Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          eBtsDeEXzn6p+v9q2AVePWX5HtrwrA5sz65h3iblc1M=
Subject key identifier:   AF:3D:FB:A1:5E:C4:08:4A:77:BC:5F:7E:63:72:B7:34:69:78:B8:86
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       018F49EAC81CF57D4E9C58861745AC64395E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1152
Signing time:             Sun 05 May 2024 18:01:14 +0000
Manifest this update:     Sun 05 May 2024 18:01:14 +0000
Manifest next update:     Mon 06 May 2024 18:01:14 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: nre+Dgsir/76W8X1uSjiBaUNZEStjCJGNT75RlrBjrE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:49:ea:c8:1c:f5:7d:4e:9c:58:86:17:45:ac:64:39:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: May  5 18:01:14 2024 GMT
            Not After : May  6 18:01:14 2024 GMT
        Subject: CN=af3dfba15ec4084a77bc5f7e6372b7346978b886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e3:d8:7b:9c:88:40:c9:4b:de:07:ec:13:e6:
                    53:f1:53:6d:b9:f6:b2:76:01:79:02:96:17:7f:24:
                    20:8f:76:aa:dd:d2:4c:ae:47:5c:88:d3:4c:6e:67:
                    09:42:b0:1e:b2:9e:07:bd:ce:17:37:29:9c:98:65:
                    2a:31:0f:72:f0:ac:6a:35:5c:1c:c3:ce:9b:0f:0f:
                    c7:ec:7d:a8:b1:c9:d5:31:16:90:69:ba:3e:d9:03:
                    42:98:c0:3d:80:dd:e4:87:2e:24:d1:bc:98:f5:1a:
                    a4:51:00:93:6e:9b:cd:f6:d3:95:51:e1:4f:cf:b3:
                    f7:c3:6b:55:aa:b0:84:31:2a:6b:49:04:07:23:35:
                    ac:ba:23:55:42:ee:fa:b9:2e:16:e7:37:55:41:61:
                    27:d7:9b:d1:89:69:7a:79:b7:30:b8:7d:66:46:4b:
                    17:9c:4f:8b:76:81:a7:9c:f6:04:82:9c:71:39:63:
                    21:ff:c7:e4:ce:20:9f:65:6b:f5:1a:aa:e3:ad:18:
                    91:4e:1e:79:28:6d:77:a2:6b:19:c5:ce:00:99:40:
                    3b:55:dc:e8:1a:41:5f:b1:fe:ba:2c:d7:f3:a6:5a:
                    6d:03:56:4c:2d:d7:5c:71:0b:23:79:80:43:e4:21:
                    2d:f6:2b:84:44:97:29:18:fa:fa:f5:f2:bb:69:ef:
                    47:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:3D:FB:A1:5E:C4:08:4A:77:BC:5F:7E:63:72:B7:34:69:78:B8:86
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:fd:f2:9c:5b:e8:fe:18:40:7a:c5:97:01:5f:64:3f:98:32:
         02:4a:dd:d2:55:46:9d:89:c3:4c:d5:d6:2e:57:d6:b6:72:9c:
         a5:30:5f:ea:25:b0:d8:d2:3b:c6:68:7a:66:0c:50:66:5c:63:
         6a:fc:a5:8a:e8:dd:44:25:62:9c:47:b4:64:3e:82:f4:db:fe:
         bf:cc:af:8c:22:28:db:98:e4:54:7a:23:0d:f4:33:3c:15:48:
         a4:69:a1:67:85:d9:1e:16:3f:ef:4c:19:49:2a:25:13:cf:e3:
         fe:dd:84:ac:79:2e:64:62:35:2d:58:6c:a5:d6:d3:e7:73:2e:
         11:8e:74:5f:6b:2c:fe:85:6a:40:c0:b1:b5:fc:e1:85:27:c6:
         74:12:13:9b:8f:5d:60:47:df:37:bb:9e:b6:29:c7:5f:ea:a2:
         68:44:4e:bc:a7:00:c1:c9:4e:fd:eb:3e:8a:ea:0a:c6:30:eb:
         15:2d:ad:d9:f1:ef:16:d9:a7:f9:4d:11:8c:04:32:72:b0:ba:
         72:b8:d4:a7:d0:06:9a:11:26:dc:00:f2:e0:1f:fb:0c:9a:b0:
         d0:9f:e8:5f:11:fa:78:16:c8:a3:5a:a3:dd:68:67:44:39:86:
         90:8a:97:5c:16:e7:c8:86:1b:0e:67:05:f4:45:28:3b:78:21:
         84:60:25:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9J6sgc9X1OnFiGF0WsZDleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjQwNTA1MTgwMTE0WhcNMjQwNTA2MTgwMTE0WjAzMTEwLwYDVQQD
EyhhZjNkZmJhMTVlYzQwODRhNzdiYzVmN2U2MzcyYjczNDY5NzhiODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjePYe5yIQMlL3gfsE+ZT8VNtufay
dgF5ApYXfyQgj3aq3dJMrkdciNNMbmcJQrAesp4Hvc4XNymcmGUqMQ9y8KxqNVwc
w86bDw/H7H2oscnVMRaQabo+2QNCmMA9gN3khy4k0byY9RqkUQCTbpvN9tOVUeFP
z7P3w2tVqrCEMSprSQQHIzWsuiNVQu76uS4W5zdVQWEn15vRiWl6ebcwuH1mRksX
nE+LdoGnnPYEgpxxOWMh/8fkziCfZWv1GqrjrRiRTh55KG13omsZxc4AmUA7Vdzo
GkFfsf66LNfzplptA1ZMLddccQsjeYBD5CEt9iuERJcpGPr69fK7ae9HMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK89+6FexAhKd7xffmNytzRpeLiGMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB/3ynFvo
/hhAesWXAV9kP5gyAkrd0lVGnYnDTNXWLlfWtnKcpTBf6iWw2NI7xmh6ZgxQZlxj
avyliujdRCVinEe0ZD6C9Nv+v8yvjCIo25jkVHojDfQzPBVIpGmhZ4XZHhY/70wZ
SSolE8/j/t2ErHkuZGI1LVhspdbT53MuEY50X2ss/oVqQMCxtfzhhSfGdBITm49d
YEffN7uetinHX+qiaEROvKcAwclO/es+iuoKxjDrFS2t2fHvFtmn+U0RjAQycrC6
crjUp9AGmhEm3ADy4B/7DJqw0J/oXxH6eBbIo1qj3WhnRDmGkIqXXBbnyIYbDmcF
9EUoO3ghhGAl+w==
-----END CERTIFICATE-----