Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          09NcTRqvuy/wmkpO5bTqlhwt5MSi99H0Ly7SgKp3214=
Subject key identifier:   82:4A:D7:5B:A7:DB:E0:3B:91:95:43:54:0E:63:16:55:47:92:50:AF
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       018FF5CAF85D693BB312A9B69ADDE31DAE0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          11AE
Signing time:             Sat 08 Jun 2024 03:01:10 +0000
Manifest this update:     Sat 08 Jun 2024 03:01:10 +0000
Manifest next update:     Sun 09 Jun 2024 03:01:10 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: k1VMWaeFN1hf6yEnodNBFkqGZKtqTMfuT4xfJBko4l0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:f5:ca:f8:5d:69:3b:b3:12:a9:b6:9a:dd:e3:1d:ae:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Jun  8 03:01:10 2024 GMT
            Not After : Jun  9 03:01:10 2024 GMT
        Subject: CN=824ad75ba7dbe03b919543540e631655479250af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:32:01:7b:de:fc:8a:2d:24:97:84:68:48:a4:
                    d3:95:d9:c9:0c:7e:f8:03:5b:a2:40:b9:5c:c9:2e:
                    33:92:b8:82:da:cc:1a:61:ec:3e:79:95:d6:55:46:
                    66:9d:96:75:f7:46:0b:b9:9d:26:76:be:ae:d4:cc:
                    7a:40:b6:c7:57:80:50:80:97:c4:62:d6:57:60:87:
                    42:28:4b:e6:d1:09:b7:c2:12:e5:6f:12:e9:5a:40:
                    91:a3:7d:e3:ef:af:77:ed:b8:07:f0:2a:5b:c0:da:
                    13:2f:28:78:4d:73:30:aa:32:6c:96:71:43:75:f5:
                    60:e1:19:7b:84:78:d6:6a:6f:db:a0:e1:83:16:16:
                    5f:f0:7f:89:ac:06:72:79:0a:90:57:22:db:0f:a6:
                    39:54:fc:22:34:29:99:aa:5f:44:af:ee:30:d8:ae:
                    eb:73:1f:f1:c0:ad:62:41:cd:43:85:76:ae:e9:99:
                    25:43:e6:53:ac:c5:e2:f8:08:d7:c7:ce:59:ee:0c:
                    e1:92:41:0e:0c:7f:a9:4f:31:c1:21:32:5a:79:5b:
                    58:b2:a3:56:06:dc:10:2c:c2:fb:da:34:ae:43:e8:
                    80:54:bb:15:25:77:ae:bc:f0:24:ed:dc:e9:68:1a:
                    51:28:5f:d5:87:f3:c2:16:3a:59:2c:b8:6c:4d:cd:
                    44:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:4A:D7:5B:A7:DB:E0:3B:91:95:43:54:0E:63:16:55:47:92:50:AF
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:2b:77:f9:a9:c7:c0:76:af:3e:c2:24:df:f7:4d:af:f7:25:
         71:d7:92:0e:49:b6:b8:2e:eb:5c:10:c2:d6:ea:5d:73:89:2e:
         9e:18:a1:7c:02:e1:d8:45:2f:9d:c7:a6:90:c6:28:2d:57:fa:
         c7:dd:b0:86:a5:d5:ad:48:51:5d:7f:d5:c7:56:5a:45:a6:4b:
         d2:13:52:9d:5e:ac:79:11:d9:ba:f1:3b:07:80:55:e1:73:e3:
         6e:ee:0c:10:3f:88:35:99:60:62:38:b8:30:04:2f:de:99:ce:
         59:ae:ef:41:42:64:fd:ff:9f:5f:4c:ab:2e:b8:f5:80:af:42:
         5c:13:5c:df:e6:6f:61:9d:da:d3:4f:6f:da:d9:a4:0d:7d:c3:
         c8:dc:c1:0a:30:f8:86:48:1b:85:bf:03:75:d3:d4:4b:c0:ad:
         73:2a:db:11:10:30:6d:bc:91:e7:e5:3e:38:42:de:2c:46:f6:
         1a:85:de:90:d5:7f:d3:36:fc:01:a8:10:d1:83:00:82:57:ea:
         49:39:1f:04:cb:22:5a:5b:c6:dc:56:46:12:6b:17:be:80:7b:
         fa:fe:ea:5a:9c:48:bd:7b:5e:8f:6a:5c:e5:c6:5f:07:75:c1:
         de:d5:83:85:cb:11:7a:f6:a0:e5:bb:99:b2:a5:9f:84:ea:a8:
         bd:00:d1:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY/1yvhdaTuzEqm2mt3jHa4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjQwNjA4MDMwMTEwWhcNMjQwNjA5MDMwMTEwWjAzMTEwLwYDVQQD
Eyg4MjRhZDc1YmE3ZGJlMDNiOTE5NTQzNTQwZTYzMTY1NTQ3OTI1MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTIBe978ii0kl4RoSKTTldnJDH74
A1uiQLlcyS4zkriC2swaYew+eZXWVUZmnZZ190YLuZ0mdr6u1Mx6QLbHV4BQgJfE
YtZXYIdCKEvm0Qm3whLlbxLpWkCRo33j76937bgH8CpbwNoTLyh4TXMwqjJslnFD
dfVg4Rl7hHjWam/boOGDFhZf8H+JrAZyeQqQVyLbD6Y5VPwiNCmZql9Er+4w2K7r
cx/xwK1iQc1DhXau6ZklQ+ZTrMXi+AjXx85Z7gzhkkEODH+pTzHBITJaeVtYsqNW
BtwQLML72jSuQ+iAVLsVJXeuvPAk7dzpaBpRKF/Vh/PCFjpZLLhsTc1E5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJK11un2+A7kZVDVA5jFlVHklCvMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECt3+anH
wHavPsIk3/dNr/clcdeSDkm2uC7rXBDC1updc4kunhihfALh2EUvncemkMYoLVf6
x92whqXVrUhRXX/Vx1ZaRaZL0hNSnV6seRHZuvE7B4BV4XPjbu4MED+INZlgYji4
MAQv3pnOWa7vQUJk/f+fX0yrLrj1gK9CXBNc3+ZvYZ3a009v2tmkDX3DyNzBCjD4
hkgbhb8DddPUS8CtcyrbERAwbbyR5+U+OELeLEb2GoXekNV/0zb8AagQ0YMAglfq
STkfBMsiWlvG3FZGEmsXvoB7+v7qWpxIvXtej2pc5cZfB3XB3tWDhcsRevag5buZ
sqWfhOqovQDR9A==
-----END CERTIFICATE-----