Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
File:                     TaktycvByBxzpp8xWlMbR_ROPFQ.mft (raw, json)
Hash identifier:          krSBPgJP/OuITGA8Fcvz70mmJsg7LHRaGzO23esqDeM=
Subject key identifier:   E1:70:3C:B4:89:59:55:9A:F0:CE:36:E7:63:FF:54:3B:DD:07:8F:B1
Authority key identifier: 4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54
Certificate issuer:       /CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
Certificate serial:       018F874849B090A39977CEA265D731CBF2C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
Manifest number:          028F
Signing time:             Fri 17 May 2024 16:00:12 +0000
Manifest this update:     Fri 17 May 2024 16:00:12 +0000
Manifest next update:     Sat 18 May 2024 16:00:12 +0000
Files and hashes:         1: TaktycvByBxzpp8xWlMbR_ROPFQ.crl (hash: tPuG7hd1EaJ8pMtN2il6MsM9c2USmtwSt8kL05L5tBA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:49:b0:90:a3:99:77:ce:a2:65:d7:31:cb:f2:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da92dc9cbc1c81c73a69f315a531b47f44e3c54
        Validity
            Not Before: May 17 16:00:12 2024 GMT
            Not After : May 18 16:00:12 2024 GMT
        Subject: CN=e1703cb48959559af0ce36e763ff543bdd078fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e0:31:24:fd:d4:71:5a:8c:c4:b6:31:28:03:
                    72:82:a4:da:21:18:e5:4d:15:76:f4:82:5c:bd:3e:
                    85:93:e6:68:8a:25:a3:45:a8:af:d5:ee:c5:30:98:
                    0b:61:e0:fd:2c:df:2b:ce:99:c0:a4:e6:d3:1d:1a:
                    8d:66:a0:b4:a9:a8:b3:e6:28:6f:c1:8d:c2:1f:a4:
                    e1:ff:37:a5:34:84:50:67:88:61:d3:d9:4a:c9:2f:
                    c6:aa:c3:a3:64:0d:a6:9a:07:d0:c0:1c:9e:08:fd:
                    c5:61:73:05:83:2d:83:17:f3:3c:43:1f:29:4b:80:
                    bc:c0:e4:f1:2d:53:af:22:20:97:81:c7:2a:b6:2a:
                    1f:6d:b7:af:f6:0a:8a:e5:89:bc:a3:12:46:8b:27:
                    0b:61:4a:d3:b2:b4:f9:ac:e5:c6:84:b5:82:cf:37:
                    a6:77:ac:9b:d9:33:01:bf:70:cf:e4:32:f4:0b:6d:
                    c9:c3:45:2b:7e:f8:49:06:6e:45:7b:73:75:33:74:
                    3c:66:97:b7:fe:25:04:5e:05:ba:9f:e6:ac:dd:fc:
                    66:e9:5d:fb:60:4d:b2:14:2a:45:68:bb:5c:e2:6a:
                    55:62:86:8d:6f:ad:b8:99:3d:2e:39:c4:0a:e5:86:
                    eb:66:24:65:70:42:72:1e:2e:27:de:bc:6e:14:7c:
                    f5:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:70:3C:B4:89:59:55:9A:F0:CE:36:E7:63:FF:54:3B:DD:07:8F:B1
            X509v3 Authority Key Identifier:
