Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File:                     1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier:          vtUHcwtGkt7C/d4NLnc+EvCfJI9m3r46ZTEsqmAmMTg=
Subject key identifier:   58:72:97:8C:EF:A6:F2:7D:B0:89:74:F5:C2:7B:D2:9A:58:52:87:EF
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer:       /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial:       019369DAF210E1FF84CA004D672629D00BC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number:          09F1
Signing time:             Tue 26 Nov 2024 19:02:56 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:56 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:56 +0000
Files and hashes:         1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: X9qV+dBH7nAyy1U/K8nRFhe885LUqcgUgfNebBhqa0U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:f2:10:e1:ff:84:ca:00:4d:67:26:29:d0:0b:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
        Validity
            Not Before: Nov 26 19:02:56 2024 GMT
            Not After : Nov 27 19:02:56 2024 GMT
        Subject: CN=5872978cefa6f27db08974f5c27bd29a585287ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9f:d7:6f:e7:ac:da:0b:69:8e:59:77:4c:19:
                    5f:4a:af:30:05:29:b5:3c:0d:3f:1a:ea:02:bc:bc:
                    18:46:a6:59:0c:b7:54:eb:fc:a6:c7:b8:71:1b:01:
                    51:2f:d3:c8:2e:d8:1d:3e:82:28:01:b1:85:00:fb:
                    38:31:d3:0d:a2:2c:d2:3b:05:fb:25:2d:1f:7e:5e:
                    47:21:73:33:62:fe:77:9a:3c:b6:9f:1f:e9:77:82:
                    23:c9:b9:55:50:04:a0:f8:6b:63:08:43:5c:40:73:
                    d3:8c:0e:ba:2d:c5:2d:92:9a:e2:cb:8d:23:90:09:
                    7c:d3:75:0f:35:30:e5:ac:73:96:5f:83:21:f2:84:
                    21:18:13:a5:24:60:f3:16:c6:6d:c3:a1:fc:b8:73:
                    96:68:45:c2:b8:a1:0d:25:47:de:97:84:63:3c:b3:
                    67:89:82:a9:c8:e4:51:b8:0a:9a:ce:89:7c:4a:6f:
                    56:94:36:f6:4a:8f:0c:dd:6a:82:16:63:c5:97:97:
                    d4:40:ef:c3:37:cd:97:bd:6b:ec:41:3b:fa:f4:0a:
                    cb:15:3c:21:c5:64:b1:12:23:dd:ca:b6:40:35:af:
                    4f:3c:c6:f1:8d:0c:d4:d4:04:d6:d9:de:c5:df:0c:
                    1e:65:e9:fd:89:7e:8b:16:d8:45:c8:70:0d:44:9d:
                    78:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:72:97:8C:EF:A6:F2:7D:B0:89:74:F5:C2:7B:D2:9A:58:52:87:EF
            X509v3 Authority Key Identifier:
                keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ee:19:ad:c0:4c:54:4c:65:84:99:1f:52:74:d0:92:6d:11:
         6d:7c:5b:95:e2:2b:a8:3d:72:8d:bd:42:75:b8:b0:4f:f9:e1:
         78:8f:2d:cd:3e:96:72:00:4b:3d:63:07:7c:94:a3:f7:0c:be:
         ab:ff:1d:8d:ba:4c:b5:95:4b:d3:4e:d8:26:4e:b4:ab:5d:e1:
         83:49:9b:c7:23:d7:ff:1a:44:26:00:67:f3:59:7d:c0:f2:1f:
         30:07:70:c1:3f:09:6b:92:11:a4:e0:06:f7:6e:ed:38:ea:29:
         6d:1b:55:ab:a4:c6:3e:c6:fe:01:43:45:53:d1:de:fe:22:1f:
         4a:4d:63:91:a7:5b:82:f5:28:33:f9:b8:52:48:3a:f4:37:07:
         47:5c:d6:56:cb:c6:70:9b:7f:29:7f:58:81:57:c8:32:57:fc:
         00:20:f8:fd:c0:61:dd:33:34:08:48:41:20:ec:a7:af:85:30:
         d3:28:a4:97:f9:5b:73:e9:40:80:93:05:a1:66:1f:e2:d2:3f:
         da:9a:35:5b:35:d6:c9:42:ae:bf:c0:1c:64:81:2e:3a:4c:ec:
         be:8a:31:0f:b6:d7:74:a6:00:72:ab:74:6d:1c:ea:11:16:a9:
         0d:12:83:34:2e:58:20:0e:32:53:7a:7f:e8:6a:df:5e:c8:89:
         af:12:18:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2vIQ4f+EygBNZyYp0AvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjQxMTI2MTkwMjU2WhcNMjQxMTI3MTkwMjU2WjAzMTEwLwYDVQQD
Eyg1ODcyOTc4Y2VmYTZmMjdkYjA4OTc0ZjVjMjdiZDI5YTU4NTI4N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp/Xb+es2gtpjll3TBlfSq8wBSm1
PA0/GuoCvLwYRqZZDLdU6/ymx7hxGwFRL9PILtgdPoIoAbGFAPs4MdMNoizSOwX7
JS0ffl5HIXMzYv53mjy2nx/pd4IjyblVUASg+GtjCENcQHPTjA66LcUtkpriy40j
kAl803UPNTDlrHOWX4Mh8oQhGBOlJGDzFsZtw6H8uHOWaEXCuKENJUfel4RjPLNn
iYKpyORRuAqazol8Sm9WlDb2So8M3WqCFmPFl5fUQO/DN82XvWvsQTv69ArLFTwh
xWSxEiPdyrZANa9PPMbxjQzU1ATW2d7F3wweZen9iX6LFthFyHANRJ14twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhyl4zvpvJ9sIl09cJ70ppYUofvMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMO4ZrcBM
VExlhJkfUnTQkm0RbXxbleIrqD1yjb1CdbiwT/nheI8tzT6WcgBLPWMHfJSj9wy+
q/8djbpMtZVL007YJk60q13hg0mbxyPX/xpEJgBn81l9wPIfMAdwwT8Ja5IRpOAG
927tOOopbRtVq6TGPsb+AUNFU9He/iIfSk1jkadbgvUoM/m4Ukg69DcHR1zWVsvG
cJt/KX9YgVfIMlf8ACD4/cBh3TM0CEhBIOynr4Uw0yikl/lbc+lAgJMFoWYf4tI/
2po1WzXWyUKuv8AcZIEuOkzsvooxD7bXdKYAcqt0bRzqERapDRKDNC5YIA4yU3p/
6GrfXsiJrxIYQw==
-----END CERTIFICATE-----