Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
File:                     xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft (raw, json)
Hash identifier:          ZlMrnGTsaoWGrmNvr3DOgzx2YdXIfUMdfWWumAPGSEQ=
Subject key identifier:   9B:61:2B:FA:F6:C6:41:79:7A:F5:A0:BD:C1:82:16:B2:4A:1A:74:F5
Authority key identifier: C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33
Certificate issuer:       /CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
Certificate serial:       018F87ED6832077CFA53924FEDE2520C3F57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 19:00:33 +0000
Manifest this update:     Fri 17 May 2024 19:00:33 +0000
Manifest next update:     Sat 18 May 2024 19:00:33 +0000
Files and hashes:         1: xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl (hash: ANBLrnjXqn5Zw5apDJse2ac7dDpe8nU1BLxDlNMuIpo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:68:32:07:7c:fa:53:92:4f:ed:e2:52:0c:3f:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
        Validity
            Not Before: May 17 19:00:33 2024 GMT
            Not After : May 18 19:00:33 2024 GMT
        Subject: CN=9b612bfaf6c641797af5a0bdc18216b24a1a74f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:57:38:71:20:4e:4e:99:f7:ac:6f:cc:c2:b6:
                    b5:3b:ae:ca:b4:18:a0:bc:66:8b:f0:d3:c1:df:be:
                    60:ca:ea:dd:44:da:d2:d4:fc:8f:a1:c2:bc:10:09:
                    af:05:38:d0:c7:6c:71:97:38:42:fb:02:cb:1a:08:
                    c3:95:48:c2:05:e8:be:02:02:7d:c2:f6:98:9e:44:
                    ac:41:a2:f6:0a:f4:62:15:a3:c5:38:ad:59:72:5e:
                    c9:a7:ac:79:b3:ef:55:91:e7:20:64:77:6f:7d:84:
                    36:f5:5e:ff:e8:09:25:5c:ba:e9:7d:dc:93:39:e2:
                    ed:c7:de:5f:bd:13:c9:f5:88:0a:62:93:48:f9:87:
                    22:53:7d:bb:43:e4:af:6c:43:06:67:51:52:c0:74:
                    a3:cd:4e:94:8a:3a:79:9e:2a:23:26:3a:2f:8a:95:
                    2c:1b:fc:58:d9:11:df:da:36:97:a6:49:b5:3c:37:
                    36:7c:9f:ca:f1:a5:dd:70:1c:28:9b:ef:66:52:a7:
                    ca:da:38:76:18:e7:28:d2:82:24:d7:cf:37:29:66:
                    da:59:33:61:71:31:43:8a:15:aa:19:b2:71:aa:90:
                    87:3e:f1:ec:f4:ff:25:6a:62:4b:a7:7e:9c:57:2f:
                    a2:30:fc:a1:51:a5:4b:29:79:d2:57:50:04:3e:2b:
                    d7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:61:2B:FA:F6:C6:41:79:7A:F5:A0:BD:C1:82:16:B2:4A:1A:74:F5
            X509v3 Authority Key Identifier:
                keyid:C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:9d:cc:65:19:50:9b:dc:54:ea:2f:bb:ff:ef:d2:8f:e9:44:
         06:36:01:0e:2c:37:08:af:ed:d3:89:6e:b5:d7:62:53:63:7b:
         b1:2b:ac:20:b8:3d:60:4f:95:f9:3d:ed:25:57:76:13:b6:12:
         36:64:02:ec:25:4d:90:6b:c0:de:30:64:83:61:41:b4:87:27:
         36:7d:8f:37:d4:37:e4:9c:26:63:b9:2f:ae:7d:d5:0c:7d:5e:
         10:12:39:2c:10:25:e9:ef:4c:2b:bc:ff:e9:fd:5a:87:b8:c8:
         96:6b:7a:af:b3:4e:69:b3:3d:81:dc:46:74:e2:28:34:24:d4:
         8f:7b:01:dd:05:5c:c1:dd:cd:51:28:49:78:32:1d:d3:52:df:
         e0:02:27:0e:94:9d:f2:c8:94:b2:5d:d0:e1:7e:87:34:61:65:
         ac:29:73:a9:40:08:81:1d:3e:b3:7a:fe:7f:f2:a5:03:87:0c:
         a4:0c:2c:ca:de:3b:5e:88:9a:16:1e:33:8d:51:87:12:06:eb:
         20:73:66:3a:b3:b6:d0:9b:5f:04:f0:31:d1:d2:d5:9a:89:39:
         db:f2:5f:fa:d3:23:9f:d0:7f:cb:17:5a:92:ef:58:87:21:cf:
         ac:b5:36:de:ec:68:77:d8:64:4d:0d:92:54:4e:32:48:d9:2e:
         a1:d1:46:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7WgyB3z6U5JP7eJSDD9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MTVjZDNhY2YzYjZiMmQ1N2JjMzQ4NTY3NTgyNzUzYzlj
YzA5MzMwHhcNMjQwNTE3MTkwMDMzWhcNMjQwNTE4MTkwMDMzWjAzMTEwLwYDVQQD
Eyg5YjYxMmJmYWY2YzY0MTc5N2FmNWEwYmRjMTgyMTZiMjRhMWE3NGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1c4cSBOTpn3rG/Mwra1O67KtBig
vGaL8NPB375gyurdRNrS1PyPocK8EAmvBTjQx2xxlzhC+wLLGgjDlUjCBei+AgJ9
wvaYnkSsQaL2CvRiFaPFOK1Zcl7Jp6x5s+9VkecgZHdvfYQ29V7/6AklXLrpfdyT
OeLtx95fvRPJ9YgKYpNI+YciU327Q+SvbEMGZ1FSwHSjzU6Uijp5niojJjovipUs
G/xY2RHf2jaXpkm1PDc2fJ/K8aXdcBwom+9mUqfK2jh2GOco0oIk1883KWbaWTNh
cTFDihWqGbJxqpCHPvHs9P8lamJLp36cVy+iMPyhUaVLKXnSV1AEPivXTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJthK/r2xkF5evWgvcGCFrJKGnT1MB8GA1UdIwQY
MBaAFMcVzTrPO2stV7w0hWdYJ1PJzAkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEt
YWU4ZDg0MDAzZmYxLzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEtYWU4ZDg0MDAzZmYx
LzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp53MZRlQ
m9xU6i+7/+/Sj+lEBjYBDiw3CK/t04lutddiU2N7sSusILg9YE+V+T3tJVd2E7YS
NmQC7CVNkGvA3jBkg2FBtIcnNn2PN9Q35JwmY7kvrn3VDH1eEBI5LBAl6e9MK7z/
6f1ah7jIlmt6r7NOabM9gdxGdOIoNCTUj3sB3QVcwd3NUShJeDId01Lf4AInDpSd
8siUsl3Q4X6HNGFlrClzqUAIgR0+s3r+f/KlA4cMpAwsyt47XoiaFh4zjVGHEgbr
IHNmOrO20JtfBPAx0dLVmok52/Jf+tMjn9B/yxdaku9YhyHPrLU23uxod9hkTQ2S
VE4ySNkuodFGhw==
-----END CERTIFICATE-----