Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          K9rEPpVYm3TuXT7TguWpXUrKJrqqxZce5654tpxkGuU=
Subject key identifier:   A3:90:98:D8:9E:88:DD:47:1D:49:69:91:35:16:86:81:94:0F:55:29
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       0192F0D35274AF62FE72267894FB3E3B3C0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          011E
Signing time:             Sun 03 Nov 2024 07:00:33 +0000
Manifest this update:     Sun 03 Nov 2024 07:00:33 +0000
Manifest next update:     Mon 04 Nov 2024 07:00:33 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: Y8ZZgtLEJvn6FJEuNlgTwL0a0q6sSxQRobap2Q1WmcM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 04:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:f0:d3:52:74:af:62:fe:72:26:78:94:fb:3e:3b:3c:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Nov  3 07:00:33 2024 GMT
            Not After : Nov  4 07:00:33 2024 GMT
        Subject: CN=a39098d89e88dd471d49699135168681940f5529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d1:f0:37:c4:33:2f:cf:5f:9c:6f:aa:0a:aa:
                    68:63:7a:a2:03:b2:a6:96:27:6f:ee:8e:8a:b8:85:
                    a0:fc:fe:48:09:04:7a:5e:31:63:28:f4:75:ca:ac:
                    51:72:39:be:d5:d0:24:68:86:08:9b:35:56:0a:74:
                    39:7d:15:66:70:16:12:8e:61:a5:69:47:b8:73:38:
                    e4:4b:e6:c9:6f:ac:7c:c8:79:4d:b3:60:76:06:3a:
                    dc:24:53:9e:2c:44:c5:7f:8d:af:c7:ce:dd:29:22:
                    39:dc:6b:dd:f5:c8:1d:58:0f:c5:4a:98:31:ef:94:
                    d9:57:1a:c1:af:0b:50:07:69:14:7c:d1:6e:8d:a0:
                    98:eb:7d:7b:45:5e:82:60:10:2b:bc:bb:97:ff:aa:
                    5d:0a:ee:a7:f3:32:ec:92:b0:18:b3:c1:c2:dd:7d:
                    7b:7f:5d:5d:d1:60:3b:e9:e8:7a:08:c8:8b:62:52:
                    72:d2:85:ee:98:e8:6c:fc:86:ee:fb:f1:b5:3d:ee:
                    ae:38:14:16:fa:60:f7:df:51:94:ff:4a:2e:7a:d6:
                    84:15:cd:94:80:c1:81:76:d9:bf:d6:85:a0:fe:62:
                    0e:e9:de:3f:13:ae:2b:33:dc:7f:24:82:33:e6:be:
                    b9:f8:ec:cf:4d:60:f9:e1:89:f8:c6:2b:88:7c:e0:
                    54:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:90:98:D8:9E:88:DD:47:1D:49:69:91:35:16:86:81:94:0F:55:29
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:2b:94:94:7c:1e:4b:7e:f8:40:64:b5:66:1f:26:9a:f7:e3:
         b4:aa:30:57:19:93:ee:91:a7:1d:82:85:77:05:01:36:75:fe:
         81:c0:4c:83:03:32:ee:90:ad:7a:a1:84:39:62:0d:fe:94:c7:
         d9:8d:cb:97:16:2b:d6:50:7f:27:e1:b1:f9:54:3d:04:bb:3a:
         ac:9c:fa:bd:09:80:ba:e6:13:ee:d8:23:47:a0:08:c7:54:88:
         a0:20:1a:a8:c5:56:8e:df:a6:11:13:fe:90:ca:7e:2a:85:22:
         67:0b:b9:60:40:c0:e9:13:b9:9e:73:cd:f2:34:b7:ff:18:0b:
         09:b1:fe:23:d7:c2:3b:49:b3:fa:c8:13:45:62:92:ad:72:f3:
         1a:8c:de:1f:5f:d7:9c:ff:26:05:34:c2:35:c8:25:c5:e1:fe:
         04:e8:b0:a6:aa:f2:cb:fe:47:17:64:af:69:5d:3a:fe:e4:70:
         57:ba:33:fe:0e:0f:8f:58:9a:35:5c:ad:de:5c:24:10:fc:86:
         e0:a4:da:00:f5:7a:97:9f:0a:8d:d4:de:c2:18:62:ea:be:ff:
         15:cd:3b:0b:2c:49:f0:c2:42:ac:82:1b:99:52:e9:d4:a8:8d:
         96:b7:11:67:1b:c4:89:fd:35:1a:c8:aa:3b:90:94:a3:da:dc:
         d4:bd:fa:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZLw01J0r2L+ciZ4lPs+OzwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjQxMTAzMDcwMDMzWhcNMjQxMTA0MDcwMDMzWjAzMTEwLwYDVQQD
EyhhMzkwOThkODllODhkZDQ3MWQ0OTY5OTEzNTE2ODY4MTk0MGY1NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtHwN8QzL89fnG+qCqpoY3qiA7Km
lidv7o6KuIWg/P5ICQR6XjFjKPR1yqxRcjm+1dAkaIYImzVWCnQ5fRVmcBYSjmGl
aUe4czjkS+bJb6x8yHlNs2B2BjrcJFOeLETFf42vx87dKSI53Gvd9cgdWA/FSpgx
75TZVxrBrwtQB2kUfNFujaCY6317RV6CYBArvLuX/6pdCu6n8zLskrAYs8HC3X17
f11d0WA76eh6CMiLYlJy0oXumOhs/Ibu+/G1Pe6uOBQW+mD331GU/0ouetaEFc2U
gMGBdtm/1oWg/mIO6d4/E64rM9x/JIIz5r65+OzPTWD54Yn4xiuIfOBU0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOQmNieiN1HHUlpkTUWhoGUD1UpMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSuUlHwe
S374QGS1Zh8mmvfjtKowVxmT7pGnHYKFdwUBNnX+gcBMgwMy7pCteqGEOWIN/pTH
2Y3LlxYr1lB/J+Gx+VQ9BLs6rJz6vQmAuuYT7tgjR6AIx1SIoCAaqMVWjt+mERP+
kMp+KoUiZwu5YEDA6RO5nnPN8jS3/xgLCbH+I9fCO0mz+sgTRWKSrXLzGozeH1/X
nP8mBTTCNcglxeH+BOiwpqryy/5HF2SvaV06/uRwV7oz/g4Pj1iaNVyt3lwkEPyG
4KTaAPV6l58KjdTewhhi6r7/Fc07CyxJ8MJCrIIbmVLp1KiNlrcRZxvEif01Gsiq
O5CUo9rc1L36dA==
-----END CERTIFICATE-----