Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          ymcba0kUh0RL0/7aetbcNjEb1RSb7IX+KhwSLbouxrg=
Subject key identifier:   5F:65:2B:3E:B8:4F:9D:30:32:31:72:1C:CD:AF:E9:17:2E:26:86:41
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       019406B40C6D516834EC95D933B28F0EF164
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          52
Signing time:             Fri 27 Dec 2024 06:00:50 +0000
Manifest this update:     Fri 27 Dec 2024 06:00:50 +0000
Manifest next update:     Sat 28 Dec 2024 06:00:50 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: 2OvVjW8pR+yRhDPpJzhtohJ9LuZzEO7vUg4I1wJKfI0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 06:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:b4:0c:6d:51:68:34:ec:95:d9:33:b2:8f:0e:f1:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Dec 27 06:00:50 2024 GMT
            Not After : Dec 28 06:00:50 2024 GMT
        Subject: CN=5f652b3eb84f9d303231721ccdafe9172e268641
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:07:3e:26:db:fc:4e:25:1a:53:7c:8f:9c:05:
                    3c:a5:90:36:37:bc:ea:40:f8:e9:8d:ca:b6:bb:c0:
                    2a:b4:9c:80:0e:85:8a:94:94:f9:c6:d9:61:7f:69:
                    c8:2e:03:ad:99:e7:92:6c:9e:18:b0:72:e7:1a:eb:
                    65:9a:93:69:81:60:10:88:fe:85:93:c8:2f:b4:0d:
                    9c:98:31:f4:52:00:f8:b1:82:cc:d0:ad:f3:fa:73:
                    35:bd:08:b5:83:ac:c6:bb:51:62:02:88:db:b8:60:
                    cf:88:ca:29:46:9b:1c:51:a2:1b:49:da:d3:15:73:
                    aa:f3:0a:e2:bf:f5:27:76:b2:af:75:3e:5e:3f:55:
                    1b:65:8e:ba:32:a5:fc:a6:6c:b9:fc:69:0d:66:38:
                    d6:50:72:6d:c5:a1:7b:1e:d3:b7:76:96:ac:1b:d9:
                    38:24:5b:15:c2:50:d0:69:02:d8:9b:83:88:93:50:
                    a3:a5:3b:ba:6b:45:ae:a7:01:08:6c:57:da:0c:a3:
                    52:34:65:85:f3:b9:24:84:3c:1e:69:28:8d:56:d5:
                    5e:de:91:fa:b3:b0:98:12:ab:e7:f7:85:59:7c:19:
                    c1:e6:32:bf:1c:02:45:2c:d1:e1:2d:53:8b:dc:50:
                    f6:e2:c9:e3:2c:94:c7:43:de:e6:1c:fd:a4:78:54:
                    8d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:65:2B:3E:B8:4F:9D:30:32:31:72:1C:CD:AF:E9:17:2E:26:86:41
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:34:10:fb:ec:c1:13:0f:ca:38:e5:37:75:f4:7a:31:2d:14:
         5c:57:df:b4:ee:e2:ea:64:1b:2a:d0:fb:b7:11:66:5a:07:2e:
         bb:c2:d4:55:14:0f:20:d9:57:06:3c:c6:0b:cf:0b:15:db:12:
         7b:94:50:27:6c:6a:c4:e8:84:c8:9f:a6:dd:ca:08:b5:b5:4d:
         36:9b:cb:43:4c:5d:76:ed:fd:27:d4:6c:2e:ee:10:23:04:c2:
         13:ca:0e:6b:6a:32:bf:d2:a8:7d:f8:2b:c9:f2:64:71:80:b7:
         16:3b:26:94:6e:27:9e:6a:98:2a:f8:ae:d4:a6:b7:cf:4f:ea:
         a8:9e:cf:ad:a3:24:6a:6d:6d:fe:f3:07:df:76:e4:b5:c0:88:
         65:9c:9f:ab:cf:44:04:88:e0:f5:0f:e2:f8:dc:7e:6b:4c:e3:
         1c:77:cb:b4:ea:2b:a9:2a:b0:b6:9b:e1:02:54:5f:18:a8:a2:
         34:6b:94:62:8e:15:7c:0c:69:9d:21:97:35:5a:f3:bf:1f:b2:
         b0:5d:84:e8:56:eb:a7:cd:dc:c0:a2:57:3f:8f:a2:7f:02:3e:
         68:d5:49:10:17:25:3d:00:f1:4f:4d:c8:a4:fe:42:c3:df:bf:
         ee:41:80:ba:68:b8:1b:97:fe:87:86:69:54:04:fb:45:93:39:
         7c:9e:4f:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGtAxtUWg07JXZM7KPDvFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjQxMjI3MDYwMDUwWhcNMjQxMjI4MDYwMDUwWjAzMTEwLwYDVQQD
Eyg1ZjY1MmIzZWI4NGY5ZDMwMzIzMTcyMWNjZGFmZTkxNzJlMjY4NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ac+Jtv8TiUaU3yPnAU8pZA2N7zq
QPjpjcq2u8AqtJyADoWKlJT5xtlhf2nILgOtmeeSbJ4YsHLnGutlmpNpgWAQiP6F
k8gvtA2cmDH0UgD4sYLM0K3z+nM1vQi1g6zGu1FiAojbuGDPiMopRpscUaIbSdrT
FXOq8wriv/UndrKvdT5eP1UbZY66MqX8pmy5/GkNZjjWUHJtxaF7HtO3dpasG9k4
JFsVwlDQaQLYm4OIk1CjpTu6a0WupwEIbFfaDKNSNGWF87kkhDweaSiNVtVe3pH6
s7CYEqvn94VZfBnB5jK/HAJFLNHhLVOL3FD24snjLJTHQ97mHP2keFSNCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9lKz64T50wMjFyHM2v6RcuJoZBMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDQQ++zB
Ew/KOOU3dfR6MS0UXFfftO7i6mQbKtD7txFmWgcuu8LUVRQPINlXBjzGC88LFdsS
e5RQJ2xqxOiEyJ+m3coItbVNNpvLQ0xddu39J9RsLu4QIwTCE8oOa2oyv9Koffgr
yfJkcYC3FjsmlG4nnmqYKviu1Ka3z0/qqJ7PraMkam1t/vMH33bktcCIZZyfq89E
BIjg9Q/i+Nx+a0zjHHfLtOorqSqwtpvhAlRfGKiiNGuUYo4VfAxpnSGXNVrzvx+y
sF2E6Fbrp83cwKJXP4+ifwI+aNVJEBclPQDxT03IpP5Cw9+/7kGAumi4G5f+h4Zp
VAT7RZM5fJ5PvA==
-----END CERTIFICATE-----
Generated at Fri Dec 27 10:52:52 2024 by rpki-client on console-fra.rpki-client.org