Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
File:                     s8l-xqz0xTcKU8r4I5YxblbkhsY.mft (raw, json)
Hash identifier:          yRGLOaQTMTTfKvjmLJ83+ShZrshvpWR53HkWolfeGHE=
Subject key identifier:   49:FD:FE:51:D9:E0:FE:A0:41:D4:07:1B:38:26:F1:75:1E:49:F4:F4
Authority key identifier: B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6
Certificate issuer:       /CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
Certificate serial:       018F877F3E071F8CA0177D9F48B807D5B41D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
Manifest number:          0142
Signing time:             Fri 17 May 2024 17:00:14 +0000
Manifest this update:     Fri 17 May 2024 17:00:14 +0000
Manifest next update:     Sat 18 May 2024 17:00:14 +0000
Files and hashes:         1: s8l-xqz0xTcKU8r4I5YxblbkhsY.crl (hash: ftK2m9aSG1iNgg3viwi0J8xv6rOXbTdFQ2pVhtloz7M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:7f:3e:07:1f:8c:a0:17:7d:9f:48:b8:07:d5:b4:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
        Validity
            Not Before: May 17 17:00:14 2024 GMT
            Not After : May 18 17:00:14 2024 GMT
        Subject: CN=49fdfe51d9e0fea041d4071b3826f1751e49f4f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:2d:94:ed:0d:35:d3:ed:6f:eb:c9:c5:d6:7b:
                    fd:5f:96:a1:9d:06:f3:85:e6:e0:e7:c8:be:f7:35:
                    4e:0f:b7:46:78:8b:93:d8:5e:6d:a3:00:fb:e1:ed:
                    97:75:6d:2c:e8:9a:d3:bd:3a:9d:c3:22:28:3a:aa:
                    69:c7:00:11:af:d5:79:d0:ca:a8:f9:84:06:ae:1c:
                    98:eb:42:14:b5:5f:6e:fb:78:79:48:cb:55:58:34:
                    63:9b:b0:d6:26:dc:36:33:72:38:cd:72:cf:53:20:
                    1b:44:23:da:53:f5:17:1d:0e:ef:b2:6b:96:10:98:
                    3b:d5:61:a1:11:53:d6:8a:76:9a:48:4e:45:bc:6c:
                    9f:bf:1e:70:72:1a:04:7c:50:f3:c7:0c:e1:18:2d:
                    0a:c1:61:72:94:d6:4b:16:fa:26:eb:52:cd:cd:ff:
                    b2:2b:47:85:9a:52:06:94:0a:53:8d:2e:34:f2:44:
                    dd:48:eb:fc:d2:82:b8:05:50:19:e8:93:e1:cc:d7:
                    87:a0:95:61:b2:a0:f4:aa:81:c6:5b:7f:bb:f5:e3:
                    e9:38:34:ea:76:eb:15:04:0b:79:a5:f9:05:38:32:
                    35:21:fc:a7:5f:5a:a2:53:bc:63:7f:a1:f7:9f:bd:
                    20:bf:ed:34:89:57:e1:51:8b:f0:29:6d:72:65:8e:
                    b8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:FD:FE:51:D9:E0:FE:A0:41:D4:07:1B:38:26:F1:75:1E:49:F4:F4
            X509v3 Authority Key Identifier:
                keyid:B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:bd:c0:4c:a1:ce:26:cb:89:1f:66:7d:0c:51:3b:29:ac:c0:
         83:1b:fb:8f:15:9f:69:85:fe:4b:c5:e5:3d:a9:3a:5f:b4:53:
         cb:99:a3:b8:29:61:49:e6:c1:7f:89:52:06:a6:b2:86:94:c3:
         ac:b2:42:68:fc:66:a9:12:37:c3:60:70:7b:b4:70:b9:f9:49:
         86:e7:27:fd:08:ac:f5:20:9d:d8:73:fd:42:3a:f9:1e:19:3d:
         b4:46:1b:10:1f:a4:30:b9:61:6f:09:b8:ba:10:fe:4d:3f:f9:
         ea:0b:32:5b:c1:27:e2:16:5f:39:d8:42:ae:d4:dd:a2:f4:d6:
         e4:f9:f2:f4:b9:85:66:35:80:42:6c:3c:eb:70:5f:2b:42:50:
         c4:00:e4:dd:58:dc:0b:e2:d8:b8:95:a4:cd:fb:f6:d3:7a:8f:
         ef:07:9a:e9:c4:06:cf:3c:c0:18:21:ec:4f:39:6e:c2:68:72:
         02:9e:0a:27:c6:35:a2:92:bf:0c:c4:9b:a5:11:7e:24:83:e5:
         6c:10:f3:4d:19:4d:69:b0:40:78:87:d9:44:c0:a9:05:47:a3:
         53:48:6d:8b:cc:c2:29:f4:9e:53:38:1f:69:33:05:7e:7c:1f:
         3c:5b:c7:6c:7c:ac:cd:e8:c1:ad:e1:f7:c1:b0:fb:80:f4:2f:
         7f:b2:a0:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hfz4HH4ygF32fSLgH1bQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzk3ZWM2YWNmNGM1MzcwYTUzY2FmODIzOTYzMTZlNTZl
NDg2YzYwHhcNMjQwNTE3MTcwMDE0WhcNMjQwNTE4MTcwMDE0WjAzMTEwLwYDVQQD
Eyg0OWZkZmU1MWQ5ZTBmZWEwNDFkNDA3MWIzODI2ZjE3NTFlNDlmNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0C2U7Q010+1v68nF1nv9X5ahnQbz
hebg58i+9zVOD7dGeIuT2F5towD74e2XdW0s6JrTvTqdwyIoOqppxwARr9V50Mqo
+YQGrhyY60IUtV9u+3h5SMtVWDRjm7DWJtw2M3I4zXLPUyAbRCPaU/UXHQ7vsmuW
EJg71WGhEVPWinaaSE5FvGyfvx5wchoEfFDzxwzhGC0KwWFylNZLFvom61LNzf+y
K0eFmlIGlApTjS408kTdSOv80oK4BVAZ6JPhzNeHoJVhsqD0qoHGW3+79ePpODTq
dusVBAt5pfkFODI1IfynX1qiU7xjf6H3n70gv+00iVfhUYvwKW1yZY64OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEn9/lHZ4P6gQdQHGzgm8XUeSfT0MB8GA1UdIwQY
MBaAFLPJfsas9MU3ClPK+COWMW5W5IbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMt
ZDNjMTk1OThhMGU2LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMtZDNjMTk1OThhMGU2
LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw73ATKHO
JsuJH2Z9DFE7KazAgxv7jxWfaYX+S8XlPak6X7RTy5mjuClhSebBf4lSBqayhpTD
rLJCaPxmqRI3w2Bwe7RwuflJhucn/Qis9SCd2HP9Qjr5Hhk9tEYbEB+kMLlhbwm4
uhD+TT/56gsyW8En4hZfOdhCrtTdovTW5Pny9LmFZjWAQmw863BfK0JQxADk3Vjc
C+LYuJWkzfv203qP7wea6cQGzzzAGCHsTzluwmhyAp4KJ8Y1opK/DMSbpRF+JIPl
bBDzTRlNabBAeIfZRMCpBUejU0hti8zCKfSeUzgfaTMFfnwfPFvHbHyszejBreH3
wbD7gPQvf7Kgzw==
-----END CERTIFICATE-----