Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
File:                     dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json)
Hash identifier:          j2P1Sk2qHJkLipZ742qL22LNAgtKnc/D0JaoWNENFQk=
Subject key identifier:   0F:1F:92:21:53:F3:04:83:EC:5B:8D:9D:76:56:44:0D:B4:47:94:0B
Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65
Certificate issuer:       /CN=76d4215a625457bc0532191c8803f7c64b7f9065
Certificate serial:       0191FA10AEEC64C74EB9865D07EBD26BEF7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
Manifest number:          93
Signing time:             Mon 16 Sep 2024 09:01:22 +0000
Manifest this update:     Mon 16 Sep 2024 09:01:22 +0000
Manifest next update:     Tue 17 Sep 2024 09:01:22 +0000
Files and hashes:         1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: VbnMH2t919XjyTYmRCIgMgntxPEiU2O3Y5oYaFVfqBI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 09:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:10:ae:ec:64:c7:4e:b9:86:5d:07:eb:d2:6b:ef:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065
        Validity
            Not Before: Sep 16 09:01:22 2024 GMT
            Not After : Sep 17 09:01:22 2024 GMT
        Subject: CN=0f1f922153f30483ec5b8d9d7656440db447940b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0a:9e:3b:f0:35:03:94:b6:63:40:d8:91:be:
                    5c:ea:50:86:67:28:bc:55:b8:fb:6d:5a:0a:f4:02:
                    4c:4a:eb:99:1e:fc:50:dd:54:40:ee:da:67:d2:ed:
                    1f:9d:4b:7c:f7:87:6d:32:49:1d:ed:be:f8:a2:69:
                    f7:05:2c:f6:66:d8:ab:e1:d8:00:39:6f:04:ee:5b:
                    e7:83:5d:4e:d1:9f:2b:9a:3f:15:7d:b5:63:0c:36:
                    0d:df:a5:af:a1:8b:3d:87:b5:47:25:9e:83:43:43:
                    5f:74:f0:f0:d3:74:8f:6f:a8:8d:39:f3:e1:28:5d:
                    1b:c4:ff:8b:8c:09:61:8d:61:f4:9c:61:9f:0a:4c:
                    77:c4:c5:c2:f9:75:e5:f9:89:d4:35:00:23:f5:8d:
                    89:06:00:c2:20:e3:97:6a:47:1a:ce:dc:58:4a:31:
                    45:71:03:a8:70:72:38:5c:8f:01:1c:26:af:16:5e:
                    2a:b6:b0:08:f7:ec:07:85:ae:d5:ea:f6:57:0d:ce:
                    6a:bd:75:4f:e1:0e:fd:df:d3:d6:e1:c8:fa:c4:af:
                    93:78:64:c0:aa:85:6f:c0:ed:e7:fd:94:92:c2:78:
                    72:40:bf:0b:78:73:cc:80:01:7d:8a:1f:1f:7e:f0:
                    62:7c:07:2a:ab:1b:c8:b5:8e:e7:f9:e7:5c:e3:50:
                    6d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:1F:92:21:53:F3:04:83:EC:5B:8D:9D:76:56:44:0D:B4:47:94:0B
            X509v3 Authority Key Identifier:
                keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:1e:c9:43:fd:26:52:87:b8:f1:60:08:b5:03:d9:a6:bd:88:
         fb:30:6a:7b:f1:99:0c:6f:8d:5c:68:fa:2f:8e:d9:0f:6d:ec:
         a3:95:dd:79:2c:81:93:fe:95:9b:bc:0e:40:fe:c5:52:98:e5:
         b2:81:da:0b:90:b3:2a:01:0e:a5:26:d2:ad:68:a4:66:9c:9f:
         bf:1e:fe:b5:e3:0b:cf:c9:3c:78:f0:c0:24:27:e3:97:2e:e6:
         22:35:52:ab:e1:b3:9c:e6:4d:92:15:18:17:4a:21:42:29:20:
         93:51:a0:75:a7:0c:d1:72:d4:1b:50:83:c1:94:39:71:7b:ff:
         6f:6c:de:bb:66:8c:54:21:91:3f:e6:2d:58:15:26:1a:11:3d:
         fe:fe:55:a0:31:96:75:de:dc:26:4a:74:9d:f6:26:60:2b:61:
         63:da:7d:4f:4c:d9:2e:10:cd:4d:60:be:7f:a9:5c:e5:bb:c5:
         e7:b5:a5:1d:9b:ca:c1:1a:0a:01:59:d8:88:bf:e9:68:86:91:
         72:0d:94:1b:6a:96:db:a9:be:a6:50:91:bd:ff:7b:78:27:76:
         f9:9f:26:a9:66:69:f7:55:56:c8:91:c1:d4:8e:59:ca:8c:8f:
         31:e0:07:99:92:af:0d:ee:38:86:a4:5b:3a:dc:41:08:86:5b:
         b2:cf:93:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6EK7sZMdOuYZdB+vSa+97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3
ZjkwNjUwHhcNMjQwOTE2MDkwMTIyWhcNMjQwOTE3MDkwMTIyWjAzMTEwLwYDVQQD
EygwZjFmOTIyMTUzZjMwNDgzZWM1YjhkOWQ3NjU2NDQwZGI0NDc5NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwqeO/A1A5S2Y0DYkb5c6lCGZyi8
Vbj7bVoK9AJMSuuZHvxQ3VRA7tpn0u0fnUt894dtMkkd7b74omn3BSz2Ztir4dgA
OW8E7lvng11O0Z8rmj8VfbVjDDYN36WvoYs9h7VHJZ6DQ0NfdPDw03SPb6iNOfPh
KF0bxP+LjAlhjWH0nGGfCkx3xMXC+XXl+YnUNQAj9Y2JBgDCIOOXakcaztxYSjFF
cQOocHI4XI8BHCavFl4qtrAI9+wHha7V6vZXDc5qvXVP4Q7939PW4cj6xK+TeGTA
qoVvwO3n/ZSSwnhyQL8LeHPMgAF9ih8ffvBifAcqqxvItY7n+edc41BtuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8fkiFT8wSD7FuNnXZWRA20R5QLMB8GA1UdIwQY
MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt
Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2
LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZx7JQ/0m
Uoe48WAItQPZpr2I+zBqe/GZDG+NXGj6L47ZD23so5XdeSyBk/6Vm7wOQP7FUpjl
soHaC5CzKgEOpSbSrWikZpyfvx7+teMLz8k8ePDAJCfjly7mIjVSq+GznOZNkhUY
F0ohQikgk1GgdacM0XLUG1CDwZQ5cXv/b2zeu2aMVCGRP+YtWBUmGhE9/v5VoDGW
dd7cJkp0nfYmYCthY9p9T0zZLhDNTWC+f6lc5bvF57WlHZvKwRoKAVnYiL/paIaR
cg2UG2qW26m+plCRvf97eCd2+Z8mqWZp91VWyJHB1I5ZyoyPMeAHmZKvDe44hqRb
OtxBCIZbss+TlQ==
-----END CERTIFICATE-----