Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          1N1BE/1c0qVejA4+aOWg5rKWSz3nesCuz7gzWxOL3wQ=
Subject key identifier:   2C:A6:DF:68:97:AB:43:C2:3F:8E:EA:6E:FE:56:EA:2D:8C:F5:73:C4
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       01938C9B9D522B4B6C1B96BA9A7C787B26A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          0BA5
Signing time:             Tue 03 Dec 2024 13:00:28 +0000
Manifest this update:     Tue 03 Dec 2024 13:00:28 +0000
Manifest next update:     Wed 04 Dec 2024 13:00:28 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: q4YqGUwzn8wGOUlzTT+/nNqgWDHChIw+dFeG9u0VgZE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 13:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:8c:9b:9d:52:2b:4b:6c:1b:96:ba:9a:7c:78:7b:26:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Dec  3 13:00:28 2024 GMT
            Not After : Dec  4 13:00:28 2024 GMT
        Subject: CN=2ca6df6897ab43c23f8eea6efe56ea2d8cf573c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:91:6f:7f:45:da:98:01:aa:8d:b5:53:26:50:
                    3e:c7:6a:73:63:8f:cf:d4:f3:12:ec:db:57:c4:4c:
                    e9:a0:3d:76:d3:5a:91:00:ae:ac:bf:5e:4e:1c:97:
                    72:35:9b:18:de:8b:ee:54:e8:49:c8:c8:87:32:6d:
                    77:9c:2f:da:a7:aa:0d:5b:4a:b6:69:37:e8:22:52:
                    10:3a:05:df:22:9f:b1:c1:10:e8:c0:02:f9:a2:47:
                    37:07:50:aa:95:09:b1:72:4b:25:ff:06:34:70:34:
                    4e:54:31:9c:ed:d3:1c:14:1e:60:10:18:3f:da:31:
                    8d:d2:fd:b4:61:0b:1f:65:f2:af:94:a2:7e:ab:63:
                    ad:3c:e2:03:32:c6:1d:fe:37:c7:b1:fb:bc:20:6b:
                    c5:bc:86:44:65:ca:48:18:64:30:46:12:29:ad:7a:
                    cd:da:da:fa:93:98:c6:d3:fa:81:60:3d:7a:7c:40:
                    e2:94:7b:61:0f:59:e7:86:0c:5b:9b:80:42:74:1b:
                    bb:f5:51:fc:90:5c:ef:bb:af:47:47:a0:be:ff:a6:
                    24:cc:e7:c3:51:77:c8:af:6e:39:a1:77:82:37:e1:
                    b1:ba:0a:94:6f:61:8a:25:3e:d6:89:d0:3d:79:38:
                    9b:1d:38:65:13:47:2c:bc:d8:84:d2:4c:a0:86:2b:
                    aa:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:A6:DF:68:97:AB:43:C2:3F:8E:EA:6E:FE:56:EA:2D:8C:F5:73:C4
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:e9:05:e8:64:02:eb:78:1b:b2:1f:58:a9:dc:1a:70:da:fb:
         0a:ef:d8:d9:47:04:d5:61:e4:10:10:34:5c:77:df:fd:79:2f:
         77:39:25:2b:2d:0a:83:8e:d4:39:d3:7a:b2:93:ba:38:15:16:
         ba:88:58:8b:1d:95:f5:05:bd:09:b2:55:d9:95:d2:14:f3:15:
         d9:2f:5c:39:38:79:02:4c:ae:0f:0b:81:9f:cd:bf:c5:3a:29:
         69:40:10:32:ef:9b:f7:0e:d2:2f:52:38:3b:1f:4d:4d:4f:ce:
         d0:c4:21:f1:f4:90:ae:7b:9e:1b:99:14:65:7b:a9:88:aa:87:
         db:7f:8b:c8:80:20:f8:2e:2f:09:06:5e:64:32:e9:7e:f4:b4:
         1f:97:30:63:73:27:3e:f7:54:3d:f3:4b:a0:29:2b:99:ee:4b:
         b5:96:a3:40:2d:62:4b:2b:43:79:c0:a1:77:e6:d3:b3:8e:ef:
         79:73:23:e2:2c:6c:01:d4:0e:15:dc:09:ee:5a:7c:fa:7e:91:
         0d:30:d2:a5:54:a2:57:df:9f:48:98:de:b6:21:79:67:cf:1c:
         45:aa:82:f5:b3:f3:be:a6:ea:89:ac:20:93:78:f4:4c:17:6b:
         28:30:bf:6b:46:66:10:92:66:bf:2d:29:d2:60:e6:a2:50:9a:
         48:51:25:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZOMm51SK0tsG5a6mnx4eyanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjQxMjAzMTMwMDI4WhcNMjQxMjA0MTMwMDI4WjAzMTEwLwYDVQQD
EygyY2E2ZGY2ODk3YWI0M2MyM2Y4ZWVhNmVmZTU2ZWEyZDhjZjU3M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5Fvf0XamAGqjbVTJlA+x2pzY4/P
1PMS7NtXxEzpoD1201qRAK6sv15OHJdyNZsY3ovuVOhJyMiHMm13nC/ap6oNW0q2
aTfoIlIQOgXfIp+xwRDowAL5okc3B1CqlQmxcksl/wY0cDROVDGc7dMcFB5gEBg/
2jGN0v20YQsfZfKvlKJ+q2OtPOIDMsYd/jfHsfu8IGvFvIZEZcpIGGQwRhIprXrN
2tr6k5jG0/qBYD16fEDilHthD1nnhgxbm4BCdBu79VH8kFzvu69HR6C+/6YkzOfD
UXfIr245oXeCN+GxugqUb2GKJT7WidA9eTibHThlE0csvNiE0kyghiuq7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCym32iXq0PCP47qbv5W6i2M9XPEMB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOukF6GQC
63gbsh9YqdwacNr7Cu/Y2UcE1WHkEBA0XHff/XkvdzklKy0Kg47UOdN6spO6OBUW
uohYix2V9QW9CbJV2ZXSFPMV2S9cOTh5AkyuDwuBn82/xTopaUAQMu+b9w7SL1I4
Ox9NTU/O0MQh8fSQrnueG5kUZXupiKqH23+LyIAg+C4vCQZeZDLpfvS0H5cwY3Mn
PvdUPfNLoCkrme5LtZajQC1iSytDecChd+bTs47veXMj4ixsAdQOFdwJ7lp8+n6R
DTDSpVSiV9+fSJjetiF5Z88cRaqC9bPzvqbqiawgk3j0TBdrKDC/a0ZmEJJmvy0p
0mDmolCaSFElHg==
-----END CERTIFICATE-----