Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          xylEsVsbnoxJI7/XG+MuWQ4/TT/bfLe9HcyCOtn1Xy8=
Subject key identifier:   C1:C2:E1:CB:2B:23:F9:D2:5D:0F:96:83:11:0E:A5:B1:76:C6:78:FA
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       01936A0F577958BD5D546B6EB1B409A54790
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          022A
Signing time:             Tue 26 Nov 2024 20:00:10 +0000
Manifest this update:     Tue 26 Nov 2024 20:00:10 +0000
Manifest next update:     Wed 27 Nov 2024 20:00:10 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: T2FBvGFtxbgTJzw/0JTXuzHAkvOH24DGyPuDWzvyi5Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:0f:57:79:58:bd:5d:54:6b:6e:b1:b4:09:a5:47:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Nov 26 20:00:10 2024 GMT
            Not After : Nov 27 20:00:10 2024 GMT
        Subject: CN=c1c2e1cb2b23f9d25d0f9683110ea5b176c678fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:25:7c:a5:64:2d:41:40:39:ef:d3:b1:9b:
                    bd:0d:cf:18:0d:b7:83:49:38:59:e5:78:71:75:23:
                    16:05:2e:88:28:37:77:48:1b:72:64:b0:5a:e1:29:
                    88:da:1d:8c:4d:70:97:20:be:6d:53:be:21:f5:81:
                    e9:6c:b1:c1:9f:60:93:c7:90:6b:c4:3d:bd:39:37:
                    86:af:1c:d8:9c:0b:fd:16:54:0b:f7:59:cd:c6:a5:
                    fe:92:4e:63:dc:d2:8f:46:ed:47:34:6d:f9:fa:69:
                    23:c3:45:a3:bb:32:10:87:63:18:92:17:4c:7f:ad:
                    43:90:d0:a5:eb:6b:6e:07:39:35:3c:6f:6f:e4:3c:
                    53:9b:54:7e:da:62:eb:4c:6f:23:4a:3c:23:75:97:
                    24:ba:c0:e0:c8:dd:47:41:90:12:97:df:e9:12:de:
                    f0:08:08:96:0d:ee:d1:b6:99:9d:a3:75:c8:bb:86:
                    ad:5a:8a:50:2e:47:bb:89:86:be:ba:4e:78:6e:b5:
                    45:7e:21:82:ba:83:58:ab:73:c4:e2:14:5b:fa:3b:
                    d3:58:13:ca:80:ea:96:d7:e6:1d:c3:c2:3c:d7:c1:
                    fa:af:bc:9e:ae:00:12:d8:a2:d3:da:a6:ac:fd:c9:
                    2e:67:db:e5:eb:72:26:90:3b:7c:25:a1:ce:42:1e:
                    06:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:C2:E1:CB:2B:23:F9:D2:5D:0F:96:83:11:0E:A5:B1:76:C6:78:FA
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:ef:a8:a2:1c:a5:a1:c4:e0:8a:9e:70:e5:27:73:f1:4c:12:
         74:1c:01:8d:8f:00:e8:03:2b:13:1a:bf:01:b5:45:22:d1:e0:
         cd:03:32:54:0b:f6:54:d3:e5:8b:ce:9e:b5:a5:c7:57:8e:30:
         f1:43:2f:53:d4:0f:54:6d:d1:b9:63:6a:f9:c3:20:a7:a0:f3:
         f3:ef:4a:14:2c:05:32:03:c2:31:fc:d5:17:ab:d5:16:26:2d:
         94:5c:c1:2a:1f:51:3f:55:6a:7b:f7:88:df:67:28:1b:71:28:
         5e:c9:db:69:45:78:71:c1:aa:4a:a3:1c:5b:11:70:d0:12:83:
         97:2c:63:2d:fe:ac:39:25:f5:f8:10:78:90:22:9b:06:3e:7d:
         4b:93:de:31:3d:0b:af:eb:3a:df:4e:04:52:cd:e2:b6:b5:49:
         12:7b:b0:b0:46:4b:52:8b:ab:d9:fb:9a:2c:3a:e9:2f:8a:43:
         0d:37:73:b0:28:24:58:47:2c:91:8c:06:28:f1:8c:07:f4:82:
         51:a8:9c:9b:3b:a3:c7:b7:92:3f:99:49:f8:7d:fc:57:ef:18:
         97:4f:94:7a:8e:00:78:3c:1d:98:3c:c4:47:b3:48:3e:33:21:
         2a:78:74:16:cd:98:bc:dd:6f:47:de:b0:c2:3c:2b:27:ff:ce:
         4b:a8:ac:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqD1d5WL1dVGtusbQJpUeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjQxMTI2MjAwMDEwWhcNMjQxMTI3MjAwMDEwWjAzMTEwLwYDVQQD
EyhjMWMyZTFjYjJiMjNmOWQyNWQwZjk2ODMxMTBlYTViMTc2YzY3OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM0lfKVkLUFAOe/TsZu9Dc8YDbeD
SThZ5XhxdSMWBS6IKDd3SBtyZLBa4SmI2h2MTXCXIL5tU74h9YHpbLHBn2CTx5Br
xD29OTeGrxzYnAv9FlQL91nNxqX+kk5j3NKPRu1HNG35+mkjw0WjuzIQh2MYkhdM
f61DkNCl62tuBzk1PG9v5DxTm1R+2mLrTG8jSjwjdZckusDgyN1HQZASl9/pEt7w
CAiWDe7Rtpmdo3XIu4atWopQLke7iYa+uk54brVFfiGCuoNYq3PE4hRb+jvTWBPK
gOqW1+Ydw8I818H6r7yergAS2KLT2qas/ckuZ9vl63ImkDt8JaHOQh4G9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHC4csrI/nSXQ+WgxEOpbF2xnj6MB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ++oohyl
ocTgip5w5Sdz8UwSdBwBjY8A6AMrExq/AbVFItHgzQMyVAv2VNPli86etaXHV44w
8UMvU9QPVG3RuWNq+cMgp6Dz8+9KFCwFMgPCMfzVF6vVFiYtlFzBKh9RP1Vqe/eI
32coG3EoXsnbaUV4ccGqSqMcWxFw0BKDlyxjLf6sOSX1+BB4kCKbBj59S5PeMT0L
r+s6304EUs3itrVJEnuwsEZLUour2fuaLDrpL4pDDTdzsCgkWEcskYwGKPGMB/SC
Uaicmzujx7eSP5lJ+H38V+8Yl0+Ueo4AeDwdmDzER7NIPjMhKnh0Fs2YvN1vR96w
wjwrJ//OS6isSQ==
-----END CERTIFICATE-----