Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          YdXznaogmoyOVLop9kxxgY/OY6+k6NFWO1VZmOo0Sls=
Subject key identifier:   8F:66:08:1D:4C:71:E1:B4:AC:A5:2E:82:B2:CF:A5:E2:C2:99:CD:49
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01938BF6C651888B0D6435C6057DABB490BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0A20
Signing time:             Tue 03 Dec 2024 10:00:25 +0000
Manifest this update:     Tue 03 Dec 2024 10:00:25 +0000
Manifest next update:     Wed 04 Dec 2024 10:00:25 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: UIfMAs8y5C82QPNoT4rZiVylfmkHTx+mqKXryb4kl4U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:8b:f6:c6:51:88:8b:0d:64:35:c6:05:7d:ab:b4:90:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Dec  3 10:00:25 2024 GMT
            Not After : Dec  4 10:00:25 2024 GMT
        Subject: CN=8f66081d4c71e1b4aca52e82b2cfa5e2c299cd49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b9:2d:d2:52:f4:f4:c2:25:fe:77:96:71:0a:
                    19:c9:c3:ec:b4:ff:59:68:e3:59:9e:c6:92:d7:84:
                    22:65:f4:ea:6c:8b:09:a2:5f:7f:05:da:0a:35:74:
                    9b:a5:16:4a:2c:0b:0c:c7:d2:55:7e:32:03:82:1a:
                    6c:80:6b:fc:ca:ad:d6:9c:bf:aa:9d:13:5a:b5:21:
                    4a:97:ef:59:a1:c0:bc:fd:26:9c:81:aa:9c:a4:ef:
                    78:25:36:21:ec:6a:d9:b1:c0:ee:0f:53:0d:76:25:
                    ad:b4:f1:be:86:fe:54:5e:75:34:3d:8b:79:8d:1f:
                    72:93:2c:c9:40:c5:f8:b1:89:4c:43:37:be:7c:4a:
                    ba:1f:bb:97:45:07:03:22:58:4a:42:ef:fb:48:46:
                    51:0b:59:59:18:bd:74:46:7d:ca:81:87:f5:7c:73:
                    46:ce:34:aa:2d:e5:eb:f5:6f:0d:4d:2f:3a:71:3a:
                    d4:1c:0e:c2:64:27:12:0a:73:ec:02:19:c5:13:d7:
                    98:fa:46:ce:10:07:23:5e:86:d4:bc:96:3a:63:6e:
                    6f:0c:9a:6c:d2:db:78:1e:7e:43:7b:89:87:aa:7d:
                    0e:25:c0:74:4a:aa:dc:7b:17:34:d9:a3:66:05:15:
                    7b:d0:82:ae:03:a0:93:62:ea:a5:a5:30:1e:cd:df:
                    e9:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:66:08:1D:4C:71:E1:B4:AC:A5:2E:82:B2:CF:A5:E2:C2:99:CD:49
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:b3:62:3f:1d:0c:be:df:3c:62:89:70:3d:56:d6:aa:b6:77:
         b6:0b:01:44:02:47:55:ac:ee:2b:15:4d:b3:9a:e2:08:68:dc:
         93:3b:6b:16:82:ad:89:d2:63:e0:07:4b:66:c0:65:53:ac:86:
         91:18:d8:fd:91:e0:cf:b7:4c:f9:47:ca:ad:dd:87:85:7f:4d:
         eb:03:79:b6:4b:08:7e:36:90:d2:8a:58:58:74:b1:90:1f:e4:
         db:42:a6:db:e2:5c:05:2a:e0:b5:f5:50:20:3f:e4:46:7a:e2:
         f3:11:d8:5a:6b:c2:e1:76:0c:3f:36:d7:4a:b8:66:fe:09:27:
         99:72:cb:00:17:ec:4f:0a:05:d4:a6:b3:ee:41:cf:19:a3:14:
         ba:e3:e6:5a:ef:ca:5f:26:bd:6a:67:ff:ff:20:21:c8:52:a5:
         4a:f9:6a:82:0b:98:ad:1a:8a:6d:de:e3:9f:7e:88:b4:08:c9:
         62:5c:c5:7c:e7:86:bf:a2:46:0b:94:27:9a:85:2c:08:03:1a:
         c9:54:b7:93:c1:f5:e2:e0:b9:93:7b:64:d3:8c:70:22:f7:59:
         24:35:5f:2b:6c:a7:0d:c4:a9:12:90:60:34:35:ec:1d:14:37:
         74:fc:de:85:11:fa:38:2c:28:d0:10:22:10:04:7f:c0:04:66:
         f9:17:9e:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZOL9sZRiIsNZDXGBX2rtJC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjQxMjAzMTAwMDI1WhcNMjQxMjA0MTAwMDI1WjAzMTEwLwYDVQQD
Eyg4ZjY2MDgxZDRjNzFlMWI0YWNhNTJlODJiMmNmYTVlMmMyOTljZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27kt0lL09MIl/neWcQoZycPstP9Z
aONZnsaS14QiZfTqbIsJol9/BdoKNXSbpRZKLAsMx9JVfjIDghpsgGv8yq3WnL+q
nRNatSFKl+9ZocC8/SacgaqcpO94JTYh7GrZscDuD1MNdiWttPG+hv5UXnU0PYt5
jR9ykyzJQMX4sYlMQze+fEq6H7uXRQcDIlhKQu/7SEZRC1lZGL10Rn3KgYf1fHNG
zjSqLeXr9W8NTS86cTrUHA7CZCcSCnPsAhnFE9eY+kbOEAcjXobUvJY6Y25vDJps
0tt4Hn5De4mHqn0OJcB0Sqrcexc02aNmBRV70IKuA6CTYuqlpTAezd/pCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9mCB1MceG0rKUugrLPpeLCmc1JMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA7NiPx0M
vt88YolwPVbWqrZ3tgsBRAJHVazuKxVNs5riCGjckztrFoKtidJj4AdLZsBlU6yG
kRjY/ZHgz7dM+UfKrd2HhX9N6wN5tksIfjaQ0opYWHSxkB/k20Km2+JcBSrgtfVQ
ID/kRnri8xHYWmvC4XYMPzbXSrhm/gknmXLLABfsTwoF1Kaz7kHPGaMUuuPmWu/K
Xya9amf//yAhyFKlSvlqgguYrRqKbd7jn36ItAjJYlzFfOeGv6JGC5QnmoUsCAMa
yVS3k8H14uC5k3tk04xwIvdZJDVfK2ynDcSpEpBgNDXsHRQ3dPzehRH6OCwo0BAi
EAR/wARm+Ree4A==
-----END CERTIFICATE-----