Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          CAF8QMoSJVviVPvnz4vvnbZLMe/ShIYMe2S9ngGEeE4=
Subject key identifier:   12:1F:62:FA:01:E7:8E:65:30:9A:38:24:BD:D3:C9:E7:0A:05:3F:8F
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       0193568A0B8EBC361A8F130128813E73501C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          136F
Signing time:             Sat 23 Nov 2024 01:01:47 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:47 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:47 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: +Z2FgLhWX932cW/0NHprFVxAAsvuwCobqNZt9xYOZoU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:0b:8e:bc:36:1a:8f:13:01:28:81:3e:73:50:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Nov 23 01:01:47 2024 GMT
            Not After : Nov 24 01:01:47 2024 GMT
        Subject: CN=121f62fa01e78e65309a3824bdd3c9e70a053f8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:19:c1:fa:70:6f:92:a2:5d:fe:8d:3f:f4:2e:
                    64:80:78:d7:a8:1c:6d:58:f3:2c:09:fe:f9:83:1b:
                    af:5a:4b:42:82:05:ef:bd:f3:cb:88:89:8c:0b:78:
                    5e:0f:b3:0b:cb:eb:8c:23:5b:8c:f2:6b:b1:47:ae:
                    72:8d:c2:86:90:c4:75:b9:3f:5a:9e:14:0a:42:fb:
                    37:fe:40:5a:67:a8:ce:32:ca:0f:42:d6:5f:fc:24:
                    2a:37:b8:79:69:73:f4:a7:b1:ba:a2:bd:35:f1:70:
                    d3:f1:2e:95:e9:dd:e8:ef:71:8e:26:3d:9a:cc:3d:
                    49:d8:fe:b9:71:10:a7:51:9b:12:1a:3b:2a:58:2d:
                    c9:7e:d8:ef:fd:aa:ef:00:e3:75:b0:ff:28:f6:02:
                    b6:46:71:2e:a4:d2:65:fa:2b:68:b2:7a:10:72:13:
                    31:40:91:6b:ec:d6:67:a6:32:5f:5e:c9:b0:05:9e:
                    43:4e:3c:1a:ea:a4:dd:72:c3:a1:ea:1b:4f:8a:7c:
                    a4:77:ee:6b:fe:11:5e:5e:ad:c0:33:3d:b7:f2:13:
                    f1:e1:6d:af:d6:42:f8:a9:b8:fe:89:f8:3c:b3:04:
                    2c:9e:de:16:33:35:c1:6c:c1:08:7a:e3:9a:a9:09:
                    e7:d4:e6:ac:cf:4d:f5:0a:47:75:85:4e:24:d6:b4:
                    08:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1F:62:FA:01:E7:8E:65:30:9A:38:24:BD:D3:C9:E7:0A:05:3F:8F
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:a1:6a:03:98:d6:99:f3:a5:80:6f:41:b4:a6:65:9a:20:54:
         f0:d1:28:fb:a0:be:ea:42:d5:e9:44:21:df:c4:c7:fc:40:1e:
         d0:cc:62:96:36:87:3e:3e:84:26:27:74:43:7d:94:b3:a8:53:
         bc:be:ff:c5:d0:51:7a:9e:e9:20:35:14:7c:5d:f6:b8:b3:57:
         3d:6d:84:1b:f2:59:a6:35:49:8d:1d:51:e6:d2:a0:49:92:9a:
         67:0f:d2:ca:36:61:94:78:74:2c:ef:1a:bf:16:c8:93:0d:d2:
         43:75:ab:0f:a3:f2:d6:42:c6:b4:52:f2:17:c1:31:74:3e:63:
         36:1a:95:cf:08:05:48:09:db:20:09:73:b8:88:f6:1d:1f:ce:
         89:0d:79:f8:f4:1c:0b:81:5f:c2:76:fd:94:e0:b8:2f:c0:4a:
         63:f4:f0:bd:d9:77:85:b6:9b:c0:43:50:d6:15:6f:a6:3c:ed:
         70:0f:7e:d7:cc:a8:a7:34:a3:d2:57:46:36:c7:2a:59:95:e6:
         5d:2d:5a:cc:a3:30:c2:61:5c:50:4e:6a:34:1b:32:ed:2f:7d:
         b0:41:2c:c0:af:a3:d5:09:1a:35:3a:2c:29:1a:1e:7b:da:f6:
         83:9a:87:c6:27:80:3a:41:ca:3a:a6:4c:34:42:ae:f7:d9:5f:
         7a:d3:25:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiguOvDYajxMBKIE+c1AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjQxMTIzMDEwMTQ3WhcNMjQxMTI0MDEwMTQ3WjAzMTEwLwYDVQQD
EygxMjFmNjJmYTAxZTc4ZTY1MzA5YTM4MjRiZGQzYzllNzBhMDUzZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhnB+nBvkqJd/o0/9C5kgHjXqBxt
WPMsCf75gxuvWktCggXvvfPLiImMC3heD7MLy+uMI1uM8muxR65yjcKGkMR1uT9a
nhQKQvs3/kBaZ6jOMsoPQtZf/CQqN7h5aXP0p7G6or018XDT8S6V6d3o73GOJj2a
zD1J2P65cRCnUZsSGjsqWC3Jftjv/arvAON1sP8o9gK2RnEupNJl+itosnoQchMx
QJFr7NZnpjJfXsmwBZ5DTjwa6qTdcsOh6htPinykd+5r/hFeXq3AMz238hPx4W2v
1kL4qbj+ifg8swQsnt4WMzXBbMEIeuOaqQnn1Oasz031Ckd1hU4k1rQI3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIfYvoB545lMJo4JL3TyecKBT+PMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqFqA5jW
mfOlgG9BtKZlmiBU8NEo+6C+6kLV6UQh38TH/EAe0MxiljaHPj6EJid0Q32Us6hT
vL7/xdBRep7pIDUUfF32uLNXPW2EG/JZpjVJjR1R5tKgSZKaZw/SyjZhlHh0LO8a
vxbIkw3SQ3WrD6Py1kLGtFLyF8ExdD5jNhqVzwgFSAnbIAlzuIj2HR/OiQ15+PQc
C4Ffwnb9lOC4L8BKY/Twvdl3hbabwENQ1hVvpjztcA9+18yopzSj0ldGNscqWZXm
XS1azKMwwmFcUE5qNBsy7S99sEEswK+j1QkaNTosKRoee9r2g5qHxieAOkHKOqZM
NEKu99lfetMlYA==
-----END CERTIFICATE-----