Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
File:                     oy2niZiHqsRJlYu5DrU1lRqXOgA.mft (raw, json)
Hash identifier:          4VwMHXHONlkgObbve7RMlnpfnSgb4D/Yb5HsHRV/6lk=
Subject key identifier:   A9:85:6B:2B:64:BB:F0:48:50:32:0F:2B:27:82:31:6F:36:F1:9B:9B
Authority key identifier: A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00
Certificate issuer:       /CN=a32da7899887aac449958bb90eb535951a973a00
Certificate serial:       018F874A9587F17947956CF1433E0D7D01A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
Manifest number:          0A77
Signing time:             Fri 17 May 2024 16:02:43 +0000
Manifest this update:     Fri 17 May 2024 16:02:43 +0000
Manifest next update:     Sat 18 May 2024 16:02:43 +0000
Files and hashes:         1: oy2niZiHqsRJlYu5DrU1lRqXOgA.crl (hash: AVHmXlJLv2k1E0ZLVqjraCwIqxzHM8CgOsR2vPOpNBc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:95:87:f1:79:47:95:6c:f1:43:3e:0d:7d:01:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a32da7899887aac449958bb90eb535951a973a00
        Validity
            Not Before: May 17 16:02:43 2024 GMT
            Not After : May 18 16:02:43 2024 GMT
        Subject: CN=a9856b2b64bbf04850320f2b2782316f36f19b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d8:7e:79:ba:ab:2e:f2:b4:11:23:5b:4d:5b:
                    f0:fa:da:89:5f:07:7b:80:fb:51:ff:ae:79:87:ae:
                    19:62:1a:98:cc:97:f5:6f:d2:e3:68:11:34:04:3a:
                    2f:df:aa:7a:05:97:12:b2:12:71:74:33:a6:ec:f5:
                    73:be:c3:aa:b1:67:f5:93:76:9f:2d:c5:4c:e6:3d:
                    07:e3:6b:4c:d5:0d:2c:41:5c:33:12:35:53:5f:1d:
                    32:b0:a2:25:2d:6c:9c:d1:76:b6:26:74:64:1e:5c:
                    96:eb:b6:be:db:1c:03:51:d9:c0:99:5f:53:1a:a8:
                    2d:46:d7:2a:33:f6:ce:bc:a9:ff:27:a5:4c:be:c4:
                    6f:12:ef:f8:07:0c:5d:40:a8:e4:ba:a3:35:65:89:
                    c6:50:2d:30:5a:d5:99:cd:3b:ab:15:0d:f3:13:5c:
                    be:76:05:4e:13:11:c2:c1:36:73:ef:53:06:09:e1:
                    ce:30:47:9a:b0:2d:f7:7a:fa:d3:23:e1:29:cb:0e:
                    9c:dc:1e:10:61:96:f4:d3:aa:76:74:52:d4:ec:3d:
                    34:cc:6b:32:ab:fb:a7:7a:8b:d2:87:b3:7f:69:34:
                    9d:91:3d:65:51:24:ca:8b:75:2d:b1:23:46:22:bd:
                    13:d7:72:35:03:64:92:23:88:de:ba:60:ff:f6:2b:
                    88:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:85:6B:2B:64:BB:F0:48:50:32:0F:2B:27:82:31:6F:36:F1:9B:9B
            X509v3 Authority Key Identifier:
                keyid:A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:c2:97:4a:83:ca:8b:c9:71:81:39:7a:64:6f:f9:a7:be:1c:
         8b:95:c1:58:55:a6:55:78:bb:7f:ba:24:57:ce:b2:87:15:c8:
         fe:91:a5:65:9e:74:c2:57:80:1d:ab:f4:2d:90:08:40:fe:b0:
         0f:ad:7e:8b:93:5e:d2:e9:56:67:d9:bf:d6:3e:31:1a:33:4f:
         35:13:d8:c7:ef:e2:ea:ea:5a:ea:0b:7b:93:c9:dd:d1:bb:37:
         a7:ec:ed:36:b0:33:98:85:f5:3a:42:ec:e3:97:4e:39:71:2e:
         33:ca:d5:c6:f1:56:d3:f2:13:29:41:61:cd:e1:b8:33:2d:ac:
         65:00:d4:f9:8a:ef:5d:1e:68:cc:9d:dd:54:60:4b:e4:01:c1:
         86:90:94:d4:fb:07:b9:ea:f7:18:d3:15:b4:22:a6:ed:80:74:
         7d:de:14:16:07:83:85:0d:51:ae:45:d7:06:7d:79:04:ab:ab:
         c9:90:73:ab:3c:2d:ef:1e:3a:af:1c:02:7b:24:3a:8d:15:f0:
         d2:87:1e:71:04:47:59:fd:60:0f:08:d1:d9:c6:34:be:ec:a8:
         0f:7d:48:f6:9a:d5:a5:01:46:b6:4e:2b:50:e6:32:56:36:ec:
         37:40:9d:18:a7:36:b3:05:cc:8b:8f:22:47:6e:6f:b5:ce:7a:
         82:a9:65:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSpWH8XlHlWzxQz4NfQGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMmRhNzg5OTg4N2FhYzQ0OTk1OGJiOTBlYjUzNTk1MWE5
NzNhMDAwHhcNMjQwNTE3MTYwMjQzWhcNMjQwNTE4MTYwMjQzWjAzMTEwLwYDVQQD
EyhhOTg1NmIyYjY0YmJmMDQ4NTAzMjBmMmIyNzgyMzE2ZjM2ZjE5YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29h+ebqrLvK0ESNbTVvw+tqJXwd7
gPtR/655h64ZYhqYzJf1b9LjaBE0BDov36p6BZcSshJxdDOm7PVzvsOqsWf1k3af
LcVM5j0H42tM1Q0sQVwzEjVTXx0ysKIlLWyc0Xa2JnRkHlyW67a+2xwDUdnAmV9T
GqgtRtcqM/bOvKn/J6VMvsRvEu/4BwxdQKjkuqM1ZYnGUC0wWtWZzTurFQ3zE1y+
dgVOExHCwTZz71MGCeHOMEeasC33evrTI+Epyw6c3B4QYZb006p2dFLU7D00zGsy
q/uneovSh7N/aTSdkT1lUSTKi3UtsSNGIr0T13I1A2SSI4jeumD/9iuIxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmFaytku/BIUDIPKyeCMW828ZubMB8GA1UdIwQY
MBaAFKMtp4mYh6rESZWLuQ61NZUalzoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUt
ZDMzMzJmOTA0NGVjLzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUtZDMzMzJmOTA0NGVj
LzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8KXSoPK
i8lxgTl6ZG/5p74ci5XBWFWmVXi7f7okV86yhxXI/pGlZZ50wleAHav0LZAIQP6w
D61+i5Ne0ulWZ9m/1j4xGjNPNRPYx+/i6upa6gt7k8nd0bs3p+ztNrAzmIX1OkLs
45dOOXEuM8rVxvFW0/ITKUFhzeG4My2sZQDU+YrvXR5ozJ3dVGBL5AHBhpCU1PsH
uer3GNMVtCKm7YB0fd4UFgeDhQ1RrkXXBn15BKuryZBzqzwt7x46rxwCeyQ6jRXw
0ocecQRHWf1gDwjR2cY0vuyoD31I9prVpQFGtk4rUOYyVjbsN0CdGKc2swXMi48i
R25vtc56gqllAg==
-----END CERTIFICATE-----