Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          YrFnLEdu8myz4ZYsIC6ykM7rsIO/alwcPE1z2X5hIU4=
Subject key identifier:   47:4A:D2:69:46:76:59:BC:AF:A6:E4:B0:BC:EC:44:AB:F0:DD:1F:A7
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       01936B229A52998B63B741DE5A198C5A1D01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          137A
Signing time:             Wed 27 Nov 2024 01:00:49 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:49 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:49 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: p4uX461Pe7XmyhGbM3XdruZmPnbov0pIGt7v639fOqg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:9a:52:99:8b:63:b7:41:de:5a:19:8c:5a:1d:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Nov 27 01:00:49 2024 GMT
            Not After : Nov 28 01:00:49 2024 GMT
        Subject: CN=474ad269467659bcafa6e4b0bcec44abf0dd1fa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e8:dd:f1:c5:82:8a:a6:a8:30:e0:02:ee:43:
                    c8:4a:cb:d8:ef:10:e1:14:f4:a5:b6:8d:36:3d:fc:
                    69:c6:90:36:5b:b0:16:d0:3b:32:db:de:a3:d9:e0:
                    f7:74:42:24:a0:bd:6e:7e:a9:10:f9:8d:c6:51:41:
                    f7:3e:6f:74:27:99:7a:54:e6:e7:a4:33:4d:8a:da:
                    ab:4d:31:c9:33:81:55:4f:7e:cd:f9:96:5a:2d:33:
                    b9:ea:46:1b:f3:ad:84:89:71:51:91:10:83:2a:92:
                    18:d6:c4:62:2d:09:80:49:bf:02:53:a5:b3:dd:44:
                    fd:3f:c1:c9:0b:15:5d:35:d5:cf:40:bf:1e:2f:d0:
                    ec:34:38:65:fb:6c:16:49:f4:fe:ca:ef:dc:f1:f4:
                    bf:0c:ab:ec:ef:69:98:7f:d8:6e:55:0f:ab:04:8f:
                    bf:61:2e:14:3b:56:cd:32:19:59:43:a5:ea:1a:99:
                    23:5b:53:ff:25:80:f0:11:5c:9c:17:52:3a:d0:6b:
                    d0:60:45:d8:5a:1b:04:46:d9:ba:d9:41:43:8e:0f:
                    6d:97:39:e1:b9:7a:d8:75:1c:17:6a:19:e4:95:7a:
                    57:73:ed:fd:46:86:91:08:65:a1:d6:0a:ee:5a:09:
                    25:1f:95:d1:9a:15:52:eb:66:7d:65:a7:40:e9:ce:
                    0e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:4A:D2:69:46:76:59:BC:AF:A6:E4:B0:BC:EC:44:AB:F0:DD:1F:A7
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:fa:61:34:35:37:68:13:01:ca:96:49:dc:13:22:0b:0a:82:
         2b:ab:d4:f1:ae:ac:9e:34:1f:f8:9c:a3:20:f1:94:9e:ba:c3:
         07:44:fe:92:b7:88:d8:65:46:83:87:9c:e4:5c:f4:3a:c9:f4:
         72:60:87:33:d3:27:8b:35:1e:c8:ba:db:6c:58:6a:dc:48:83:
         bc:b6:43:03:b2:dc:79:83:5a:fd:45:f5:91:aa:11:52:24:7a:
         39:47:9c:c8:97:75:64:ee:5f:50:ae:a8:3e:ce:34:00:0a:4d:
         d6:fc:93:5b:76:5d:42:70:68:50:8a:10:d5:95:ed:22:f9:27:
         a0:1d:4d:a5:42:f4:05:8e:4c:9e:4d:fe:a8:da:b9:58:f0:7f:
         7c:4e:af:25:bb:4a:89:e7:d7:e3:a7:1f:6a:75:14:79:56:9f:
         ad:6a:4e:2e:2f:6c:e1:9d:16:15:57:d3:f9:90:c6:47:6b:76:
         2a:65:30:2d:7c:95:47:59:d7:03:c0:67:e6:29:4c:63:f3:c7:
         0f:5c:76:85:c5:ca:97:ed:8b:2c:2f:c6:04:fa:3d:dc:b0:59:
         a9:63:f1:ce:e1:0f:f7:4b:7c:b4:75:c3:4b:77:96:2b:d0:36:
         69:a8:39:ea:4f:d2:b5:9e:7f:97:d6:ce:45:ac:66:99:62:2b:
         89:32:31:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIppSmYtjt0HeWhmMWh0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjQxMTI3MDEwMDQ5WhcNMjQxMTI4MDEwMDQ5WjAzMTEwLwYDVQQD
Eyg0NzRhZDI2OTQ2NzY1OWJjYWZhNmU0YjBiY2VjNDRhYmYwZGQxZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOjd8cWCiqaoMOAC7kPISsvY7xDh
FPSlto02PfxpxpA2W7AW0Dsy296j2eD3dEIkoL1ufqkQ+Y3GUUH3Pm90J5l6VObn
pDNNitqrTTHJM4FVT37N+ZZaLTO56kYb862EiXFRkRCDKpIY1sRiLQmASb8CU6Wz
3UT9P8HJCxVdNdXPQL8eL9DsNDhl+2wWSfT+yu/c8fS/DKvs72mYf9huVQ+rBI+/
YS4UO1bNMhlZQ6XqGpkjW1P/JYDwEVycF1I60GvQYEXYWhsERtm62UFDjg9tlznh
uXrYdRwXahnklXpXc+39RoaRCGWh1gruWgklH5XRmhVS62Z9ZadA6c4OowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdK0mlGdlm8r6bksLzsRKvw3R+nMB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFPphNDU3
aBMBypZJ3BMiCwqCK6vU8a6snjQf+JyjIPGUnrrDB0T+kreI2GVGg4ec5Fz0Osn0
cmCHM9MnizUeyLrbbFhq3EiDvLZDA7LceYNa/UX1kaoRUiR6OUecyJd1ZO5fUK6o
Ps40AApN1vyTW3ZdQnBoUIoQ1ZXtIvknoB1NpUL0BY5Mnk3+qNq5WPB/fE6vJbtK
iefX46cfanUUeVafrWpOLi9s4Z0WFVfT+ZDGR2t2KmUwLXyVR1nXA8Bn5ilMY/PH
D1x2hcXKl+2LLC/GBPo93LBZqWPxzuEP90t8tHXDS3eWK9A2aag56k/StZ5/l9bO
RaxmmWIriTIx9A==
-----END CERTIFICATE-----