Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
File:                     knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft (raw, json)
Hash identifier:          5kqvPn5krWir6JRJeOPEI8LlyY9xsXWgtCpLLRcYFGQ=
Subject key identifier:   36:AE:22:F1:87:4B:30:2D:CD:AA:A7:12:0C:EF:5F:63:09:2C:1D:8E
Authority key identifier: 92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
Certificate issuer:       /CN=927b1e56ac7d07802c4567c4679435159b422096
Certificate serial:       01936AEB4224B070A2D64585FE8883CD9114
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
Manifest number:          137C
Signing time:             Wed 27 Nov 2024 00:00:22 +0000
Manifest this update:     Wed 27 Nov 2024 00:00:22 +0000
Manifest next update:     Thu 28 Nov 2024 00:00:22 +0000
Files and hashes:         1: knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl (hash: AwDrLBBUxS1vu9Ip2eO31FqxKi+By1KATIGkxbEvor8=)
                          2: tkJ_2f_hABtl4J1gZ1sIGKxTT1U.roa (hash: HD+U1g+2X+ezM5poOzJnUiBVR9GfUM+SSQ92w1cjWOE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:eb:42:24:b0:70:a2:d6:45:85:fe:88:83:cd:91:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=927b1e56ac7d07802c4567c4679435159b422096
        Validity
            Not Before: Nov 27 00:00:22 2024 GMT
            Not After : Nov 28 00:00:22 2024 GMT
        Subject: CN=36ae22f1874b302dcdaaa7120cef5f63092c1d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:12:a0:ec:8b:06:28:1e:1f:39:52:6a:6f:7e:
                    ab:9b:2d:64:01:c3:0d:23:42:02:a4:0f:4d:4b:79:
                    cf:28:82:c1:d6:95:91:dd:9c:d4:c7:15:d1:0a:86:
                    1b:6c:72:62:a1:e2:5e:4e:1f:70:01:8d:7c:b6:1f:
                    97:96:62:eb:b2:98:80:9b:aa:0c:ff:73:8c:b4:cc:
                    6c:c6:1f:0c:13:ec:5f:b8:24:9c:8f:36:ec:0d:7d:
                    a7:42:d3:29:f8:45:a0:71:ab:a7:a4:80:fc:df:ad:
                    20:74:09:74:37:c0:48:8a:0c:90:02:f1:17:c9:c1:
                    b8:27:56:07:59:92:c9:79:c9:5d:c5:0a:0e:ad:a6:
                    fe:94:6d:21:81:c5:97:11:c4:8e:d4:b8:e6:77:36:
                    82:d5:42:6b:ba:28:9e:75:09:7b:04:55:c7:88:90:
                    77:c4:69:3c:1f:f0:f5:5d:77:84:81:aa:02:db:ff:
                    a5:54:33:cd:7e:1b:58:c5:00:b6:4c:aa:6e:0c:1b:
                    0c:b4:72:f7:61:d8:24:9b:96:8d:b4:bc:17:08:13:
                    1e:42:1a:f0:ea:de:91:bf:9d:07:e9:64:39:03:7d:
                    00:f8:1b:98:14:c3:7f:32:f3:9b:fe:35:b5:a4:e2:
                    a7:c6:82:3b:d8:3b:b7:5c:6c:34:14:8a:d9:c4:f2:
