Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
File:                     XwNIeIMukX__nNPIbA-h5WX4IdM.mft (raw, json)
Hash identifier:          TlDkPxCBNEpgj08yf22ZPl+T3CcrZ6gzd4YWBc3+5IA=
Subject key identifier:   DA:9D:19:3D:4E:75:4A:AA:09:85:3F:0E:A1:E2:73:34:E8:AF:29:B7
Authority key identifier: 5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3
Certificate issuer:       /CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
Certificate serial:       018F8892256346252B35E0F8927AB137DA5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
Manifest number:          0CC6
Signing time:             Fri 17 May 2024 22:00:30 +0000
Manifest this update:     Fri 17 May 2024 22:00:30 +0000
Manifest next update:     Sat 18 May 2024 22:00:30 +0000
Files and hashes:         1: XwNIeIMukX__nNPIbA-h5WX4IdM.crl (hash: kKx55zlBhV3MDs8G9CL3NRhhyHz7Nx47yeALgmvl424=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:25:63:46:25:2b:35:e0:f8:92:7a:b1:37:da:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
        Validity
            Not Before: May 17 22:00:30 2024 GMT
            Not After : May 18 22:00:30 2024 GMT
        Subject: CN=da9d193d4e754aaa09853f0ea1e27334e8af29b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d1:84:ff:1c:28:a7:33:26:43:e2:d5:42:43:
                    c0:a7:eb:b2:82:42:93:b2:da:e6:98:1e:54:a6:96:
                    08:9a:05:69:b5:29:61:a2:9a:ee:f6:1c:c7:c0:16:
                    12:87:4e:d4:eb:ce:f3:47:df:f1:16:94:64:85:5c:
                    4e:47:fc:72:8b:f0:48:88:5f:00:53:ad:54:26:57:
                    50:cf:f2:06:29:8e:ad:4f:9a:ca:e6:98:28:e2:26:
                    65:f8:d3:2d:f9:bd:a6:50:34:70:01:b6:a9:a6:c9:
                    ca:b6:18:38:2b:96:86:11:b1:b5:89:ec:08:85:64:
                    0f:2e:03:fb:f8:7d:2d:96:58:14:0a:ec:0d:dc:f3:
                    4c:49:d6:81:ff:a4:79:57:a2:ed:20:01:cf:56:cc:
                    6b:92:c9:ac:a8:55:14:e2:07:3d:83:f1:eb:3b:17:
                    22:33:33:e8:52:35:80:0c:fe:7c:38:28:82:a9:b1:
                    00:6b:2e:34:39:85:02:e9:42:5d:3c:1d:e7:ee:c1:
                    6a:87:1e:00:bf:5c:18:db:07:99:ab:31:27:7b:6a:
                    7d:cd:b4:29:7d:76:cf:b5:13:31:12:2c:1e:d6:57:
                    be:40:a7:3b:94:2d:d3:bb:66:d7:da:9c:4a:6b:cb:
                    26:d9:c0:8a:56:3a:7d:ac:76:50:df:7f:5a:c2:d6:
                    af:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:9D:19:3D:4E:75:4A:AA:09:85:3F:0E:A1:E2:73:34:E8:AF:29:B7
            X509v3 Authority Key Identifier:
                keyid:5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:3c:00:95:f1:81:3c:cd:82:7e:3b:ae:c6:8b:c7:f5:aa:b4:
         49:18:8a:af:6b:08:a2:37:ab:ed:91:d2:00:fc:0c:a5:ca:f4:
         85:14:b9:e9:20:3b:4c:21:96:05:68:88:34:08:d6:f0:a4:a5:
         73:e8:27:ce:d0:55:19:47:0c:6e:33:e8:a0:f4:d1:f5:5c:44:
         59:3e:6f:fe:8a:ac:c1:30:c3:cf:13:9d:27:20:7f:87:b4:dd:
         ea:00:13:88:26:95:5e:b6:be:21:c6:3a:4a:0f:b8:0d:c6:39:
         95:d4:f5:03:fd:71:fd:8c:41:43:16:2a:4a:29:6b:6c:af:f4:
         f8:6d:d8:eb:40:c1:ec:b5:7b:a5:26:3a:bc:9e:9a:df:84:4a:
         c7:56:9b:6d:33:54:ce:02:db:5b:dd:7f:87:7b:e7:df:68:d1:
         d0:97:a4:52:7c:44:b7:31:b2:02:35:b3:d6:2a:7e:cf:ee:e4:
         d8:cd:6b:1b:6b:26:73:ff:2b:92:0a:be:a7:3b:12:d6:af:3d:
         e1:c3:c7:37:4a:73:40:23:95:b6:e4:99:82:48:43:e1:f4:8a:
         ef:d8:90:ab:77:4a:42:71:bc:bd:3c:c3:59:85:7a:c1:20:fc:
         6f:b4:82:26:d4:6f:8c:dc:25:fa:ab:ab:1b:78:b8:6b:0c:9c:
         d8:08:70:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IkiVjRiUrNeD4knqxN9pcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDM0ODc4ODMyZTkxN2ZmZjljZDNjODZjMGZhMWU1NjVm
ODIxZDMwHhcNMjQwNTE3MjIwMDMwWhcNMjQwNTE4MjIwMDMwWjAzMTEwLwYDVQQD
EyhkYTlkMTkzZDRlNzU0YWFhMDk4NTNmMGVhMWUyNzMzNGU4YWYyOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdGE/xwopzMmQ+LVQkPAp+uygkKT
strmmB5UppYImgVptSlhopru9hzHwBYSh07U687zR9/xFpRkhVxOR/xyi/BIiF8A
U61UJldQz/IGKY6tT5rK5pgo4iZl+NMt+b2mUDRwAbappsnKthg4K5aGEbG1iewI
hWQPLgP7+H0tllgUCuwN3PNMSdaB/6R5V6LtIAHPVsxrksmsqFUU4gc9g/HrOxci
MzPoUjWADP58OCiCqbEAay40OYUC6UJdPB3n7sFqhx4Av1wY2weZqzEne2p9zbQp
fXbPtRMxEiwe1le+QKc7lC3Tu2bX2pxKa8sm2cCKVjp9rHZQ339awtavZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqdGT1OdUqqCYU/DqHiczTorym3MB8GA1UdIwQY
MBaAFF8DSHiDLpF//5zTyGwPoeVl+CHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1Njkt
ZGYxYzU3YzJhNzUxLzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1NjktZGYxYzU3YzJhNzUx
LzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDwAlfGB
PM2CfjuuxovH9aq0SRiKr2sIojer7ZHSAPwMpcr0hRS56SA7TCGWBWiINAjW8KSl
c+gnztBVGUcMbjPooPTR9VxEWT5v/oqswTDDzxOdJyB/h7Td6gATiCaVXra+IcY6
Sg+4DcY5ldT1A/1x/YxBQxYqSilrbK/0+G3Y60DB7LV7pSY6vJ6a34RKx1abbTNU
zgLbW91/h3vn32jR0JekUnxEtzGyAjWz1ip+z+7k2M1rG2smc/8rkgq+pzsS1q89
4cPHN0pzQCOVtuSZgkhD4fSK79iQq3dKQnG8vTzDWYV6wSD8b7SCJtRvjNwl+qur
G3i4awyc2AhwEg==
-----END CERTIFICATE-----