                keyid:4D:A9:2D:C9:CB:C1:C8:1C:73:A6:9F:31:5A:53:1B:47:F4:4E:3C:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaktycvByBxzpp8xWlMbR_ROPFQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c5674e-db61-4722-b922-535be275e6f5/1/TaktycvByBxzpp8xWlMbR_ROPFQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:1c:a7:7e:09:05:55:38:de:35:0e:8d:88:31:57:43:cc:c7:
         55:5f:11:7d:14:10:fa:5b:32:e7:bb:d1:f6:68:56:d4:3a:2c:
         4a:a1:a5:f7:55:d7:2a:31:11:1a:97:cd:bc:13:43:3f:08:b4:
         b5:38:a7:e1:d3:73:a4:cb:89:9a:9e:ce:7c:68:29:fa:5e:bc:
         d8:ca:09:e1:c7:6c:8a:d9:07:4b:3c:fe:c3:78:c8:95:b4:3f:
         9c:c4:c5:33:61:14:b3:1c:fa:01:57:b7:09:2a:87:08:8c:01:
         e5:ec:ad:79:17:08:8f:46:3d:b1:3f:af:d5:8a:f3:46:86:78:
         69:c0:ae:91:b2:9b:0d:5c:37:d6:75:70:c4:cc:c0:1d:fc:14:
         80:7b:03:a7:c6:96:6f:64:30:90:5b:c2:bb:0b:93:d8:c1:47:
         52:e9:de:ca:d6:c2:5c:2a:fa:5d:e2:4a:59:0a:dd:5c:44:b0:
         ea:4c:df:b8:76:39:f3:c2:c4:f2:93:fc:34:94:f0:48:a7:86:
         b6:f7:05:68:eb:0e:b0:fd:f8:dd:dd:c2:44:96:ef:88:d1:3f:
         c6:98:49:c2:56:ad:f6:3f:81:7e:06:65:51:e9:e2:11:08:4f:
         45:8f:a6:ad:42:0e:22:f1:2c:d7:fa:49:ad:14:02:ba:3f:ca:
         49:6d:ba:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSEmwkKOZd86iZdcxy/LFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTkyZGM5Y2JjMWM4MWM3M2E2OWYzMTVhNTMxYjQ3ZjQ0
ZTNjNTQwHhcNMjQwNTE3MTYwMDEyWhcNMjQwNTE4MTYwMDEyWjAzMTEwLwYDVQQD
EyhlMTcwM2NiNDg5NTk1NTlhZjBjZTM2ZTc2M2ZmNTQzYmRkMDc4ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+AxJP3UcVqMxLYxKANygqTaIRjl
TRV29IJcvT6Fk+ZoiiWjRaiv1e7FMJgLYeD9LN8rzpnApObTHRqNZqC0qaiz5ihv
wY3CH6Th/zelNIRQZ4hh09lKyS/GqsOjZA2mmgfQwByeCP3FYXMFgy2DF/M8Qx8p
S4C8wOTxLVOvIiCXgccqtiofbbev9gqK5Ym8oxJGiycLYUrTsrT5rOXGhLWCzzem
d6yb2TMBv3DP5DL0C23Jw0UrfvhJBm5Fe3N1M3Q8Zpe3/iUEXgW6n+as3fxm6V37
YE2yFCpFaLtc4mpVYoaNb624mT0uOcQK5YbrZiRlcEJyHi4n3rxuFHz1wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFwPLSJWVWa8M4252P/VDvdB4+xMB8GA1UdIwQY
MBaAFE2pLcnLwcgcc6afMVpTG0f0TjxUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjIt
NTM1YmUyNzVlNmY1LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jNTY3NGUtZGI2MS00NzIyLWI5MjItNTM1YmUyNzVlNmY1
LzEvVGFrdHljdkJ5Qnh6cHA4eFdsTWJSX1JPUEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhynfgkF
VTjeNQ6NiDFXQ8zHVV8RfRQQ+lsy57vR9mhW1DosSqGl91XXKjERGpfNvBNDPwi0
tTin4dNzpMuJmp7OfGgp+l682MoJ4cdsitkHSzz+w3jIlbQ/nMTFM2EUsxz6AVe3
CSqHCIwB5eyteRcIj0Y9sT+v1YrzRoZ4acCukbKbDVw31nVwxMzAHfwUgHsDp8aW
b2QwkFvCuwuT2MFHUuneytbCXCr6XeJKWQrdXESw6kzfuHY588LE8pP8NJTwSKeG
tvcFaOsOsP343d3CRJbviNE/xphJwlat9j+BfgZlUeniEQhPRY+mrUIOIvEs1/pJ
rRQCuj/KSW26AQ==
-----END CERTIFICATE-----