Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          DU3+zrlUItktyh3sU5maIJMriCOkdOUZSznW3WIvLTU=
Subject key identifier:   18:AD:67:B0:53:15:3D:73:1C:F2:4B:C7:08:A6:92:B4:A0:6D:27:CE
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       018F1F019EEDF456FAFF9E1AF6ECFAA72417
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          087A
Signing time:             Sat 27 Apr 2024 10:02:30 +0000
Manifest this update:     Sat 27 Apr 2024 10:02:30 +0000
Manifest next update:     Sun 28 Apr 2024 10:02:30 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: nsC2m25fuIjs2Egv0H+Itb7Wr22KgM3xcxC4S1LnLes=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 04:37:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1f:01:9e:ed:f4:56:fa:ff:9e:1a:f6:ec:fa:a7:24:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Apr 27 10:02:30 2024 GMT
            Not After : Apr 28 10:02:30 2024 GMT
        Subject: CN=18ad67b053153d731cf24bc708a692b4a06d27ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1d:5e:74:c6:0e:ff:b9:89:1b:c4:13:e8:57:
                    45:08:3e:8d:09:ea:21:4e:b1:84:5b:52:a7:4a:45:
                    fd:57:3b:1e:9a:9b:1c:ad:e4:81:70:a8:ec:2a:2e:
                    90:41:be:82:e0:6b:6e:2c:56:32:42:98:48:4b:aa:
                    c9:04:8b:e6:f5:0d:a5:6e:4a:f3:19:6c:9c:95:46:
                    fe:28:4a:a7:ec:15:d9:9e:5b:5f:34:67:58:1c:0c:
                    4d:ec:c2:59:98:85:2d:2f:36:ac:8e:8b:4e:d6:99:
                    35:6c:f3:51:f2:3f:a7:86:2c:c3:89:f2:54:a4:0b:
                    ec:8e:b5:2f:b3:a2:bf:57:25:28:fc:b8:67:87:09:
                    37:2b:0d:f9:3c:b7:cf:0b:51:c2:1b:4f:f4:48:60:
                    35:40:dc:6d:60:d7:27:bb:aa:d3:3f:f7:8f:be:99:
                    33:3d:80:11:4d:64:2b:9e:e9:bb:8a:26:74:9b:ee:
                    4b:c1:5c:77:c2:a6:e0:27:d9:25:45:0f:01:15:fd:
                    c1:ed:64:13:2e:d9:ac:fc:57:35:b6:9e:0c:bb:4c:
                    e1:ad:6e:03:ea:6b:ab:ad:d1:20:28:f7:2e:0a:2d:
                    5e:8f:5f:df:c0:f2:f6:0f:1f:d8:d3:1f:f9:4e:b0:
                    53:ca:ad:64:5e:78:5b:5a:c5:55:40:bf:ab:d2:70:
                    45:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AD:67:B0:53:15:3D:73:1C:F2:4B:C7:08:A6:92:B4:A0:6D:27:CE
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:10:9b:56:37:fd:7d:73:9b:81:27:6b:48:7d:17:fd:5c:31:
         d9:7e:69:fc:42:85:42:f7:ac:78:9b:32:71:6b:1f:1f:ae:71:
         60:8a:58:83:e8:6b:ce:f1:75:4f:61:e1:44:da:f3:d6:8a:65:
         c8:7d:b7:9e:80:22:54:25:65:54:ad:46:f5:96:00:a8:10:ca:
         c7:14:7c:46:d5:c5:5d:17:ec:ff:e4:7e:37:46:50:9f:4f:89:
         51:28:7d:17:e4:7e:ae:5e:f7:d1:b3:1e:7f:cb:e7:34:ac:1c:
         40:62:1d:fd:15:bc:2d:4c:3f:5a:73:7a:8f:bc:e8:b8:dc:63:
         36:4b:34:d4:de:fa:b2:8e:47:0e:ae:85:51:02:92:0e:e7:db:
         a2:41:37:7a:50:0a:f0:e0:a8:d9:15:ea:4d:62:4d:d2:8d:80:
         da:3d:8a:91:5c:47:b5:1f:08:a7:d3:d7:b7:9c:8d:f5:34:ed:
         b4:d3:05:c9:df:22:38:ce:af:02:d4:04:ad:95:c8:f3:5c:32:
         16:16:33:e9:96:49:ad:d8:fa:b1:c2:21:45:0c:6f:b1:1a:ef:
         91:1d:4e:08:7d:dc:6c:13:21:c0:ba:55:0d:b9:09:c7:f2:9d:
         aa:77:28:24:d9:88:cb:75:51:b2:c8:02:01:20:5c:6b:35:f1:
         3a:ef:9e:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8fAZ7t9Fb6/54a9uz6pyQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjQwNDI3MTAwMjMwWhcNMjQwNDI4MTAwMjMwWjAzMTEwLwYDVQQD
EygxOGFkNjdiMDUzMTUzZDczMWNmMjRiYzcwOGE2OTJiNGEwNmQyN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR1edMYO/7mJG8QT6FdFCD6NCeoh
TrGEW1KnSkX9VzsempscreSBcKjsKi6QQb6C4GtuLFYyQphIS6rJBIvm9Q2lbkrz
GWyclUb+KEqn7BXZnltfNGdYHAxN7MJZmIUtLzasjotO1pk1bPNR8j+nhizDifJU
pAvsjrUvs6K/VyUo/Lhnhwk3Kw35PLfPC1HCG0/0SGA1QNxtYNcnu6rTP/ePvpkz
PYARTWQrnum7iiZ0m+5LwVx3wqbgJ9klRQ8BFf3B7WQTLtms/Fc1tp4Mu0zhrW4D
6murrdEgKPcuCi1ej1/fwPL2Dx/Y0x/5TrBTyq1kXnhbWsVVQL+r0nBFNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBitZ7BTFT1zHPJLxwimkrSgbSfOMB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRCbVjf9
fXObgSdrSH0X/Vwx2X5p/EKFQveseJsycWsfH65xYIpYg+hrzvF1T2HhRNrz1opl
yH23noAiVCVlVK1G9ZYAqBDKxxR8RtXFXRfs/+R+N0ZQn0+JUSh9F+R+rl730bMe
f8vnNKwcQGId/RW8LUw/WnN6j7zouNxjNks01N76so5HDq6FUQKSDufbokE3elAK
8OCo2RXqTWJN0o2A2j2KkVxHtR8Ip9PXt5yN9TTttNMFyd8iOM6vAtQErZXI81wy
FhYz6ZZJrdj6scIhRQxvsRrvkR1OCH3cbBMhwLpVDbkJx/KdqncoJNmIy3VRssgC
ASBcazXxOu+eEw==
-----END CERTIFICATE-----