3:97:eb:1a:cd:c5:
                    ec:b0:7d:c7:e1:54:29:62:54:d5:a5:95:f9:be:58:
                    f0:0e:92:85:ef:64:5c:b6:e2:f6:85:47:d5:37:dd:
                    46:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F8:44:44:DA:F0:47:24:25:2E:38:AA:A9:C1:87:B5:E7:1C:F9:81
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:d8:1a:35:7a:65:f2:ec:94:d0:cd:ab:9f:7e:3e:4d:54:1c:
         87:7f:d9:3e:b1:26:e8:6c:47:f0:95:d3:f8:e5:08:5e:73:79:
         ed:57:da:30:24:88:b2:7d:ac:65:52:5e:cb:27:1e:86:1f:36:
         36:b2:ca:b8:67:24:c6:20:ed:d5:cd:d0:3c:03:21:5b:a9:34:
         2b:0b:6b:bc:1f:7a:d2:70:94:11:78:18:7b:8a:93:1f:b6:36:
         b6:23:c2:52:90:d0:81:6f:7c:3a:7a:d7:b1:bb:b3:9f:ff:5f:
         14:5f:6d:1c:c0:f8:c2:57:af:b4:50:df:11:46:74:b6:60:af:
         c9:b5:8f:1d:e0:04:85:dc:c8:49:7b:fd:cb:40:24:2a:08:f5:
         00:0c:ed:ed:ef:bf:4f:e8:30:5e:07:9d:ad:25:3b:a1:35:95:
         c7:2c:a2:9a:4e:0f:ea:8f:55:ec:46:0b:92:9e:79:5b:55:c9:
         88:f0:c1:e4:d3:d0:0e:cc:97:01:a6:a3:44:a0:fa:e5:c2:43:
         51:58:9c:96:62:c9:17:06:04:6e:4b:06:0b:55:10:44:39:9f:
         72:4c:c6:71:6e:a3:c0:48:fc:43:46:a7:a1:56:a9:6c:ea:71:
         56:74:a1:08:64:51:68:a8:c9:a7:8c:67:cd:3a:eb:02:37:08:
         21:79:e3:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYCU+xNjQq1P2NPg9yEKgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjQxMTIzMDgwMDI1WhcNMjQxMTI0MDgwMDI1WjAzMTEwLwYDVQQD
Eyg4OWY4NDQ0NGRhZjA0NzI0MjUyZTM4YWFhOWMxODdiNWU3MWNmOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jNR8gfGueymT8ClleZUp6I9Pa/W
M8YX5De2pYJb0F24TBI8DAZ4nX47bKpZqDNQcp0uYinRcEjizsZ0TpGUWB710bCU
z78XXjTgx1WYDNdU/JLq5XT1z8U8ZF7BSTFboVNeN+eBjLggIeafEBJ/o0Q5zwz7
1YITjNtfNB64+WhLPZGy0HcM+NH2esjjIPV6LTaGVkhVWWqh2WJqlgOEThzrACME
NFcKfUsxPKF/+iUTyoFLz+1gA6jX59Sab3EZCHwQ7twwSEp6BRLZzSPfEM+J3l9M
MTFzp2DTl+sazcXssH3H4VQpYlTVpZX5vljwDpKF72RctuL2hUfVN91GJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIn4RETa8EckJS44qqnBh7XnHPmBMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNgaNXpl
8uyU0M2rn34+TVQch3/ZPrEm6GxH8JXT+OUIXnN57VfaMCSIsn2sZVJeyycehh82
NrLKuGckxiDt1c3QPAMhW6k0KwtrvB960nCUEXgYe4qTH7Y2tiPCUpDQgW98OnrX
sbuzn/9fFF9tHMD4wlevtFDfEUZ0tmCvybWPHeAEhdzISXv9y0AkKgj1AAzt7e+/
T+gwXgedrSU7oTWVxyyimk4P6o9V7EYLkp55W1XJiPDB5NPQDsyXAaajRKD65cJD
UViclmLJFwYEbksGC1UQRDmfckzGcW6jwEj8Q0anoVapbOpxVnShCGRRaKjJp4xn
zTrrAjcIIXnj6g==
-----END CERTIFICATE-----