Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          qImaGGZXkGTChdfj4Sv2Xvx0FJN7TpgMex508jJRO1A=
Subject key identifier:   D6:07:0B:47:18:93:4F:9C:5E:13:5E:01:5C:EE:D3:C7:6B:A0:DB:A7
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       018F8749417AE3C15CC23F09850C5868C2DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1173
Signing time:             Fri 17 May 2024 16:01:16 +0000
Manifest this update:     Fri 17 May 2024 16:01:16 +0000
Manifest next update:     Sat 18 May 2024 16:01:16 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: xrCKLLteXGqHSlwhvF3KDN6H6UVu4P9BFE2qw9fvo/E=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:41:7a:e3:c1:5c:c2:3f:09:85:0c:58:68:c2:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: May 17 16:01:16 2024 GMT
            Not After : May 18 16:01:16 2024 GMT
        Subject: CN=d6070b4718934f9c5e135e015ceed3c76ba0dba7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ee:12:28:ab:01:90:59:29:89:55:c5:99:52:
                    ac:35:f2:bf:b0:a7:42:df:f7:ea:a6:e2:93:a2:e8:
                    d3:0a:60:dc:6d:b5:10:40:9b:3c:2a:ff:10:9f:d0:
                    58:26:45:da:04:eb:d2:ac:30:da:fb:fb:90:e3:6b:
                    b7:46:9f:4f:7f:f9:e2:a3:d8:6c:58:cf:d1:ce:9a:
                    bf:f2:dc:f4:97:ea:f2:59:d3:d4:dc:21:54:1e:62:
                    02:e9:db:fa:b0:19:1d:a8:45:f5:fb:d4:93:da:a1:
                    75:ce:95:ae:79:7b:bb:be:c4:d1:d5:81:5d:0b:75:
                    90:86:df:2f:27:37:c2:99:a7:0f:65:30:bf:66:55:
                    62:c1:6b:1f:e0:ac:dc:c6:78:5c:59:32:30:62:58:
                    35:2c:53:a6:fd:d4:b3:5e:42:53:b6:6e:70:cb:f5:
                    90:3d:de:a3:87:34:db:98:ac:71:aa:ec:b8:76:ef:
                    67:ff:d1:1f:c6:ce:dc:68:8a:35:33:e7:27:5e:d6:
                    df:f0:3c:3e:f2:2d:4a:fb:4d:ad:c4:3f:41:2e:c4:
                    4b:44:3e:cd:83:fc:04:99:c0:9e:ab:4c:29:8b:ca:
                    04:3b:4f:16:ac:ff:ca:1d:d0:7d:00:76:b8:15:de:
                    4b:ac:ef:f1:f0:37:f1:e6:b8:40:af:63:1d:65:37:
                    4d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:07:0B:47:18:93:4F:9C:5E:13:5E:01:5C:EE:D3:C7:6B:A0:DB:A7
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:c6:6a:1b:2d:7d:aa:6b:66:8c:2e:ff:c6:aa:46:f7:18:fc:
         ba:16:9c:44:1d:6c:bb:96:21:24:e1:1b:68:5d:d4:31:d2:8f:
         04:0f:9a:db:a0:09:63:be:6f:7c:b9:8b:7d:44:30:5d:9e:3e:
         fe:69:a0:28:3f:eb:54:a2:88:3f:e6:72:c0:12:bf:78:b5:5a:
         0c:b0:81:a5:c0:4e:a8:20:44:8a:cf:05:d7:60:71:45:44:7e:
         71:c7:f5:b3:40:3c:6f:19:f6:aa:2c:58:97:6e:8f:16:ae:e0:
         b4:c8:0c:83:0e:a5:39:bb:9d:2f:83:d1:8b:83:37:bc:81:9a:
         c9:c1:4e:97:8c:34:e0:d8:0a:d6:35:8d:89:a0:7d:04:dc:dc:
         f8:10:9f:c1:19:c0:16:f3:f0:fa:59:e6:c3:ad:33:54:9f:19:
         2a:46:f2:9d:0d:43:44:55:8a:45:1c:75:dc:a1:41:df:1f:06:
         98:e3:63:76:5f:c8:f4:4f:54:f9:21:de:78:d3:2a:88:d1:8d:
         5e:10:05:52:44:49:26:3e:a6:f4:97:b0:3c:e4:82:c5:52:c9:
         f8:12:da:4e:fd:7d:b5:02:7d:8d:db:61:a4:a7:58:87:23:8f:
         cf:f3:55:45:c8:47:47:7a:72:d5:7d:1f:58:44:f4:91:45:e9:
         5c:ca:d7:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSUF648Fcwj8JhQxYaMLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjQwNTE3MTYwMTE2WhcNMjQwNTE4MTYwMTE2WjAzMTEwLwYDVQQD
EyhkNjA3MGI0NzE4OTM0ZjljNWUxMzVlMDE1Y2VlZDNjNzZiYTBkYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO4SKKsBkFkpiVXFmVKsNfK/sKdC
3/fqpuKToujTCmDcbbUQQJs8Kv8Qn9BYJkXaBOvSrDDa+/uQ42u3Rp9Pf/nio9hs
WM/Rzpq/8tz0l+ryWdPU3CFUHmIC6dv6sBkdqEX1+9ST2qF1zpWueXu7vsTR1YFd
C3WQht8vJzfCmacPZTC/ZlViwWsf4KzcxnhcWTIwYlg1LFOm/dSzXkJTtm5wy/WQ
Pd6jhzTbmKxxquy4du9n/9Efxs7caIo1M+cnXtbf8Dw+8i1K+02txD9BLsRLRD7N
g/wEmcCeq0wpi8oEO08WrP/KHdB9AHa4Fd5LrO/x8Dfx5rhAr2MdZTdNpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYHC0cYk0+cXhNeAVzu08droNunMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQcZqGy19
qmtmjC7/xqpG9xj8uhacRB1su5YhJOEbaF3UMdKPBA+a26AJY75vfLmLfUQwXZ4+
/mmgKD/rVKKIP+ZywBK/eLVaDLCBpcBOqCBEis8F12BxRUR+ccf1s0A8bxn2qixY
l26PFq7gtMgMgw6lObudL4PRi4M3vIGaycFOl4w04NgK1jWNiaB9BNzc+BCfwRnA
FvPw+lnmw60zVJ8ZKkbynQ1DRFWKRRx13KFB3x8GmONjdl/I9E9U+SHeeNMqiNGN
XhAFUkRJJj6m9JewPOSCxVLJ+BLaTv19tQJ9jdthpKdYhyOPz/NVRchHR3py1X0f
WET0kUXpXMrXqg==
-----END CERTIFICATE-----