Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
File:                     KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json)
Hash identifier:          oktUMSl0NcYhS+OOJBBkbXF5SZGFS2X6YP3ET+ql4hY=
Subject key identifier:   BE:0E:CF:F6:CB:42:62:3B:70:D8:B6:E2:82:7C:17:03:7C:21:15:23
Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26
Certificate issuer:       /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
Certificate serial:       018F8937EA117498F26A683D28F1C9C3D506
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
Manifest number:          1176
Signing time:             Sat 18 May 2024 01:01:33 +0000
Manifest this update:     Sat 18 May 2024 01:01:33 +0000
Manifest next update:     Sun 19 May 2024 01:01:33 +0000
Files and hashes:         1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: nespdWwPL57xqmwxo7a4ILpB68iNT0fK9sXzKXBzXEE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:37:ea:11:74:98:f2:6a:68:3d:28:f1:c9:c3:d5:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826
        Validity
            Not Before: May 18 01:01:33 2024 GMT
            Not After : May 19 01:01:33 2024 GMT
        Subject: CN=be0ecff6cb42623b70d8b6e2827c17037c211523
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9d:79:aa:60:18:f2:52:98:a9:af:48:28:60:
                    38:6d:4f:d3:a7:28:3f:3a:ca:9e:d3:15:96:f9:fb:
                    04:54:25:10:ad:de:d6:61:c4:82:e4:cd:5e:e9:f2:
                    30:5d:2d:18:b4:70:8b:ba:35:b8:c6:60:2c:52:cd:
                    3c:e4:3f:9e:61:5b:46:6d:04:1d:2a:8b:b7:45:da:
                    d9:a4:b0:28:05:30:1e:9d:43:8b:07:fb:c5:25:3f:
                    1e:97:76:69:62:69:a6:31:fe:fe:62:80:51:19:e7:
                    d6:41:49:a8:04:39:88:30:c9:5b:8c:62:cf:a8:95:
                    00:78:8e:b5:2a:3b:b6:3d:a4:cf:14:4f:e1:f3:89:
                    d2:84:3b:28:ab:36:c1:b7:88:a5:8b:8e:4f:35:bc:
                    8f:8f:84:1d:f7:f3:90:50:6b:f5:24:2a:cf:08:72:
                    d0:15:82:a1:eb:f2:1d:cf:c3:7e:a7:4d:ae:df:6e:
                    84:7b:ff:2d:c1:67:07:d6:06:80:5b:a9:d6:d0:1a:
                    62:12:2b:ab:5c:ef:50:e0:c9:a5:07:d5:61:7a:d4:
                    f3:0f:d9:c0:e8:3d:cd:7c:5f:c8:82:71:c8:6e:8b:
                    d1:41:6a:58:cc:0a:2f:46:88:17:4c:91:02:3b:7f:
                    b1:48:56:4e:6e:f3:44:1e:ca:a8:dd:56:2c:e7:c0:
                    12:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:0E:CF:F6:CB:42:62:3B:70:D8:B6:E2:82:7C:17:03:7C:21:15:23
            X509v3 Authority Key Identifier:
                keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:08:8e:83:74:20:99:26:07:91:ad:fe:f4:89:a2:4a:1d:f2:
         c2:74:13:d6:de:d8:49:fb:dd:74:b7:50:c0:5f:51:e5:57:b2:
         16:1a:a1:b5:31:00:05:b1:37:08:9b:f9:8a:bc:d0:64:65:25:
         7b:a5:2b:54:cf:b9:f1:ea:42:cc:1f:c3:0b:17:11:50:6c:f0:
         c8:dc:d2:f9:d2:1d:76:0e:61:dd:10:06:c6:c1:c3:9e:0d:3a:
         1a:e8:b8:b0:a0:0b:56:a7:7f:44:54:b9:73:0a:0e:68:a6:af:
         2b:ec:13:f9:1b:10:ab:14:17:9e:45:a4:64:de:5f:4c:0c:38:
         73:20:01:02:c5:82:25:c5:25:e2:f5:3e:00:c3:47:c5:87:0a:
         ec:73:65:68:f1:95:38:1c:26:bf:cf:64:98:e0:f0:e1:c0:f3:
         16:1e:4e:20:a5:13:e0:ff:53:fa:71:49:f1:6c:06:fb:a7:ac:
         b7:f2:7c:b5:be:48:31:3f:a9:34:36:e9:0d:6c:8f:e3:5d:7d:
         66:91:c9:e7:47:be:24:9a:e4:fb:a6:1e:c5:7e:af:67:13:63:
         fd:a8:72:f9:f0:97:48:07:02:9e:65:97:dc:f4:a1:50:f4:15:
         5d:6a:51:28:59:9b:df:8b:09:9e:d9:ce:2e:6d:6c:ea:a4:ed:
         22:6b:04:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JN+oRdJjyamg9KPHJw9UGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2
OGQ4MjYwHhcNMjQwNTE4MDEwMTMzWhcNMjQwNTE5MDEwMTMzWjAzMTEwLwYDVQQD
EyhiZTBlY2ZmNmNiNDI2MjNiNzBkOGI2ZTI4MjdjMTcwMzdjMjExNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ15qmAY8lKYqa9IKGA4bU/Tpyg/
Osqe0xWW+fsEVCUQrd7WYcSC5M1e6fIwXS0YtHCLujW4xmAsUs085D+eYVtGbQQd
Kou3RdrZpLAoBTAenUOLB/vFJT8el3ZpYmmmMf7+YoBRGefWQUmoBDmIMMlbjGLP
qJUAeI61Kju2PaTPFE/h84nShDsoqzbBt4ili45PNbyPj4Qd9/OQUGv1JCrPCHLQ
FYKh6/Idz8N+p02u326Ee/8twWcH1gaAW6nW0BpiEiurXO9Q4MmlB9VhetTzD9nA
6D3NfF/IgnHIbovRQWpYzAovRogXTJECO3+xSFZObvNEHsqo3VYs58ASZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4Oz/bLQmI7cNi24oJ8FwN8IRUjMB8GA1UdIwQY
MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt
NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy
LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQiOg3Qg
mSYHka3+9ImiSh3ywnQT1t7YSfvddLdQwF9R5VeyFhqhtTEABbE3CJv5irzQZGUl
e6UrVM+58epCzB/DCxcRUGzwyNzS+dIddg5h3RAGxsHDng06Gui4sKALVqd/RFS5
cwoOaKavK+wT+RsQqxQXnkWkZN5fTAw4cyABAsWCJcUl4vU+AMNHxYcK7HNlaPGV
OBwmv89kmODw4cDzFh5OIKUT4P9T+nFJ8WwG+6est/J8tb5IMT+pNDbpDWyP4119
ZpHJ50e+JJrk+6YexX6vZxNj/ahy+fCXSAcCnmWX3PShUPQVXWpRKFmb34sJntnO
Lm1s6qTtImsEBA==
-----END CERTIFICATE-----