Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          FDajxGsZbw6mVF/Mr77xiNjWH9A5qVSAk9TMcyBJ0eE=
Subject key identifier:   07:DC:4C:70:FF:EF:10:F7:71:0B:F1:07:AA:CB:A7:3D:74:61:B0:F5
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       018F87ECFEE7D3861F69F9DC54260E9212F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 19:00:06 +0000
Manifest this update:     Fri 17 May 2024 19:00:06 +0000
Manifest next update:     Sat 18 May 2024 19:00:06 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: 02wq2ccuCH0Cokmj4nU6aPhU4J9ihvM8zlyOcpMmo9o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ec:fe:e7:d3:86:1f:69:f9:dc:54:26:0e:92:12:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: May 17 19:00:06 2024 GMT
            Not After : May 18 19:00:06 2024 GMT
        Subject: CN=07dc4c70ffef10f7710bf107aacba73d7461b0f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:69:af:68:dc:0e:70:08:8b:06:b6:df:dd:4e:
                    1b:7d:ff:db:c8:cd:d6:ac:13:30:ac:8c:be:ba:2d:
                    8b:b5:b1:5b:db:87:78:b5:4c:11:fa:21:8b:70:3f:
                    a4:94:dd:a0:66:d2:44:5d:ea:d4:03:7d:59:7e:c8:
                    2e:04:99:7f:05:d3:f0:1b:88:01:99:ac:ae:d4:c4:
                    b0:64:a6:f7:b9:da:bc:10:98:63:c1:d9:db:2d:7b:
                    73:e8:7f:10:c0:ca:49:e8:de:d3:22:49:c1:36:78:
                    7d:00:cf:91:e4:49:90:94:14:45:5c:5a:ce:00:8f:
                    81:4b:2f:2e:fd:14:f5:d1:56:11:72:19:3b:4d:cb:
                    6d:26:e8:cf:19:33:3a:9d:c5:e9:11:55:d1:e2:93:
                    7c:55:16:b6:4c:5d:10:31:ac:d0:52:9b:1d:0c:c3:
                    47:ba:8e:19:c1:36:c2:60:0d:0d:af:5d:a4:c0:7c:
                    23:d7:2f:61:8b:39:34:85:56:7a:09:b8:20:b1:44:
                    96:02:76:09:c3:92:a2:39:83:66:4a:93:2e:d7:77:
                    21:58:72:77:88:69:bd:d6:02:46:63:13:3c:3d:f8:
                    db:c2:cc:8d:de:46:cc:61:84:ba:38:d9:dd:c4:b9:
                    c9:0b:cb:ba:85:86:d1:3f:6d:be:ea:e4:ff:0c:06:
                    de:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:DC:4C:70:FF:EF:10:F7:71:0B:F1:07:AA:CB:A7:3D:74:61:B0:F5
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:60:a3:70:c5:5f:0b:e2:ac:38:d2:4c:b5:84:41:e7:76:1e:
         35:63:5f:7b:63:68:c5:01:cb:d5:e9:04:61:65:10:bb:77:90:
         71:cb:82:1c:a0:21:45:64:63:71:4e:21:6f:d8:e4:3e:bb:0a:
         35:4c:e7:59:1f:a8:ad:d1:ce:0d:dd:d1:88:f5:53:d7:9d:56:
         33:ce:9b:ff:d4:b9:92:8d:c4:0f:fd:a6:f4:ef:0b:11:14:d3:
         39:41:11:11:15:db:bd:e1:ec:9f:af:9e:e2:0f:4c:10:46:da:
         76:1f:06:d5:13:ae:c1:8c:5c:be:e1:dd:c8:6a:d2:81:01:8b:
         50:4a:25:c3:28:b5:f8:90:2f:7f:f8:65:86:44:2f:f9:7a:75:
         a6:5b:c3:63:22:fb:3d:0f:b8:86:76:77:57:ae:10:ce:2d:de:
         5d:17:6d:85:f3:22:da:84:e7:4e:43:ce:79:22:e4:7c:0c:3b:
         d3:37:76:35:49:6d:56:9c:7b:97:f6:d4:bf:30:ea:c6:f5:33:
         19:0d:d0:6d:ac:c9:26:2c:f5:8f:60:82:30:1d:58:7a:ed:c1:
         c6:b1:00:88:92:b8:cb:fd:5b:38:36:e1:ae:36:24:f6:c9:16:
         45:8c:ce:6a:45:0a:ee:33:68:f9:54:58:87:1b:20:ff:17:fe:
         e5:8c:31:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7P7n04YfafncVCYOkhLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjQwNTE3MTkwMDA2WhcNMjQwNTE4MTkwMDA2WjAzMTEwLwYDVQQD
EygwN2RjNGM3MGZmZWYxMGY3NzEwYmYxMDdhYWNiYTczZDc0NjFiMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mmvaNwOcAiLBrbf3U4bff/byM3W
rBMwrIy+ui2LtbFb24d4tUwR+iGLcD+klN2gZtJEXerUA31ZfsguBJl/BdPwG4gB
mayu1MSwZKb3udq8EJhjwdnbLXtz6H8QwMpJ6N7TIknBNnh9AM+R5EmQlBRFXFrO
AI+BSy8u/RT10VYRchk7TcttJujPGTM6ncXpEVXR4pN8VRa2TF0QMazQUpsdDMNH
uo4ZwTbCYA0Nr12kwHwj1y9hizk0hVZ6CbggsUSWAnYJw5KiOYNmSpMu13chWHJ3
iGm91gJGYxM8PfjbwsyN3kbMYYS6ONndxLnJC8u6hYbRP22+6uT/DAbebwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfcTHD/7xD3cQvxB6rLpz10YbD1MB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWCjcMVf
C+KsONJMtYRB53YeNWNfe2NoxQHL1ekEYWUQu3eQccuCHKAhRWRjcU4hb9jkPrsK
NUznWR+ordHODd3RiPVT151WM86b/9S5ko3ED/2m9O8LERTTOUERERXbveHsn6+e
4g9MEEbadh8G1ROuwYxcvuHdyGrSgQGLUEolwyi1+JAvf/hlhkQv+Xp1plvDYyL7
PQ+4hnZ3V64Qzi3eXRdthfMi2oTnTkPOeSLkfAw70zd2NUltVpx7l/bUvzDqxvUz
GQ3QbazJJiz1j2CCMB1Yeu3BxrEAiJK4y/1bODbhrjYk9skWRYzOakUK7jNo+VRY
hxsg/xf+5Ywxfw==
-----END CERTIFICATE-----