Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
File:                     4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft (raw, json)
Hash identifier:          6xrBQ69wn8BX7KBMdjFU7IbNtLhn3OyKr6erhK0f2HI=
Subject key identifier:   E4:94:86:77:E0:B6:24:5F:31:72:95:42:EE:06:B2:F0:AF:51:C4:CC
Authority key identifier: E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C
Certificate issuer:       /CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
Certificate serial:       019369DAB4D8D881F3865C3D785C40E99890
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
Manifest number:          1120
Signing time:             Tue 26 Nov 2024 19:02:40 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:40 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:40 +0000
Files and hashes:         1: 4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl (hash: 6hwb7sjQl/4v7imp1Wi5E1Z5ER6mpO5/6dpccWfEKww=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:b4:d8:d8:81:f3:86:5c:3d:78:5c:40:e9:98:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
        Validity
            Not Before: Nov 26 19:02:40 2024 GMT
            Not After : Nov 27 19:02:40 2024 GMT
        Subject: CN=e4948677e0b6245f31729542ee06b2f0af51c4cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:34:c8:e6:51:41:cb:11:20:29:f3:c0:6f:cf:
                    ca:81:88:c1:1d:ac:c1:1b:f2:25:a8:2f:55:aa:49:
                    da:49:3e:c0:78:0f:0f:c4:ae:ec:93:42:8a:7f:9c:
                    6e:ff:6b:77:89:36:90:f0:1b:60:50:bb:69:06:cc:
                    a8:57:d9:72:73:31:b5:da:e8:05:d8:42:93:84:73:
                    73:a2:b0:22:0b:b1:50:42:64:01:6e:c2:52:04:d3:
                    af:d6:1f:d2:8f:78:1b:ab:b2:e1:d5:40:e5:e3:cd:
                    23:e5:eb:48:47:75:9a:5a:35:38:67:34:57:96:6c:
                    7e:82:c5:98:b0:11:1e:b7:a1:39:d4:7d:62:e0:96:
                    42:a6:22:67:2b:c5:78:5d:05:01:28:88:9c:ef:19:
                    6d:c5:0b:f7:ee:bd:d9:7c:c5:ec:98:d1:18:57:81:
                    3a:99:06:98:73:12:b8:aa:a9:67:8a:be:b3:c5:d9:
                    9c:4f:5d:8b:2b:e5:c6:bf:c8:28:0c:8e:86:5e:36:
                    45:80:93:12:dd:ed:d4:a9:b5:35:d0:37:59:a2:44:
                    6d:3a:ad:08:17:bd:8b:5a:b0:4d:4a:05:00:05:f3:
                    42:f7:d5:1b:80:69:6c:a6:15:0d:ad:ca:9a:68:09:
                    da:2d:4d:c2:bc:7a:81:98:18:a8:f5:0b:50:c8:da:
                    56:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:94:86:77:E0:B6:24:5F:31:72:95:42:EE:06:B2:F0:AF:51:C4:CC
            X509v3 Authority Key Identifier:
                keyid:E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ab:7f:5b:32:e6:bb:cc:e4:4b:01:6c:74:c4:b1:95:8b:68:
         cf:90:65:41:ce:70:54:df:b5:bc:fa:59:cf:21:07:7a:b8:0f:
         99:a0:24:76:a0:0e:39:9f:3f:24:bd:56:cd:7f:3a:80:89:0e:
         d1:fe:ae:4d:0e:76:71:b9:33:f6:a7:dd:38:c1:0d:ec:80:d6:
         c7:27:81:11:6e:fc:32:ed:3b:75:80:ea:6f:2d:4a:9d:b1:38:
         34:19:99:af:4b:33:65:66:5f:da:fa:77:d1:f5:c6:d6:27:7e:
         a2:a7:13:a5:cd:e4:02:30:9d:e3:0a:5d:43:4a:3b:12:ac:e0:
         f7:a6:74:ef:f3:7a:d3:94:cf:27:41:3f:50:37:3e:2f:35:24:
         fc:b6:87:5f:77:3d:2d:66:6b:71:17:6c:cf:6c:75:de:44:b8:
         46:e6:69:84:2f:06:eb:2d:41:e7:fd:7c:fc:60:52:5d:d4:7c:
         52:17:fc:b7:63:87:da:00:f4:eb:fe:c5:fb:f6:e8:52:c3:16:
         ad:96:66:0c:fb:c5:fb:67:7b:77:f1:63:e6:cb:2f:28:44:49:
         21:99:4b:9b:ab:10:b8:59:74:2c:ec:c1:81:67:3c:7a:85:3c:
         62:c3:20:1d:76:02:7b:80:cf:bf:77:d2:d0:4b:05:76:c9:02:
         41:dd:f8:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2rTY2IHzhlw9eFxA6ZiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWQxYjUwMzc3ZDdjMDc1YzY0ZDAwOWY0MGEzMGZlNzI5
MDY4N2MwHhcNMjQxMTI2MTkwMjQwWhcNMjQxMTI3MTkwMjQwWjAzMTEwLwYDVQQD
EyhlNDk0ODY3N2UwYjYyNDVmMzE3Mjk1NDJlZTA2YjJmMGFmNTFjNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzTI5lFByxEgKfPAb8/KgYjBHazB
G/IlqC9VqknaST7AeA8PxK7sk0KKf5xu/2t3iTaQ8BtgULtpBsyoV9lyczG12ugF
2EKThHNzorAiC7FQQmQBbsJSBNOv1h/Sj3gbq7Lh1UDl480j5etIR3WaWjU4ZzRX
lmx+gsWYsBEet6E51H1i4JZCpiJnK8V4XQUBKIic7xltxQv37r3ZfMXsmNEYV4E6
mQaYcxK4qqlnir6zxdmcT12LK+XGv8goDI6GXjZFgJMS3e3UqbU10DdZokRtOq0I
F72LWrBNSgUABfNC99UbgGlsphUNrcqaaAnaLU3CvHqBmBio9QtQyNpWiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSUhnfgtiRfMXKVQu4GsvCvUcTMMB8GA1UdIwQY
MBaAFOKtG1A3fXwHXGTQCfQKMP5ykGh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUt
NzNmMWFiNWNhZTk2LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUtNzNmMWFiNWNhZTk2
LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKt/WzLm
u8zkSwFsdMSxlYtoz5BlQc5wVN+1vPpZzyEHergPmaAkdqAOOZ8/JL1WzX86gIkO
0f6uTQ52cbkz9qfdOMEN7IDWxyeBEW78Mu07dYDqby1KnbE4NBmZr0szZWZf2vp3
0fXG1id+oqcTpc3kAjCd4wpdQ0o7Eqzg96Z07/N605TPJ0E/UDc+LzUk/LaHX3c9
LWZrcRdsz2x13kS4RuZphC8G6y1B5/18/GBSXdR8Uhf8t2OH2gD06/7F+/boUsMW
rZZmDPvF+2d7d/Fj5ssvKERJIZlLm6sQuFl0LOzBgWc8eoU8YsMgHXYCe4DPv3fS
0EsFdskCQd34ew==
-----END CERTIFICATE-----