Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          8TMZPcNPSb3071EcrheEa/Gvv8lxsUSeK+CN1O14f/M=
Subject key identifier:   B1:FA:83:EC:ED:CC:FB:42:C4:3F:B6:62:A8:D8:6C:AF:BC:84:46:3E
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       0193696A9A007631557565387FB71C3E45C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          0102
Signing time:             Tue 26 Nov 2024 17:00:13 +0000
Manifest this update:     Tue 26 Nov 2024 17:00:13 +0000
Manifest next update:     Wed 27 Nov 2024 17:00:13 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: X88SDTkp4mjyEKw2s5KV/mrxEdyP/iWe/OLmul/7a0k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 17:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:6a:9a:00:76:31:55:75:65:38:7f:b7:1c:3e:45:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: Nov 26 17:00:13 2024 GMT
            Not After : Nov 27 17:00:13 2024 GMT
        Subject: CN=b1fa83ecedccfb42c43fb662a8d86cafbc84463e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b2:65:9f:c9:34:00:67:a1:fc:35:90:7d:63:
                    d0:f0:27:11:23:f5:80:58:e9:14:14:75:ab:ae:f5:
                    29:66:07:81:df:cf:0d:c1:f0:a4:b1:96:39:74:77:
                    8d:d2:30:8b:e7:b5:8f:66:d6:06:a2:3a:82:b7:a4:
                    47:20:37:76:63:ed:7c:b2:ad:1e:a4:e6:80:26:37:
                    91:35:9a:bc:5b:e5:1d:c8:e1:df:fe:93:6f:f7:f4:
                    72:c7:88:93:23:9c:b0:53:f8:90:28:15:b3:02:5a:
                    bd:73:35:44:da:41:f1:53:a4:9d:57:05:d0:77:5f:
                    15:12:b7:a4:d0:1d:e4:98:cd:13:f4:61:d4:ea:2c:
                    e8:30:52:96:55:9d:65:3c:87:f4:67:3d:78:fa:a6:
                    0e:e2:92:cf:68:62:7d:e9:68:ab:4a:32:c1:df:66:
                    32:22:6f:bf:e7:10:71:91:5c:58:20:60:92:34:40:
                    87:bc:75:87:c2:42:7d:9a:1d:47:d8:50:d8:bc:7a:
                    cd:78:b0:6c:ab:4e:4a:b7:e4:15:7d:c9:3d:9b:7f:
                    24:63:76:25:9c:b0:56:30:28:7e:fd:ef:61:26:6a:
                    b5:f2:41:a1:a4:df:d1:bf:e8:4e:17:6b:33:cf:20:
                    72:7e:b1:35:db:4f:a0:62:46:cc:b3:6a:82:77:41:
                    db:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:FA:83:EC:ED:CC:FB:42:C4:3F:B6:62:A8:D8:6C:AF:BC:84:46:3E
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:a7:ba:76:7d:19:4f:c1:28:2e:e6:b7:7d:9b:77:f0:5f:fd:
         50:21:4f:50:23:6b:7b:38:72:36:3a:b5:5f:4e:b7:66:4b:1c:
         9a:33:19:4b:bb:fe:21:8b:4e:b9:f5:ed:6f:a3:d3:70:90:e9:
         08:54:2d:ac:ff:7b:b8:b2:de:ac:29:fc:3e:a4:12:35:9a:1c:
         e4:b0:78:14:d9:d8:3b:66:e6:44:95:e6:0a:9d:0c:9b:a1:c0:
         1e:81:f2:2b:1a:4c:42:51:fe:30:61:80:7d:a7:b7:97:e7:fa:
         cd:f1:dc:e2:c4:88:cc:e4:f4:ce:5c:43:39:45:40:67:c8:69:
         c7:ab:c1:77:50:fc:dc:49:25:a3:76:da:66:5c:44:11:69:ee:
         22:4f:dd:ec:e6:21:71:e6:b8:21:fa:ee:8b:f3:8d:a3:95:95:
         b4:20:7a:f4:67:1d:74:61:f8:99:af:1e:b5:ac:91:ca:0e:ed:
         45:a8:55:e3:60:6c:f2:90:87:85:6e:c4:76:35:49:fa:f5:62:
         a8:8a:af:95:67:8a:db:99:06:55:3f:ca:3e:34:81:d5:93:ad:
         82:80:e0:37:36:f3:09:8c:43:e6:ef:0c:bd:d9:89:fb:9b:cd:
         a2:c5:48:98:6d:e8:3e:84:9a:61:1c:4b:e6:03:ed:d3:95:0f:
         88:03:f1:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpapoAdjFVdWU4f7ccPkXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjQxMTI2MTcwMDEzWhcNMjQxMTI3MTcwMDEzWjAzMTEwLwYDVQQD
EyhiMWZhODNlY2VkY2NmYjQyYzQzZmI2NjJhOGQ4NmNhZmJjODQ0NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorJln8k0AGeh/DWQfWPQ8CcRI/WA
WOkUFHWrrvUpZgeB388NwfCksZY5dHeN0jCL57WPZtYGojqCt6RHIDd2Y+18sq0e
pOaAJjeRNZq8W+UdyOHf/pNv9/Ryx4iTI5ywU/iQKBWzAlq9czVE2kHxU6SdVwXQ
d18VErek0B3kmM0T9GHU6izoMFKWVZ1lPIf0Zz14+qYO4pLPaGJ96WirSjLB32Yy
Im+/5xBxkVxYIGCSNECHvHWHwkJ9mh1H2FDYvHrNeLBsq05Kt+QVfck9m38kY3Yl
nLBWMCh+/e9hJmq18kGhpN/Rv+hOF2szzyByfrE120+gYkbMs2qCd0Hb7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLH6g+ztzPtCxD+2YqjYbK+8hEY+MB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYqe6dn0Z
T8EoLua3fZt38F/9UCFPUCNrezhyNjq1X063ZkscmjMZS7v+IYtOufXtb6PTcJDp
CFQtrP97uLLerCn8PqQSNZoc5LB4FNnYO2bmRJXmCp0Mm6HAHoHyKxpMQlH+MGGA
fae3l+f6zfHc4sSIzOT0zlxDOUVAZ8hpx6vBd1D83Eklo3baZlxEEWnuIk/d7OYh
cea4Ifrui/ONo5WVtCB69GcddGH4ma8etayRyg7tRahV42Bs8pCHhW7EdjVJ+vVi
qIqvlWeK25kGVT/KPjSB1ZOtgoDgNzbzCYxD5u8MvdmJ+5vNosVImG3oPoSaYRxL
5gPt05UPiAPxBw==
-----END CERTIFICATE-----