Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          NhdRKYQNvj7RVWAMJEJ+ulOmfW3ipqTru83ME9yzb+Q=
Subject key identifier:   0C:E2:7C:3A:19:2D:07:8C:05:0A:93:7E:27:E3:DF:98:9D:7D:B9:DB
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       018F874A55439C54B2DD110BAD9BB0039551
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          085D
Signing time:             Fri 17 May 2024 16:02:26 +0000
Manifest this update:     Fri 17 May 2024 16:02:26 +0000
Manifest next update:     Sat 18 May 2024 16:02:26 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: CXXQWEZdIlXcE+W+aps2VE7fmGz6oRNMP2L0bMib0/o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:55:43:9c:54:b2:dd:11:0b:ad:9b:b0:03:95:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: May 17 16:02:26 2024 GMT
            Not After : May 18 16:02:26 2024 GMT
        Subject: CN=0ce27c3a192d078c050a937e27e3df989d7db9db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:34:73:c8:95:50:76:4b:b8:f0:e4:ff:d3:24:
                    85:36:66:43:09:86:1e:cc:f7:d2:00:26:6b:eb:dd:
                    be:66:5d:e3:59:36:0c:30:c5:16:53:92:b6:a2:4f:
                    64:2c:76:8b:f9:e8:56:99:11:d9:bb:d8:2f:9d:3d:
                    13:31:a1:35:f5:a4:89:d9:b5:aa:37:1b:4c:b7:08:
                    99:43:e1:66:1e:05:91:00:cb:c7:ab:48:b6:4a:8d:
                    1d:f8:5d:1b:41:67:80:e6:f7:d1:e2:7d:d2:cf:58:
                    ef:db:4c:64:02:bc:ff:39:b0:4b:9f:c2:86:19:9d:
                    c8:c0:d2:75:fd:45:c1:6e:ce:8f:b4:e7:3c:73:df:
                    ef:eb:3c:8a:a0:ab:f6:16:f8:23:38:17:e6:16:4b:
                    d2:2e:60:95:2b:11:a6:5e:e4:cd:59:3a:75:0c:9e:
                    d2:81:4d:1f:cf:33:83:ef:77:de:b7:b0:0a:8c:df:
                    9d:ee:52:99:5a:59:6f:0f:25:1a:b4:ff:9b:6d:f1:
                    8c:4c:df:0d:6c:2f:e4:e5:a5:0e:6e:51:ee:d7:7c:
                    8d:39:1f:3f:06:b4:0a:39:89:3d:49:35:4b:f3:0e:
                    32:b8:9a:9f:d3:33:8d:3b:b5:d2:77:1e:33:1d:21:
                    12:3c:2f:c2:54:30:ec:a5:c2:77:bd:35:71:ca:90:
                    a7:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E2:7C:3A:19:2D:07:8C:05:0A:93:7E:27:E3:DF:98:9D:7D:B9:DB
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:d4:d3:c8:69:d5:a9:77:f8:24:1a:c6:80:d9:6b:28:80:86:
         0c:0e:4b:cf:35:15:42:16:cf:f9:84:7a:8e:b0:2a:0d:a9:79:
         de:64:fe:43:9e:3c:4f:c7:f6:79:31:22:71:36:02:84:9c:e4:
         89:fb:e7:29:b3:fa:e4:04:9b:03:b6:b2:1e:aa:a8:2f:d6:e7:
         9b:43:3f:e7:e7:af:02:04:de:13:4c:0d:dd:b9:21:c1:19:bc:
         ef:13:22:e1:95:5a:7a:ac:d0:ea:ca:2a:48:23:58:7d:3e:59:
         f5:27:2a:fd:c6:a7:5e:78:a6:e2:73:b0:c7:0d:29:5e:5e:9a:
         6b:64:63:d9:93:29:df:a2:9f:ac:0d:a7:43:28:b2:85:7f:97:
         cb:a6:59:eb:84:da:40:1d:99:cb:c2:e7:85:d7:69:9a:ec:14:
         2c:be:b6:a0:61:a6:d0:fe:9c:4a:a4:9c:f8:ab:9e:ec:59:60:
         7f:06:ce:7d:bd:ca:e4:e2:99:10:ab:b1:8b:10:e9:15:f5:26:
         79:59:25:97:6f:55:27:be:2f:4c:85:86:05:1b:97:2d:7e:94:
         1f:52:f2:75:a8:e7:6a:d8:b3:42:9c:76:16:32:ca:2e:95:94:
         1d:23:13:47:86:26:de:77:cb:e3:ad:e4:fc:08:78:f2:98:56:
         1e:99:9d:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSlVDnFSy3RELrZuwA5VRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjQwNTE3MTYwMjI2WhcNMjQwNTE4MTYwMjI2WjAzMTEwLwYDVQQD
EygwY2UyN2MzYTE5MmQwNzhjMDUwYTkzN2UyN2UzZGY5ODlkN2RiOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzRzyJVQdku48OT/0ySFNmZDCYYe
zPfSACZr692+Zl3jWTYMMMUWU5K2ok9kLHaL+ehWmRHZu9gvnT0TMaE19aSJ2bWq
NxtMtwiZQ+FmHgWRAMvHq0i2So0d+F0bQWeA5vfR4n3Sz1jv20xkArz/ObBLn8KG
GZ3IwNJ1/UXBbs6PtOc8c9/v6zyKoKv2FvgjOBfmFkvSLmCVKxGmXuTNWTp1DJ7S
gU0fzzOD73fet7AKjN+d7lKZWllvDyUatP+bbfGMTN8NbC/k5aUOblHu13yNOR8/
BrQKOYk9STVL8w4yuJqf0zONO7XSdx4zHSESPC/CVDDspcJ3vTVxypCnDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzifDoZLQeMBQqTfifj35idfbnbMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNTTyGnV
qXf4JBrGgNlrKICGDA5LzzUVQhbP+YR6jrAqDal53mT+Q548T8f2eTEicTYChJzk
ifvnKbP65ASbA7ayHqqoL9bnm0M/5+evAgTeE0wN3bkhwRm87xMi4ZVaeqzQ6soq
SCNYfT5Z9Scq/canXnim4nOwxw0pXl6aa2Rj2ZMp36KfrA2nQyiyhX+Xy6ZZ64Ta
QB2Zy8LnhddpmuwULL62oGGm0P6cSqSc+Kue7FlgfwbOfb3K5OKZEKuxixDpFfUm
eVkll29VJ74vTIWGBRuXLX6UH1LydajnatizQpx2FjLKLpWUHSMTR4Ym3nfL463k
/Ah48phWHpmdQg==
-----END CERTIFICATE-----