Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
File:                     kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft (raw, json)
Hash identifier:          SBlU9gKuIousrKT8ww79RXFkABhnC25omUHTLUpkMls=
Subject key identifier:   86:48:BA:0B:76:BA:CD:FE:B8:C3:04:BB:13:A5:43:63:F6:15:B7:37
Authority key identifier: 93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6
Certificate issuer:       /CN=9309372464c59a3dd8ecd63215b01819706558a6
Certificate serial:       018F87B66CA4A35514939B324E29130DACB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
Manifest number:          01A2
Signing time:             Fri 17 May 2024 18:00:30 +0000
Manifest this update:     Fri 17 May 2024 18:00:30 +0000
Manifest next update:     Sat 18 May 2024 18:00:30 +0000
Files and hashes:         1: kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl (hash: wZtkpeVhp4T6SeKFz/JhF9rGMqUcR1vgfE7z5GHGRQo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:6c:a4:a3:55:14:93:9b:32:4e:29:13:0d:ac:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9309372464c59a3dd8ecd63215b01819706558a6
        Validity
            Not Before: May 17 18:00:30 2024 GMT
            Not After : May 18 18:00:30 2024 GMT
        Subject: CN=8648ba0b76bacdfeb8c304bb13a54363f615b737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:44:c9:b4:bf:00:10:87:1b:70:f0:9d:e6:d5:
                    f5:79:28:1f:e4:ef:8c:dd:49:6d:53:ed:64:fe:29:
                    91:c5:9e:9a:76:5f:50:1e:82:5f:5e:65:1b:bf:1a:
                    37:f6:15:17:fb:36:c0:fc:c7:d5:ec:d4:89:3c:77:
                    cb:c1:c5:b4:af:3d:29:3d:9a:f0:f3:08:e8:d0:43:
                    84:6b:3a:4f:26:34:75:d3:d8:70:61:0d:61:b4:aa:
                    a5:6b:17:4f:aa:c0:c6:82:bc:fc:2c:60:61:af:a0:
                    5d:39:33:a1:fd:ff:ba:cb:a2:d5:df:7a:15:b0:ef:
                    af:c4:c4:ae:c6:ba:bd:25:ad:62:dc:90:39:0c:cb:
                    37:79:a5:89:aa:7a:ef:ba:25:4c:16:93:50:00:fd:
                    d1:63:d1:11:b0:db:78:9a:39:65:28:2c:2b:41:0f:
                    01:97:d1:a6:07:81:1e:52:67:d4:2d:56:b4:27:d8:
                    3d:59:a7:27:9b:64:e3:f3:44:f5:5e:09:b2:23:03:
                    fa:ae:20:b0:98:33:14:9f:8e:3a:ca:4c:6d:02:16:
                    fc:6a:4a:14:99:d3:2a:e6:af:1a:23:4e:57:f9:b0:
                    54:dd:c9:0e:7d:9c:01:28:c1:24:ed:66:04:77:fc:
                    ea:98:00:a9:8a:f9:a7:6e:27:15:6d:30:7d:9d:6f:
                    c6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:48:BA:0B:76:BA:CD:FE:B8:C3:04:BB:13:A5:43:63:F6:15:B7:37
            X509v3 Authority Key Identifier:
                keyid:93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:e2:3f:b8:c0:b2:2f:b2:8e:76:f4:c3:56:70:fc:1e:b6:60:
         a8:4c:6e:6d:e1:c5:6f:d8:0e:84:ad:cf:d8:a7:76:75:a6:ab:
         1b:fa:d0:8b:e3:86:1f:36:cc:1a:01:96:7a:45:98:46:5e:40:
         a5:21:58:06:66:63:5d:d5:4a:22:7b:95:41:40:92:50:3c:ba:
         2c:00:3b:11:69:ed:cd:b5:fd:88:b4:7c:68:0b:30:af:ef:7e:
         fd:be:83:b4:84:cc:b3:de:cc:4c:51:2e:1e:46:49:f1:9f:ae:
         97:c5:91:28:51:7a:5e:95:d2:ac:16:a3:7d:f2:2f:ce:6f:a3:
         1e:86:0a:be:3f:42:33:a7:20:7d:06:69:82:55:dd:b1:aa:29:
         fb:aa:1e:33:de:96:4a:70:d1:77:85:30:fd:92:e4:a8:aa:1f:
         31:0b:cf:9a:e8:88:bc:a1:a0:6a:8f:61:9b:20:0e:8a:41:3c:
         48:29:40:02:02:5d:25:9c:77:9f:49:a6:a7:4b:ed:d9:bf:41:
         c7:07:77:63:ce:76:99:7a:98:85:79:24:28:b6:b9:48:4c:fe:
         21:69:f1:a8:69:be:6f:36:d7:9b:d1:d2:a8:e0:d7:38:44:69:
         eb:97:31:5a:dd:f6:84:f6:6a:96:c3:a8:16:20:ff:6b:99:eb:
         81:63:9d:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htmyko1UUk5syTikTDay2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDkzNzI0NjRjNTlhM2RkOGVjZDYzMjE1YjAxODE5NzA2
NTU4YTYwHhcNMjQwNTE3MTgwMDMwWhcNMjQwNTE4MTgwMDMwWjAzMTEwLwYDVQQD
Eyg4NjQ4YmEwYjc2YmFjZGZlYjhjMzA0YmIxM2E1NDM2M2Y2MTViNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukTJtL8AEIcbcPCd5tX1eSgf5O+M
3UltU+1k/imRxZ6adl9QHoJfXmUbvxo39hUX+zbA/MfV7NSJPHfLwcW0rz0pPZrw
8wjo0EOEazpPJjR109hwYQ1htKqlaxdPqsDGgrz8LGBhr6BdOTOh/f+6y6LV33oV
sO+vxMSuxrq9Ja1i3JA5DMs3eaWJqnrvuiVMFpNQAP3RY9ERsNt4mjllKCwrQQ8B
l9GmB4EeUmfULVa0J9g9Wacnm2Tj80T1XgmyIwP6riCwmDMUn446ykxtAhb8akoU
mdMq5q8aI05X+bBU3ckOfZwBKMEk7WYEd/zqmACpivmnbicVbTB9nW/GmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZIugt2us3+uMMEuxOlQ2P2Fbc3MB8GA1UdIwQY
MBaAFJMJNyRkxZo92OzWMhWwGBlwZVimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEt
MDdmMTI1OWZlYjEzLzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEtMDdmMTI1OWZlYjEz
LzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuI/uMCy
L7KOdvTDVnD8HrZgqExubeHFb9gOhK3P2Kd2daarG/rQi+OGHzbMGgGWekWYRl5A
pSFYBmZjXdVKInuVQUCSUDy6LAA7EWntzbX9iLR8aAswr+9+/b6DtITMs97MTFEu
HkZJ8Z+ul8WRKFF6XpXSrBajffIvzm+jHoYKvj9CM6cgfQZpglXdsaop+6oeM96W
SnDRd4Uw/ZLkqKofMQvPmuiIvKGgao9hmyAOikE8SClAAgJdJZx3n0mmp0vt2b9B
xwd3Y852mXqYhXkkKLa5SEz+IWnxqGm+bzbXm9HSqODXOERp65cxWt32hPZqlsOo
FiD/a5nrgWOdLw==
-----END CERTIFICATE-----