Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
File:                     NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft (raw, json)
Hash identifier:          LaEO/P4PZLPj+NkpaE+YHSa4YTGpVxiLRoR7shRH4jM=
Subject key identifier:   B3:5E:3D:86:2D:4A:ED:C2:D6:05:2C:CF:70:0F:4F:D3:17:66:5F:20
Authority key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
Certificate issuer:       /CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
Certificate serial:       018F874A0C63109963AADB8D791CF383AD2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
Manifest number:          0426
Signing time:             Fri 17 May 2024 16:02:07 +0000
Manifest this update:     Fri 17 May 2024 16:02:07 +0000
Manifest next update:     Sat 18 May 2024 16:02:07 +0000
Files and hashes:         1: NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl (hash: gpMDrMgkz/QsIXU/SMCvqxfjJvtvDtC8jBQH77h9wU0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:0c:63:10:99:63:aa:db:8d:79:1c:f3:83:ad:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
        Validity
            Not Before: May 17 16:02:07 2024 GMT
            Not After : May 18 16:02:07 2024 GMT
        Subject: CN=b35e3d862d4aedc2d6052ccf700f4fd317665f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:95:e4:db:c9:2a:8d:9a:5e:ce:34:dc:49:a5:
                    80:eb:b4:99:7f:02:db:9d:ca:a4:c3:ee:f1:44:97:
                    f8:e7:08:fd:8b:51:69:61:d3:12:95:90:22:7a:9c:
                    da:15:83:29:4d:8d:f5:9b:66:8f:14:2b:7e:4e:92:
                    ea:5e:23:dc:63:20:94:0f:4b:18:d2:d5:3c:ab:a4:
                    a6:4b:23:49:78:4a:38:05:51:9f:34:5c:b0:fa:d3:
                    22:dc:85:69:d9:46:67:68:2c:15:65:d4:81:5e:a4:
                    4d:ac:3f:8c:3f:cb:93:f2:98:d8:42:04:db:b9:a0:
                    ae:ce:16:d0:97:23:8f:eb:34:24:c9:ee:3d:ab:a4:
                    77:72:39:7b:f8:1a:4a:96:96:8b:48:5c:33:3c:a9:
                    7a:80:93:09:9e:2c:5e:f1:70:e1:fb:f6:77:46:84:
                    99:7a:a9:d7:2e:36:86:63:fb:81:38:74:81:89:43:
                    70:2c:85:a2:2d:05:e5:2f:b7:46:ec:24:e7:b6:63:
                    03:d6:11:49:c6:a0:c3:ed:4e:d3:43:60:10:4a:53:
                    c9:e1:76:27:5e:39:fa:c9:80:ce:9d:e1:ff:5e:8e:
                    bd:c2:87:ca:be:75:0a:0e:85:81:6c:e4:0f:27:be:
                    f7:a7:1f:6f:e3:56:00:d0:49:d3:8f:4c:47:57:89:
                    63:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:5E:3D:86:2D:4A:ED:C2:D6:05:2C:CF:70:0F:4F:D3:17:66:5F:20
            X509v3 Authority Key Identifier:
                keyid:35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:7d:73:12:dd:3c:f7:84:72:62:f3:5b:75:a9:13:74:03:53:
         94:cb:37:f8:54:9a:e5:ee:fe:3e:37:a9:f1:f3:74:64:c3:2a:
         56:e1:ff:6d:ba:48:b1:1d:72:0d:e6:5b:45:d6:17:8c:ce:48:
         c9:33:e9:97:85:c6:5e:ea:3b:16:12:14:a7:cc:c0:13:e6:8c:
         08:66:af:29:4b:c3:e0:b6:04:c5:3c:f1:9a:11:ba:07:1a:6b:
         f8:59:2f:49:1d:00:73:3b:58:93:72:ae:26:07:86:01:a6:18:
         27:7f:1c:e1:19:7d:ab:4d:c8:40:a8:2e:06:d7:3c:d0:7e:d5:
         4a:b7:49:50:7b:fa:68:91:8e:8e:0c:99:29:c4:76:d8:f6:d2:
         3e:5a:3f:04:ec:c9:c4:af:66:0a:5d:f8:be:13:a6:43:67:38:
         1a:d2:d8:42:c2:b2:6e:98:5c:68:0d:e2:48:6c:3a:f2:44:6e:
         19:20:b6:dd:cf:65:f0:44:b4:da:e0:0e:b9:0e:e9:bb:f3:d6:
         a2:66:a3:36:fb:a2:49:3a:dc:a8:ff:ea:4d:83:36:e2:66:3a:
         79:18:7d:26:0a:25:e8:75:90:e8:39:f9:b1:2b:89:d3:7e:21:
         39:c3:fb:5a:2a:e1:bf:56:2d:d0:4b:31:db:b8:54:89:be:1f:
         1f:e5:e6:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSgxjEJljqtuNeRzzg60rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDZiYjdlYzA2NjYwMjJmMDNjMGJkOWY1NWY3OGMwYTdl
YWRhOWYwHhcNMjQwNTE3MTYwMjA3WhcNMjQwNTE4MTYwMjA3WjAzMTEwLwYDVQQD
EyhiMzVlM2Q4NjJkNGFlZGMyZDYwNTJjY2Y3MDBmNGZkMzE3NjY1ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZXk28kqjZpezjTcSaWA67SZfwLb
ncqkw+7xRJf45wj9i1FpYdMSlZAiepzaFYMpTY31m2aPFCt+TpLqXiPcYyCUD0sY
0tU8q6SmSyNJeEo4BVGfNFyw+tMi3IVp2UZnaCwVZdSBXqRNrD+MP8uT8pjYQgTb
uaCuzhbQlyOP6zQkye49q6R3cjl7+BpKlpaLSFwzPKl6gJMJnixe8XDh+/Z3RoSZ
eqnXLjaGY/uBOHSBiUNwLIWiLQXlL7dG7CTntmMD1hFJxqDD7U7TQ2AQSlPJ4XYn
Xjn6yYDOneH/Xo69wofKvnUKDoWBbOQPJ773px9v41YA0EnTj0xHV4ljEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNePYYtSu3C1gUsz3APT9MXZl8gMB8GA1UdIwQY
MBaAFDUGu37AZmAi8DwL2fVfeMCn6tqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYt
NDEzYTU5NThhN2YzLzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYtNDEzYTU5NThhN2Yz
LzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALn1zEt08
94RyYvNbdakTdANTlMs3+FSa5e7+Pjep8fN0ZMMqVuH/bbpIsR1yDeZbRdYXjM5I
yTPpl4XGXuo7FhIUp8zAE+aMCGavKUvD4LYExTzxmhG6Bxpr+FkvSR0AcztYk3Ku
JgeGAaYYJ38c4Rl9q03IQKguBtc80H7VSrdJUHv6aJGOjgyZKcR22PbSPlo/BOzJ
xK9mCl34vhOmQ2c4GtLYQsKybphcaA3iSGw68kRuGSC23c9l8ES02uAOuQ7pu/PW
omajNvuiSTrcqP/qTYM24mY6eRh9Jgol6HWQ6Dn5sSuJ034hOcP7Wirhv1Yt0Esx
27hUib4fH+XmKQ==
-----END CERTIFICATE-----