Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          eagiUTJuSg9/mgwIC+9hptWzdIDFoHfsbPYo6n2uDcU=
Subject key identifier:   1D:92:0D:82:CA:A4:CA:6C:A5:BD:31:67:09:EE:BD:95:01:5E:79:87
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       019369D9D41C35A5C47506A4968BDDFC67C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0855
Signing time:             Tue 26 Nov 2024 19:01:43 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:43 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:43 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: 13RcDGIutqzKzq5SheUidWioe/SEZqzGkdFiy7jn0Ec=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:d4:1c:35:a5:c4:75:06:a4:96:8b:dd:fc:67:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: Nov 26 19:01:43 2024 GMT
            Not After : Nov 27 19:01:43 2024 GMT
        Subject: CN=1d920d82caa4ca6ca5bd316709eebd95015e7987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:af:2e:0f:5c:fe:fe:6c:41:38:9e:8c:05:15:
                    ca:d2:04:1f:2d:75:7d:37:0a:4d:87:fa:aa:4b:e7:
                    e8:d2:77:50:c3:d6:eb:72:24:51:f8:2c:56:ea:85:
                    b7:4a:5b:70:a8:72:1f:8e:53:76:c3:02:6c:2f:e4:
                    2d:bb:99:22:f7:72:50:58:45:4a:8a:8f:55:f9:f9:
                    6f:c3:37:c3:b9:2b:dc:ce:fb:13:49:23:86:51:e4:
                    fb:fa:e3:ec:ab:b9:c4:8e:3e:b7:b2:ac:c6:ab:e8:
                    75:04:b0:65:3b:00:57:df:e6:ee:7e:42:11:d7:a8:
                    ff:cb:1a:42:9c:88:b1:d3:38:43:2b:3b:f1:9e:a2:
                    bf:c4:65:0d:25:1f:02:45:57:53:00:81:ac:71:84:
                    b5:42:8f:78:8c:92:50:e1:26:98:6c:e1:53:80:ad:
                    fb:24:ee:1a:6c:e5:50:35:67:43:d8:c8:b3:ff:65:
                    82:01:94:9b:01:db:05:1f:1b:8c:ff:6e:de:90:5f:
                    e9:61:69:e7:09:41:bd:55:84:e6:4c:31:f6:2c:e4:
                    86:43:ec:d1:29:6e:c5:fe:9a:c0:41:8b:a6:fc:a3:
                    04:24:82:22:04:67:4f:16:51:31:8d:8b:69:d3:0a:
                    99:04:6e:83:ba:4f:67:e3:8a:6a:6d:d4:14:21:1f:
                    69:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:92:0D:82:CA:A4:CA:6C:A5:BD:31:67:09:EE:BD:95:01:5E:79:87
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:fb:4e:89:cd:71:ae:41:b4:36:2e:ed:f6:ee:52:63:9d:b2:
         98:9b:58:8f:af:cf:41:5c:cf:b9:fd:ed:94:58:c6:c1:a6:a6:
         f3:44:f2:9e:7b:d0:97:06:a6:0d:9b:d2:23:24:ce:af:47:e9:
         59:18:09:a1:60:20:bd:a6:fa:a0:1a:70:50:31:c3:b0:e9:d8:
         17:92:e1:fd:20:7c:3a:5b:60:34:b8:c3:11:aa:c6:af:07:03:
         f6:a7:9d:05:fb:e6:a0:6c:b5:c0:b7:9f:ed:30:69:25:97:2a:
         38:50:92:be:c6:74:24:0c:3b:99:f8:34:1d:78:11:5e:17:f6:
         55:f5:a8:30:21:7c:7d:0c:c8:96:d4:7a:40:9a:18:f6:6c:97:
         e3:07:db:d5:fe:4c:84:66:63:e8:30:db:45:17:55:27:ea:14:
         14:3b:dd:9b:06:93:74:13:5a:85:fe:2c:87:38:70:73:42:dd:
         8f:1f:84:48:5b:80:63:63:3a:6c:21:80:0e:bb:e0:fe:4e:7a:
         63:eb:85:f6:4e:59:f8:fd:ce:97:b9:7b:a5:93:22:5d:c4:30:
         b9:e0:70:37:97:c6:c1:77:d7:80:75:2b:ab:72:27:0d:03:00:
         e3:e2:df:93:2a:d8:de:48:85:b1:b0:71:88:8c:97:20:79:0c:
         c9:97:38:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2dQcNaXEdQaklovd/GfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjQxMTI2MTkwMTQzWhcNMjQxMTI3MTkwMTQzWjAzMTEwLwYDVQQD
EygxZDkyMGQ4MmNhYTRjYTZjYTViZDMxNjcwOWVlYmQ5NTAxNWU3OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA168uD1z+/mxBOJ6MBRXK0gQfLXV9
NwpNh/qqS+fo0ndQw9brciRR+CxW6oW3SltwqHIfjlN2wwJsL+Qtu5ki93JQWEVK
io9V+flvwzfDuSvczvsTSSOGUeT7+uPsq7nEjj63sqzGq+h1BLBlOwBX3+bufkIR
16j/yxpCnIix0zhDKzvxnqK/xGUNJR8CRVdTAIGscYS1Qo94jJJQ4SaYbOFTgK37
JO4abOVQNWdD2Miz/2WCAZSbAdsFHxuM/27ekF/pYWnnCUG9VYTmTDH2LOSGQ+zR
KW7F/prAQYum/KMEJIIiBGdPFlExjYtp0wqZBG6Duk9n44pqbdQUIR9p7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2SDYLKpMpspb0xZwnuvZUBXnmHMB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL/tOic1x
rkG0Ni7t9u5SY52ymJtYj6/PQVzPuf3tlFjGwaam80TynnvQlwamDZvSIyTOr0fp
WRgJoWAgvab6oBpwUDHDsOnYF5Lh/SB8OltgNLjDEarGrwcD9qedBfvmoGy1wLef
7TBpJZcqOFCSvsZ0JAw7mfg0HXgRXhf2VfWoMCF8fQzIltR6QJoY9myX4wfb1f5M
hGZj6DDbRRdVJ+oUFDvdmwaTdBNahf4shzhwc0Ldjx+ESFuAY2M6bCGADrvg/k56
Y+uF9k5Z+P3Ol7l7pZMiXcQwueBwN5fGwXfXgHUrq3InDQMA4+LfkyrY3kiFsbBx
iIyXIHkMyZc43g==
-----END CERTIFICATE-----