Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
File:                     qoxALCO4BeCVMBFbvkREAg9PIDQ.mft (raw, json)
Hash identifier:          YKoWa0vjRENpk89O7Tis+cQzjNFoQEyvl5KAZlWEK/E=
Subject key identifier:   1E:F2:93:74:8F:8F:3C:96:9D:4F:70:3B:9A:5D:6D:9D:EF:44:B8:19
Authority key identifier: AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34
Certificate issuer:       /CN=aa8c402c23b805e09530115bbe4444020f4f2034
Certificate serial:       0194C387C4D9A59E1CEDE6CAD8D063C761FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
Manifest number:          052C
Signing time:             Sat 01 Feb 2025 22:00:42 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:42 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:42 +0000
Files and hashes:         1: qoxALCO4BeCVMBFbvkREAg9PIDQ.crl (hash: zzq2WO1G50zGFOz/0paFJY4PNc7/05v2bSo9ZBUxqXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:c4:d9:a5:9e:1c:ed:e6:ca:d8:d0:63:c7:61:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8c402c23b805e09530115bbe4444020f4f2034
        Validity
            Not Before: Feb  1 22:00:42 2025 GMT
            Not After : Feb  2 22:00:42 2025 GMT
        Subject: CN=1ef293748f8f3c969d4f703b9a5d6d9def44b819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a3:a7:46:09:4e:4a:fc:09:cd:76:2f:49:a6:
                    62:57:47:62:8d:ae:f7:9a:98:d6:00:24:b2:0a:df:
                    d9:5b:cf:4e:49:5d:27:89:56:c4:17:be:d2:79:1d:
                    a6:07:c5:c1:57:4c:b4:b0:e6:87:70:92:e1:13:e0:
                    4e:de:5a:13:a7:fd:0d:e9:a4:18:94:04:11:5c:01:
                    d3:ed:df:9b:af:fd:43:42:3e:df:53:be:ce:31:e5:
                    fa:e8:bf:98:7a:18:c3:78:1c:ac:ee:83:e3:68:20:
                    0e:c0:1f:38:a6:d7:53:72:97:95:d8:10:3a:52:83:
                    75:29:4d:37:fa:41:1d:86:f4:3f:07:59:b4:94:5e:
                    90:0f:b4:af:c2:55:68:0d:17:0b:2d:9d:b3:b0:b8:
                    3c:a9:0a:ac:d9:4b:59:53:38:f0:84:af:fe:09:8c:
                    c7:84:db:45:19:46:2c:cb:62:28:93:6f:33:dc:27:
                    04:ab:c9:ef:45:46:55:80:03:bf:38:8f:76:a0:1e:
                    33:4f:96:e1:ce:ae:a5:91:28:82:36:68:62:4e:b5:
                    02:21:f4:67:e1:fa:24:c5:9b:0c:9a:22:b9:93:bb:
                    9c:67:75:26:80:98:43:39:10:0e:ec:18:4d:4f:63:
                    ab:bd:46:48:ee:7e:d6:3d:6b:f7:ab:72:c7:d4:ef:
                    9f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:F2:93:74:8F:8F:3C:96:9D:4F:70:3B:9A:5D:6D:9D:EF:44:B8:19
            X509v3 Authority Key Identifier:
                keyid:AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ef:a9:cd:36:aa:af:2c:28:d3:d4:40:37:95:06:68:c2:39:
         80:bf:08:d2:9c:11:b6:f4:d5:e3:d4:88:8b:43:b2:c7:16:60:
         76:b3:30:6e:6d:ab:24:5d:35:99:6a:38:82:54:b2:a4:35:00:
         1d:be:dd:aa:fe:33:aa:da:97:84:1c:53:9e:7d:b8:c0:93:b2:
         ad:b5:6a:c0:25:79:fb:52:f1:35:63:ef:d1:70:b9:19:41:7b:
         63:6f:59:0a:0f:03:55:5a:df:c2:9d:0d:79:09:e7:51:0e:86:
         d3:78:c9:1e:9e:0b:55:7d:cd:a0:ae:ea:a7:db:12:86:5f:32:
         d0:9a:d3:63:36:b8:37:c3:07:1e:d9:71:cd:58:a2:20:6f:ba:
         d1:16:13:4a:a2:b4:f9:8a:ae:3f:4f:05:3f:b9:46:3e:23:be:
         c3:03:dc:d3:73:fe:23:d2:ac:79:51:c9:81:dd:bf:2b:95:f7:
         fc:5f:5a:cc:08:59:ed:6c:37:10:13:43:f1:c3:d6:e6:dd:19:
         96:4f:4c:af:fc:b7:77:6d:be:0d:df:fb:5f:f1:64:21:54:08:
         d4:bb:67:e4:5f:0b:df:80:11:d4:0f:b8:cc:df:99:e1:0f:8f:
         0d:e7:dd:f2:8e:da:3f:67:c9:4e:c1:f5:e7:ba:9d:89:1b:f7:
         23:d4:f8:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh8TZpZ4c7ebK2NBjx2H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGM0MDJjMjNiODA1ZTA5NTMwMTE1YmJlNDQ0NDAyMGY0
ZjIwMzQwHhcNMjUwMjAxMjIwMDQyWhcNMjUwMjAyMjIwMDQyWjAzMTEwLwYDVQQD
EygxZWYyOTM3NDhmOGYzYzk2OWQ0ZjcwM2I5YTVkNmQ5ZGVmNDRiODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6OnRglOSvwJzXYvSaZiV0dija73
mpjWACSyCt/ZW89OSV0niVbEF77SeR2mB8XBV0y0sOaHcJLhE+BO3loTp/0N6aQY
lAQRXAHT7d+br/1DQj7fU77OMeX66L+YehjDeBys7oPjaCAOwB84ptdTcpeV2BA6
UoN1KU03+kEdhvQ/B1m0lF6QD7SvwlVoDRcLLZ2zsLg8qQqs2UtZUzjwhK/+CYzH
hNtFGUYsy2Iok28z3CcEq8nvRUZVgAO/OI92oB4zT5bhzq6lkSiCNmhiTrUCIfRn
4fokxZsMmiK5k7ucZ3UmgJhDORAO7BhNT2OrvUZI7n7WPWv3q3LH1O+fjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7yk3SPjzyWnU9wO5pdbZ3vRLgZMB8GA1UdIwQY
MBaAFKqMQCwjuAXglTARW75ERAIPTyA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMt
NGY2YWYwODgzOTc5LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMtNGY2YWYwODgzOTc5
LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPe+pzTaq
rywo09RAN5UGaMI5gL8I0pwRtvTV49SIi0OyxxZgdrMwbm2rJF01mWo4glSypDUA
Hb7dqv4zqtqXhBxTnn24wJOyrbVqwCV5+1LxNWPv0XC5GUF7Y29ZCg8DVVrfwp0N
eQnnUQ6G03jJHp4LVX3NoK7qp9sShl8y0JrTYza4N8MHHtlxzViiIG+60RYTSqK0
+YquP08FP7lGPiO+wwPc03P+I9KseVHJgd2/K5X3/F9azAhZ7Ww3EBND8cPW5t0Z
lk9Mr/y3d22+Dd/7X/FkIVQI1Ltn5F8L34AR1A+4zN+Z4Q+PDefd8o7aP2fJTsH1
57qdiRv3I9T40Q==
-----END CERTIFICATE-----