Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          FWfPgEghBq/j8BCxDghaFxMrgU+IMyA/8bm6VnV1dHM=
Subject key identifier:   32:D6:9B:8D:87:AA:9B:13:0C:DB:17:B7:4C:B6:FB:3D:B8:1A:A2:62
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       01935764A4ECDAE93BE353A8796CF09BF28C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          03B1
Signing time:             Sat 23 Nov 2024 05:00:33 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:33 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:33 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: y2j3zyuK04Z2wJfMo5A+bJTcdoLEPAZkCzGQsL/DAj8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:a4:ec:da:e9:3b:e3:53:a8:79:6c:f0:9b:f2:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Nov 23 05:00:33 2024 GMT
            Not After : Nov 24 05:00:33 2024 GMT
        Subject: CN=32d69b8d87aa9b130cdb17b74cb6fb3db81aa262
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:37:5b:c1:23:31:8c:98:90:5c:a4:58:cd:7a:
                    8e:94:27:fc:ab:cb:60:f0:9c:5c:e5:57:2c:aa:b3:
                    22:04:bf:fc:a6:91:0a:22:a9:85:9e:6a:b2:8f:c6:
                    2d:e6:f6:33:64:5f:ca:45:53:0f:f9:ab:ec:d2:19:
                    c0:b6:d2:15:3a:10:a5:2e:bf:f8:09:72:9d:a4:00:
                    34:58:70:5c:dc:d7:72:24:90:0a:6c:b3:89:62:8b:
                    2d:47:1c:e8:23:6b:8f:10:48:29:c0:f4:28:c1:72:
                    34:a5:bc:c4:e5:ba:d6:50:cd:31:0e:02:08:19:98:
                    60:f3:23:03:a7:5f:80:44:62:53:eb:fc:bb:3e:3f:
                    58:9a:4f:52:62:4e:ad:3e:53:9a:c3:49:ca:5d:82:
                    34:2f:1e:bc:e1:0a:f6:e1:07:3b:52:79:10:1f:30:
                    92:f5:96:d9:48:0c:17:69:e4:10:f8:10:e1:b6:22:
                    b1:a8:b7:ba:e8:39:ef:c4:37:c4:d3:62:8c:8c:3d:
                    65:d2:32:d9:ff:36:f2:98:a7:00:30:cd:cb:b6:d0:
                    82:93:21:3c:6a:bd:c4:9c:74:9a:1b:25:56:44:73:
                    b7:e1:1f:d9:d5:a6:0d:29:e8:ac:44:93:7a:df:80:
                    bd:ed:90:37:de:0a:38:cd:fb:84:ac:df:09:91:f4:
                    f9:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D6:9B:8D:87:AA:9B:13:0C:DB:17:B7:4C:B6:FB:3D:B8:1A:A2:62
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:9f:49:d7:aa:5d:3c:3a:5e:59:4c:26:d6:64:e8:ca:3e:b7:
         08:de:04:7e:55:f9:38:c6:d9:f6:dd:ce:12:82:b0:f1:ef:5d:
         9b:40:f6:61:22:9f:a4:05:06:a4:34:87:56:cf:64:a6:d6:1a:
         8f:9e:d5:b0:cd:59:b9:1b:f0:9a:50:38:6e:d7:24:de:5a:c3:
         e0:fb:60:8b:13:80:c6:88:cc:59:bf:5d:15:ab:81:2c:d7:8e:
         a9:cf:fe:86:fd:b2:53:ed:f5:cc:90:e4:d9:80:59:8e:2c:9b:
         12:4f:ef:ae:3c:cd:26:0c:b6:f4:b3:df:55:69:d0:ae:ad:2d:
         5a:65:39:de:37:87:9b:f5:75:28:68:67:71:c3:cf:e6:61:bd:
         5c:de:c4:a5:d2:ba:68:0a:0e:33:3a:45:3a:19:4b:a0:62:82:
         d4:69:a4:38:69:ec:09:27:0e:a2:67:81:08:61:17:b8:51:e0:
         c7:ae:72:4f:f6:54:f8:22:dc:3f:44:1d:31:65:e0:56:c0:7c:
         69:c3:a9:83:41:90:f6:a1:cd:e9:e1:a5:2d:b6:55:af:77:8a:
         4a:7b:99:de:25:12:54:f1:07:9b:a5:cf:70:18:2d:3f:e0:7b:
         72:a4:65:d6:a0:6f:a3:f6:6c:10:b6:15:9d:da:c3:da:6e:b1:
         bc:92:05:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZKTs2uk741OoeWzwm/KMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjQxMTIzMDUwMDMzWhcNMjQxMTI0MDUwMDMzWjAzMTEwLwYDVQQD
EygzMmQ2OWI4ZDg3YWE5YjEzMGNkYjE3Yjc0Y2I2ZmIzZGI4MWFhMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTdbwSMxjJiQXKRYzXqOlCf8q8tg
8Jxc5VcsqrMiBL/8ppEKIqmFnmqyj8Yt5vYzZF/KRVMP+avs0hnAttIVOhClLr/4
CXKdpAA0WHBc3NdyJJAKbLOJYostRxzoI2uPEEgpwPQowXI0pbzE5brWUM0xDgII
GZhg8yMDp1+ARGJT6/y7Pj9Ymk9SYk6tPlOaw0nKXYI0Lx684Qr24Qc7UnkQHzCS
9ZbZSAwXaeQQ+BDhtiKxqLe66DnvxDfE02KMjD1l0jLZ/zbymKcAMM3LttCCkyE8
ar3EnHSaGyVWRHO34R/Z1aYNKeisRJN634C97ZA33go4zfuErN8JkfT5NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLWm42HqpsTDNsXt0y2+z24GqJiMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZ9J16pd
PDpeWUwm1mToyj63CN4EflX5OMbZ9t3OEoKw8e9dm0D2YSKfpAUGpDSHVs9kptYa
j57VsM1ZuRvwmlA4btck3lrD4PtgixOAxojMWb9dFauBLNeOqc/+hv2yU+31zJDk
2YBZjiybEk/vrjzNJgy29LPfVWnQrq0tWmU53jeHm/V1KGhnccPP5mG9XN7EpdK6
aAoOMzpFOhlLoGKC1GmkOGnsCScOomeBCGEXuFHgx65yT/ZU+CLcP0QdMWXgVsB8
acOpg0GQ9qHN6eGlLbZVr3eKSnuZ3iUSVPEHm6XPcBgtP+B7cqRl1qBvo/ZsELYV
ndrD2m6xvJIFdw==
-----END CERTIFICATE-----