Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          urksFbio32mnks/G4vWhgruI8dXAuu2RMkF8topPAfU=
Subject key identifier:   5F:F2:D7:6C:E7:D9:CE:92:5B:8C:E6:CA:84:2F:A1:28:4C:1B:77:AC
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       018F8749057F3123588FDC440E5B54A9A031
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0A2D
Signing time:             Fri 17 May 2024 16:01:00 +0000
Manifest this update:     Fri 17 May 2024 16:01:00 +0000
Manifest next update:     Sat 18 May 2024 16:01:00 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: 8/tL/KdANt/tnbLhQFjOlNgGjUHYBE2fKI9yTULP5KE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:05:7f:31:23:58:8f:dc:44:0e:5b:54:a9:a0:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: May 17 16:01:00 2024 GMT
            Not After : May 18 16:01:00 2024 GMT
        Subject: CN=5ff2d76ce7d9ce925b8ce6ca842fa1284c1b77ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:74:09:23:49:9f:d4:29:12:a8:e4:e7:11:df:
                    c4:cf:d9:50:61:c8:ce:bb:09:06:4a:39:23:f3:a1:
                    1d:0a:cc:4b:e6:88:a6:6d:71:55:dc:7b:ef:f7:1c:
                    fa:44:70:0e:cf:25:30:9b:3f:62:79:b7:2f:0f:2f:
                    2e:11:e2:a8:0c:b3:97:bc:26:b8:79:0d:8f:a9:36:
                    0a:95:2c:67:1b:64:8b:07:40:25:bc:95:c3:fb:84:
                    28:2a:3f:30:fb:82:d9:2c:a2:7e:f9:1a:29:e8:22:
                    15:7a:53:5e:3d:d2:ca:92:14:29:0b:01:68:a4:05:
                    b5:73:c1:e3:06:61:e2:cc:8a:14:48:33:e0:a6:b8:
                    3f:4d:b9:e4:cd:b3:e2:c8:69:cf:3c:bc:e8:6e:00:
                    78:96:cb:4a:3b:fa:11:d3:11:8f:a7:79:fa:98:e9:
                    52:3e:8b:79:1d:8e:79:50:81:75:c4:3d:6a:61:d4:
                    62:2d:bd:c6:e2:6d:09:ba:fb:e8:de:31:3f:45:5d:
                    23:66:2e:e4:7d:a9:16:fb:7e:ac:e4:e6:5b:25:c1:
                    c2:a1:87:48:54:fc:b3:d8:dd:cf:ca:f5:f9:15:31:
                    26:f3:12:2d:d4:da:a7:ec:ed:6d:20:8b:95:bf:78:
                    d5:c8:c5:55:2a:9e:4d:c4:d2:2a:4d:45:3c:a1:1b:
                    37:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F2:D7:6C:E7:D9:CE:92:5B:8C:E6:CA:84:2F:A1:28:4C:1B:77:AC
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:5d:ff:8c:f9:a7:05:71:d4:ea:1b:91:a9:77:05:50:fc:b6:
         c6:7d:ce:47:d3:e8:80:4f:c4:d6:63:d8:d1:dd:ed:95:60:12:
         7a:ee:71:72:65:b7:55:bf:e4:38:05:99:79:9d:81:7f:43:25:
         d7:6d:09:00:36:2b:8e:a0:f1:bb:c0:e8:fc:90:bc:65:95:29:
         e4:32:61:7a:7b:41:91:04:68:b6:21:23:aa:ce:64:59:bc:93:
         d2:f2:4f:00:93:df:4d:e4:62:bf:95:cb:2e:98:a7:b7:c0:94:
         c4:65:0f:fe:64:78:a1:fe:cd:21:2a:0e:1e:8c:0a:b9:e0:06:
         4e:4f:19:b4:fe:72:95:13:0e:55:31:2e:12:31:72:f8:12:95:
         d8:66:77:11:c6:76:36:2d:86:f6:aa:57:e9:38:e0:31:b4:3d:
         6a:a0:f8:dc:f0:7a:44:63:8f:b5:62:48:c3:f3:06:88:33:fd:
         ec:67:b9:ec:c8:e2:51:9e:f5:0a:ff:16:00:2e:36:80:d4:54:
         94:05:ec:dd:19:38:56:f8:2e:72:56:fa:d2:82:b9:4e:db:c4:
         71:cc:61:f6:95:6e:3e:51:64:b0:67:13:f6:36:14:36:ce:25:
         20:c4:c4:75:3f:82:67:75:59:1e:6f:d7:a9:91:26:90:20:d8:
         2d:de:0c:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSQV/MSNYj9xEDltUqaAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjQwNTE3MTYwMTAwWhcNMjQwNTE4MTYwMTAwWjAzMTEwLwYDVQQD
Eyg1ZmYyZDc2Y2U3ZDljZTkyNWI4Y2U2Y2E4NDJmYTEyODRjMWI3N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHQJI0mf1CkSqOTnEd/Ez9lQYcjO
uwkGSjkj86EdCsxL5oimbXFV3Hvv9xz6RHAOzyUwmz9iebcvDy8uEeKoDLOXvCa4
eQ2PqTYKlSxnG2SLB0AlvJXD+4QoKj8w+4LZLKJ++Rop6CIVelNePdLKkhQpCwFo
pAW1c8HjBmHizIoUSDPgprg/TbnkzbPiyGnPPLzobgB4lstKO/oR0xGPp3n6mOlS
Pot5HY55UIF1xD1qYdRiLb3G4m0Juvvo3jE/RV0jZi7kfakW+36s5OZbJcHCoYdI
VPyz2N3PyvX5FTEm8xIt1Nqn7O1tIIuVv3jVyMVVKp5NxNIqTUU8oRs3RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/y12zn2c6SW4zmyoQvoShMG3esMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfF3/jPmn
BXHU6huRqXcFUPy2xn3OR9PogE/E1mPY0d3tlWASeu5xcmW3Vb/kOAWZeZ2Bf0Ml
120JADYrjqDxu8Do/JC8ZZUp5DJhentBkQRotiEjqs5kWbyT0vJPAJPfTeRiv5XL
Lpint8CUxGUP/mR4of7NISoOHowKueAGTk8ZtP5ylRMOVTEuEjFy+BKV2GZ3EcZ2
Ni2G9qpX6TjgMbQ9aqD43PB6RGOPtWJIw/MGiDP97Ge57MjiUZ71Cv8WAC42gNRU
lAXs3Rk4Vvguclb60oK5TtvEccxh9pVuPlFksGcT9jYUNs4lIMTEdT+CZ3VZHm/X
qZEmkCDYLd4Maw==
-----END CERTIFICATE-----