Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          TONaM826yhy9pR6spJTagABGfblcChTqE+sNDxyuNf0=
Subject key identifier:   1D:86:E7:F9:65:32:AE:46:8F:F8:9C:4A:B5:55:54:D8:76:E3:EF:08
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       0191F9D95CD788807AA6659880193898CAC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          B9
Signing time:             Mon 16 Sep 2024 08:00:57 +0000
Manifest this update:     Mon 16 Sep 2024 08:00:57 +0000
Manifest next update:     Tue 17 Sep 2024 08:00:57 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: LTYdCxPGe8JJqrgArgt4LSZB3Y1CK3o0+qNC1mO+E/U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 08:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:d9:5c:d7:88:80:7a:a6:65:98:80:19:38:98:ca:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Sep 16 08:00:57 2024 GMT
            Not After : Sep 17 08:00:57 2024 GMT
        Subject: CN=1d86e7f96532ae468ff89c4ab55554d876e3ef08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8d:18:e8:1a:a3:18:4a:ab:89:df:b6:28:4d:
                    ab:30:f7:c5:ee:ea:fe:81:f6:9f:c3:fd:6e:f5:2a:
                    04:6c:7f:ea:df:e3:31:ab:19:8b:24:03:49:b8:96:
                    65:a7:f0:90:a4:1f:98:e2:cc:7d:17:20:46:2f:42:
                    3e:0e:02:81:f3:12:2a:81:ec:e2:d4:11:79:8c:c4:
                    c2:2e:63:9a:97:3b:2b:9b:b4:a4:59:63:cc:78:ff:
                    ff:f2:6d:d7:2b:58:aa:6d:c9:89:3e:2e:dc:30:ee:
                    fe:ee:47:e0:20:48:fa:30:1c:eb:46:d9:f9:48:78:
                    89:da:f9:5e:98:1a:1b:ef:04:57:1f:af:ae:32:57:
                    28:9d:76:3e:a0:f3:5a:22:a2:81:6e:af:c3:d8:46:
                    37:99:e7:49:d2:68:6a:90:ef:74:40:4f:55:78:67:
                    bc:c6:97:7c:b6:97:ca:fa:48:dc:75:1b:d9:9b:f7:
                    f7:25:3e:f6:86:ab:3d:8f:0f:b5:21:6c:91:9a:71:
                    06:91:d1:45:c8:14:e9:02:8f:c5:02:b2:36:56:38:
                    7c:8a:bb:ba:06:bd:bb:4c:1d:7c:0c:ad:a5:9f:b0:
                    76:cc:ba:f6:fb:22:49:4d:12:66:fa:cc:ea:91:95:
                    0e:87:54:3c:e9:2a:90:e7:69:3d:ce:aa:96:59:a7:
                    3d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:86:E7:F9:65:32:AE:46:8F:F8:9C:4A:B5:55:54:D8:76:E3:EF:08
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:42:b3:88:81:ac:e8:aa:8b:ea:1f:20:6a:b7:83:51:1a:b0:
         8b:b8:ee:7b:73:ea:ce:74:16:b7:fb:86:43:39:15:eb:8d:2d:
         8b:99:21:16:b5:c4:3b:ff:28:f9:f0:d0:be:0d:b4:72:91:8b:
         38:b8:ae:74:b4:72:79:1b:55:cd:93:99:3d:3f:a7:65:85:58:
         a8:5a:d7:9e:d2:e4:a3:67:a7:70:66:ed:32:80:e4:a0:b5:e6:
         47:47:c0:82:8e:a9:55:1e:7b:25:ba:da:2d:ca:69:dc:95:a6:
         9b:0a:8c:bd:ed:47:e0:fd:0d:d0:53:09:51:0d:ee:1b:b4:6d:
         5d:99:87:36:86:f7:67:8d:c7:e8:50:72:97:40:43:6c:b3:d1:
         2a:79:f7:57:b6:35:95:16:e6:f4:d1:fc:cf:69:e8:a7:de:36:
         66:e9:3f:f0:3e:94:33:f1:4f:7f:0f:fd:46:a5:6d:35:ea:d1:
         c6:7e:07:58:2c:e7:c0:28:68:e5:b7:8e:b0:dc:3a:75:5c:b9:
         cb:9d:79:b7:7f:9d:f4:b4:34:c9:00:64:e3:f9:47:b8:07:7d:
         56:7b:f9:b8:8a:40:fe:2f:8a:1e:2e:5c:ba:d5:25:6b:0a:47:
         93:7d:80:b4:4b:69:99:55:5a:93:9f:b0:62:1a:92:e6:19:d2:
         c8:77:1c:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH52VzXiIB6pmWYgBk4mMrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjQwOTE2MDgwMDU3WhcNMjQwOTE3MDgwMDU3WjAzMTEwLwYDVQQD
EygxZDg2ZTdmOTY1MzJhZTQ2OGZmODljNGFiNTU1NTRkODc2ZTNlZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI0Y6BqjGEqrid+2KE2rMPfF7ur+
gfafw/1u9SoEbH/q3+MxqxmLJANJuJZlp/CQpB+Y4sx9FyBGL0I+DgKB8xIqgezi
1BF5jMTCLmOalzsrm7SkWWPMeP//8m3XK1iqbcmJPi7cMO7+7kfgIEj6MBzrRtn5
SHiJ2vlemBob7wRXH6+uMlconXY+oPNaIqKBbq/D2EY3medJ0mhqkO90QE9VeGe8
xpd8tpfK+kjcdRvZm/f3JT72hqs9jw+1IWyRmnEGkdFFyBTpAo/FArI2Vjh8iru6
Br27TB18DK2ln7B2zLr2+yJJTRJm+szqkZUOh1Q86SqQ52k9zqqWWac9uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2G5/llMq5Gj/icSrVVVNh24+8IMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgUKziIGs
6KqL6h8gareDURqwi7jue3PqznQWt/uGQzkV640ti5khFrXEO/8o+fDQvg20cpGL
OLiudLRyeRtVzZOZPT+nZYVYqFrXntLko2encGbtMoDkoLXmR0fAgo6pVR57Jbra
Lcpp3JWmmwqMve1H4P0N0FMJUQ3uG7RtXZmHNob3Z43H6FByl0BDbLPRKnn3V7Y1
lRbm9NH8z2nop942Zuk/8D6UM/FPfw/9RqVtNerRxn4HWCznwCho5beOsNw6dVy5
y515t3+d9LQ0yQBk4/lHuAd9Vnv5uIpA/i+KHi5cutUlawpHk32AtEtpmVVak5+w
YhqS5hnSyHcc2A==
-----END CERTIFICATE-----