                    02:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:AE:22:F1:87:4B:30:2D:CD:AA:A7:12:0C:EF:5F:63:09:2C:1D:8E
            X509v3 Authority Key Identifier:
                keyid:92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:bd:8d:50:13:2b:a5:f1:da:25:e8:83:ea:fb:ad:2e:4d:86:
         4a:4f:34:7c:c7:00:2e:43:19:8d:46:90:84:5c:fb:86:02:1a:
         ec:e6:a2:a5:d1:07:dd:e0:77:6a:ba:90:4a:93:b9:69:df:97:
         f3:3b:07:50:b6:b4:93:ba:49:48:b0:9c:0c:87:00:46:d2:b5:
         9b:25:c1:55:c4:b4:42:6b:79:01:6d:7e:8e:5c:bb:53:19:79:
         99:f7:1c:60:fe:04:58:5f:ff:31:5f:c3:be:cb:a2:62:a4:cc:
         4f:4d:2c:f8:cb:76:bf:df:c0:f3:c2:5e:21:3e:51:f2:0e:da:
         51:7a:ab:a4:b4:a2:38:70:66:d5:90:3b:b3:0e:02:d8:09:7b:
         cd:e9:c7:cb:be:98:57:21:95:2c:e6:5c:22:9e:32:3d:b4:3f:
         cc:3d:d9:27:33:be:d8:b9:91:3e:c7:3b:22:ab:ef:84:78:c9:
         86:be:6b:6f:8e:64:b6:65:91:9e:02:97:b6:53:ab:45:5d:71:
         ad:5e:6a:1b:61:9b:26:45:10:66:df:eb:92:f7:74:5d:20:1f:
         d7:b2:62:fc:3d:dd:eb:0b:df:2f:b7:18:e1:76:73:4f:f1:07:
         e9:2d:d1:6e:13:77:9a:22:0a:92:0f:da:e3:1d:37:7b:26:68:
         b9:4b:3c:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNq60IksHCi1kWF/oiDzZEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyN2IxZTU2YWM3ZDA3ODAyYzQ1NjdjNDY3OTQzNTE1OWI0
MjIwOTYwHhcNMjQxMTI3MDAwMDIyWhcNMjQxMTI4MDAwMDIyWjAzMTEwLwYDVQQD
EygzNmFlMjJmMTg3NGIzMDJkY2RhYWE3MTIwY2VmNWY2MzA5MmMxZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhKg7IsGKB4fOVJqb36rmy1kAcMN
I0ICpA9NS3nPKILB1pWR3ZzUxxXRCoYbbHJioeJeTh9wAY18th+XlmLrspiAm6oM
/3OMtMxsxh8ME+xfuCScjzbsDX2nQtMp+EWgcaunpID8360gdAl0N8BIigyQAvEX
ycG4J1YHWZLJecldxQoOrab+lG0hgcWXEcSO1LjmdzaC1UJruiiedQl7BFXHiJB3
xGk8H/D1XXeEgaoC2/+lVDPNfhtYxQC2TKpuDBsMtHL3Ydgkm5aNtLwXCBMeQhrw
6t6Rv50H6WQ5A30A+BuYFMN/MvOb/jW1pOKnxoI72Du3XGw0FIrZxPIC6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDauIvGHSzAtzaqnEgzvX2MJLB2OMB8GA1UdIwQY
MBaAFJJ7HlasfQeALEVnxGeUNRWbQiCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTIt
MzY1MzQ3ZjQxNmMwLzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTItMzY1MzQ3ZjQxNmMw
LzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO72NUBMr
pfHaJeiD6vutLk2GSk80fMcALkMZjUaQhFz7hgIa7OaipdEH3eB3arqQSpO5ad+X
8zsHULa0k7pJSLCcDIcARtK1myXBVcS0Qmt5AW1+jly7Uxl5mfccYP4EWF//MV/D
vsuiYqTMT00s+Mt2v9/A88JeIT5R8g7aUXqrpLSiOHBm1ZA7sw4C2Al7zenHy76Y
VyGVLOZcIp4yPbQ/zD3ZJzO+2LmRPsc7IqvvhHjJhr5rb45ktmWRngKXtlOrRV1x
rV5qG2GbJkUQZt/rkvd0XSAf17Ji/D3d6wvfL7cY4XZzT/EH6S3RbhN3miIKkg/a
4x03eyZouUs8UQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:34:24 2024 by rpki-client on console-ams.rpki-client.org