Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File:                     G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier:          WbEB9lEDc043c5j+DEi9G/Ym9yklRueR38p2UkruMbY=
Subject key identifier:   67:BE:53:B8:D4:47:9D:C5:CC:CB:70:81:6D:09:AA:1A:4C:CE:12:66
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer:       /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial:       019358E53AED73C017E3971CA6112481F91B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number:          0C6B
Signing time:             Sat 23 Nov 2024 12:00:38 +0000
Manifest this update:     Sat 23 Nov 2024 12:00:38 +0000
Manifest next update:     Sun 24 Nov 2024 12:00:38 +0000
Files and hashes:         1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: Sce9ti7OnCrspniMvKkhOQTVHaE4V9ULGX1hARTFigw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:e5:3a:ed:73:c0:17:e3:97:1c:a6:11:24:81:f9:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
        Validity
            Not Before: Nov 23 12:00:38 2024 GMT
            Not After : Nov 24 12:00:38 2024 GMT
        Subject: CN=67be53b8d4479dc5cccb70816d09aa1a4cce1266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:05:99:9f:6a:9c:81:17:1e:8a:3c:6b:9f:9f:
                    ad:21:06:fb:df:3e:b9:85:05:ff:0c:c3:2d:0b:10:
                    75:27:2e:b4:f3:23:c5:65:7a:d6:e3:f9:8b:d5:ee:
                    9f:c2:2a:73:62:6d:3a:7c:97:84:28:98:75:7d:61:
                    3d:7b:09:8a:79:ec:90:05:b4:ec:1c:61:21:23:3e:
                    cc:60:ed:99:60:e8:13:70:1a:74:c3:94:bc:b0:84:
                    8e:1c:eb:4b:00:f0:f6:81:ee:9e:31:ac:74:1a:e7:
                    2d:f3:91:41:57:b8:65:eb:41:e4:ec:31:f3:60:97:
                    8e:93:9f:5b:1b:ed:2e:dc:9a:a4:4f:10:87:b7:0b:
                    f8:63:c3:ce:d8:d1:88:3c:6e:57:a8:a7:e3:d0:b9:
                    d7:cc:ad:67:7f:02:e3:10:70:82:70:b8:a6:1d:43:
                    ce:d0:8a:bc:5f:02:ed:07:14:63:f9:de:37:4d:95:
                    5f:ec:b6:b7:03:15:bc:af:58:cd:45:a5:2c:c0:79:
                    f9:0d:4b:a6:9f:d8:b3:92:24:48:98:4e:a8:e0:a1:
                    9a:bc:e2:fa:c1:2a:85:29:77:7d:07:1b:4b:ec:42:
                    15:21:20:f5:9b:60:f5:ca:f1:1c:d7:99:2d:54:c6:
                    93:40:7e:66:8f:95:59:49:5b:2f:8f:85:6b:67:af:
                    69:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:BE:53:B8:D4:47:9D:C5:CC:CB:70:81:6D:09:AA:1A:4C:CE:12:66
            X509v3 Authority Key Identifier:
                keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:38:f0:97:92:d1:dd:32:62:d4:60:9b:4f:fc:b0:c6:2b:11:
         23:ee:89:9a:a3:cc:18:3e:41:4e:f0:e8:01:0c:10:6c:4a:cf:
         0b:7c:59:40:3b:19:19:2d:e1:75:24:89:f6:6b:1f:1e:87:57:
         a2:a3:52:5e:3a:a6:d8:7b:9b:7c:c8:ad:94:c7:35:f1:c8:13:
         99:1e:4f:58:71:bc:69:13:9d:ba:7e:79:7c:4f:84:34:8d:18:
         b1:97:5d:70:d7:33:6a:e7:df:2b:ac:40:68:4f:d7:9a:55:b6:
         a6:80:89:62:94:0f:29:4b:27:71:b0:fb:42:71:f3:d2:00:34:
         0f:53:f4:de:fd:28:54:43:df:7b:31:ce:23:d9:30:c6:ad:4f:
         7e:01:c2:ce:bb:82:0d:67:ba:0f:89:b8:a1:cb:3f:9c:69:4d:
         7c:a7:09:05:cd:63:76:a3:88:fa:18:c6:e4:37:6d:35:4a:5c:
         02:e9:d1:52:2e:fc:62:33:49:b0:e1:bb:ae:59:96:6d:17:3e:
         22:6f:46:9a:ae:ef:6f:da:9f:a0:ed:4b:56:31:82:6c:2f:f0:
         10:37:e3:95:1f:f3:4a:90:27:a7:af:a7:bb:0b:d3:1e:05:3d:
         ae:b3:ac:29:f5:3c:8f:76:a8:0f:e0:8e:b0:92:05:b1:0b:6d:
         08:8d:cd:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNY5Trtc8AX45ccphEkgfkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjQxMTIzMTIwMDM4WhcNMjQxMTI0MTIwMDM4WjAzMTEwLwYDVQQD
Eyg2N2JlNTNiOGQ0NDc5ZGM1Y2NjYjcwODE2ZDA5YWExYTRjY2UxMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwWZn2qcgRceijxrn5+tIQb73z65
hQX/DMMtCxB1Jy608yPFZXrW4/mL1e6fwipzYm06fJeEKJh1fWE9ewmKeeyQBbTs
HGEhIz7MYO2ZYOgTcBp0w5S8sISOHOtLAPD2ge6eMax0Guct85FBV7hl60Hk7DHz
YJeOk59bG+0u3JqkTxCHtwv4Y8PO2NGIPG5XqKfj0LnXzK1nfwLjEHCCcLimHUPO
0Iq8XwLtBxRj+d43TZVf7La3AxW8r1jNRaUswHn5DUumn9izkiRImE6o4KGavOL6
wSqFKXd9BxtL7EIVISD1m2D1yvEc15ktVMaTQH5mj5VZSVsvj4VrZ69pcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGe+U7jUR53FzMtwgW0JqhpMzhJmMB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjjwl5LR
3TJi1GCbT/ywxisRI+6JmqPMGD5BTvDoAQwQbErPC3xZQDsZGS3hdSSJ9msfHodX
oqNSXjqm2HubfMitlMc18cgTmR5PWHG8aROdun55fE+ENI0YsZddcNczauffK6xA
aE/XmlW2poCJYpQPKUsncbD7QnHz0gA0D1P03v0oVEPfezHOI9kwxq1PfgHCzruC
DWe6D4m4ocs/nGlNfKcJBc1jdqOI+hjG5DdtNUpcAunRUi78YjNJsOG7rlmWbRc+
Im9Gmq7vb9qfoO1LVjGCbC/wEDfjlR/zSpAnp6+nuwvTHgU9rrOsKfU8j3aoD+CO
sJIFsQttCI3NSQ==
-----END CERTIFICATE-----