Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          Ims3MsVhGslCETOEV5s0QCglYCCmegbGW87zYRRgN9s=
Subject key identifier:   DC:14:FD:34:A6:1F:36:73:06:E7:E9:FA:EB:8F:03:E5:F2:BF:A2:6A
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       018F8749FA3A1D38F4EA38CB1F59A241C99C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          1176
Signing time:             Fri 17 May 2024 16:02:03 +0000
Manifest this update:     Fri 17 May 2024 16:02:03 +0000
Manifest next update:     Sat 18 May 2024 16:02:03 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: tplLh0T+B89QHelSEBS5x6voGbnh3k/BRGkVCJNaXrU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:fa:3a:1d:38:f4:ea:38:cb:1f:59:a2:41:c9:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: May 17 16:02:03 2024 GMT
            Not After : May 18 16:02:03 2024 GMT
        Subject: CN=dc14fd34a61f367306e7e9faeb8f03e5f2bfa26a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d2:f7:30:62:b5:fb:b6:3c:0b:7e:9e:b9:45:
                    dd:98:4e:6d:72:87:5b:53:88:93:aa:b1:9c:ba:9e:
                    44:99:6a:d9:ed:4b:02:84:46:6c:ab:97:79:cf:2a:
                    0a:d0:85:c3:7d:f1:17:e9:ea:ce:ed:16:75:6a:46:
                    83:10:3d:8c:54:b3:4c:70:e4:0a:ec:30:fc:bc:73:
                    8f:fc:f8:c9:f9:86:52:e8:04:ea:c9:1b:a4:e7:92:
                    91:c4:e3:4d:cf:d4:79:ec:ae:42:fd:be:7f:38:a5:
                    31:2c:41:71:62:1c:25:96:f1:4e:d6:64:84:ce:12:
                    75:8f:b9:12:4b:08:b2:b6:ed:17:74:bc:89:7f:8d:
                    bd:3a:f3:22:a6:1b:89:a1:fd:df:8f:1a:3c:56:db:
                    fc:2b:c5:24:2a:99:1f:d1:44:45:2d:d9:d9:e2:9f:
                    8e:db:77:4e:a5:8e:18:8f:fe:27:6e:ef:36:4d:36:
                    70:55:06:c9:16:09:71:28:66:02:87:3c:f8:d7:77:
                    35:16:50:56:0b:cd:3b:e6:0e:32:c5:da:a2:af:ae:
                    c8:bf:b7:95:13:ee:21:51:9f:41:58:b1:46:dc:35:
                    64:45:b1:5b:8a:04:5d:b7:61:7b:a2:f3:e3:75:cb:
                    3f:3b:ba:da:63:5c:18:fc:e0:87:50:e9:10:c2:b3:
                    99:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:14:FD:34:A6:1F:36:73:06:E7:E9:FA:EB:8F:03:E5:F2:BF:A2:6A
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:06:a7:eb:c4:a4:33:eb:0f:27:90:4c:fd:d6:7f:39:0e:39:
         25:b1:4b:95:87:3d:b8:fc:2e:02:c7:8c:a8:01:b3:83:35:83:
         9a:02:8e:f0:cf:f3:f5:bc:fa:aa:85:d0:ca:a2:6b:90:bb:58:
         58:c8:6d:44:f6:5e:9b:5c:3d:33:01:f8:39:ec:60:90:41:95:
         de:2e:40:5c:22:97:f4:ba:f1:a8:76:ee:7a:66:23:8b:fa:79:
         df:2e:26:0f:4b:1b:5a:17:ab:cb:84:4b:8a:23:62:d7:e7:95:
         77:9d:91:8d:8e:a8:28:4f:71:56:51:9f:07:2b:00:d4:45:67:
         24:5a:73:cc:a6:ae:6e:c4:c0:82:4c:38:63:82:50:f4:a1:3e:
         dd:cc:a0:90:37:47:d4:18:ac:6d:3f:b2:25:77:1f:de:0c:df:
         82:48:2a:72:69:04:16:ce:03:c0:b3:cf:e7:e4:d5:d2:07:a2:
         3e:89:d9:f5:1e:c2:12:e1:9e:12:e1:71:c7:6d:74:70:29:78:
         27:cb:bd:53:a6:57:cb:cd:5c:4e:1a:e9:a4:ba:5e:28:5c:af:
         77:48:0e:f8:07:e9:7d:55:72:96:57:d4:0c:4c:46:77:10:0a:
         89:3a:11:bc:f7:db:1d:94:5b:bb:69:7a:84:b4:15:dc:76:99:
         7e:7b:88:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSfo6HTj06jjLH1miQcmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjQwNTE3MTYwMjAzWhcNMjQwNTE4MTYwMjAzWjAzMTEwLwYDVQQD
EyhkYzE0ZmQzNGE2MWYzNjczMDZlN2U5ZmFlYjhmMDNlNWYyYmZhMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNL3MGK1+7Y8C36euUXdmE5tcodb
U4iTqrGcup5EmWrZ7UsChEZsq5d5zyoK0IXDffEX6erO7RZ1akaDED2MVLNMcOQK
7DD8vHOP/PjJ+YZS6ATqyRuk55KRxONNz9R57K5C/b5/OKUxLEFxYhwllvFO1mSE
zhJ1j7kSSwiytu0XdLyJf429OvMiphuJof3fjxo8Vtv8K8UkKpkf0URFLdnZ4p+O
23dOpY4Yj/4nbu82TTZwVQbJFglxKGYChzz413c1FlBWC8075g4yxdqir67Iv7eV
E+4hUZ9BWLFG3DVkRbFbigRdt2F7ovPjdcs/O7raY1wY/OCHUOkQwrOZHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwU/TSmHzZzBufp+uuPA+Xyv6JqMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcgan68Sk
M+sPJ5BM/dZ/OQ45JbFLlYc9uPwuAseMqAGzgzWDmgKO8M/z9bz6qoXQyqJrkLtY
WMhtRPZem1w9MwH4OexgkEGV3i5AXCKX9LrxqHbuemYji/p53y4mD0sbWhery4RL
iiNi1+eVd52RjY6oKE9xVlGfBysA1EVnJFpzzKaubsTAgkw4Y4JQ9KE+3cygkDdH
1BisbT+yJXcf3gzfgkgqcmkEFs4DwLPP5+TV0geiPonZ9R7CEuGeEuFxx210cCl4
J8u9U6ZXy81cThrppLpeKFyvd0gO+AfpfVVyllfUDExGdxAKiToRvPfbHZRbu2l6
hLQV3HaZfnuIHw==
-----END CERTIFICATE-----