Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
File:                     hPOAUNM24lcAb2jCTNDWRND1oTE.mft (raw, json)
Hash identifier:          2kn3nOurbdVfcV1d3pw9x5pZpaCFmMPmJytlDBDOC6s=
Subject key identifier:   20:77:9E:54:B9:72:58:A3:70:D9:3E:E5:64:22:6A:4E:5C:26:3E:42
Authority key identifier: 84:F3:80:50:D3:36:E2:57:00:6F:68:C2:4C:D0:D6:44:D0:F5:A1:31
Certificate issuer:       /CN=84f38050d336e257006f68c24cd0d644d0f5a131
Certificate serial:       0191FA47C15462DADEE959A82A2091D11E17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
Manifest number:          D5
Signing time:             Mon 16 Sep 2024 10:01:32 +0000
Manifest this update:     Mon 16 Sep 2024 10:01:32 +0000
Manifest next update:     Tue 17 Sep 2024 10:01:32 +0000
Files and hashes:         1: hPOAUNM24lcAb2jCTNDWRND1oTE.crl (hash: 5YkmIqAalCI1kovo8esjwbxp3l/fQLOrwRepwGVDQcs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 10:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:47:c1:54:62:da:de:e9:59:a8:2a:20:91:d1:1e:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f38050d336e257006f68c24cd0d644d0f5a131
        Validity
            Not Before: Sep 16 10:01:32 2024 GMT
            Not After : Sep 17 10:01:32 2024 GMT
        Subject: CN=20779e54b97258a370d93ee564226a4e5c263e42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:38:f8:97:36:a7:54:c4:c1:e9:31:9b:6b:44:
                    21:20:e8:94:b2:ac:de:31:32:23:9f:54:cf:bd:ab:
                    0d:0f:4f:0c:11:8b:bb:9f:18:84:10:ca:79:92:bf:
                    06:c3:f6:d2:18:f1:c7:82:9b:5e:7a:1d:f4:dc:a2:
                    24:d8:dd:42:5e:c0:93:c8:83:ac:ea:24:dd:9a:71:
                    82:ab:18:cd:e9:1f:cd:b1:16:98:aa:9e:6b:45:21:
                    6f:7e:9d:3f:36:a6:d2:61:74:be:5f:49:72:f6:b0:
                    04:eb:d2:21:ec:6b:c7:2c:f5:bb:92:9d:28:30:a3:
                    de:18:93:a4:37:2d:04:7d:27:68:0c:df:c2:8e:5c:
                    8d:f8:fc:ce:9b:00:60:be:d9:a3:03:91:75:cc:7c:
                    d5:a5:f7:38:6b:13:2d:d4:34:41:51:7f:63:85:97:
                    21:8f:80:2a:db:75:fe:01:47:09:ed:a2:ac:26:ce:
                    8a:95:4a:0c:49:ea:d2:31:7a:35:db:25:2a:88:4c:
                    1f:80:54:fd:9c:9e:61:52:93:d2:34:26:9d:35:d6:
                    01:7f:d8:66:ac:c9:cb:00:8c:50:8c:0b:16:5b:95:
                    52:ae:4a:3e:be:b7:39:ea:25:0f:aa:32:b3:c8:06:
                    ef:d6:1e:2c:34:6f:20:86:27:9f:ae:99:ff:d7:27:
                    77:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:77:9E:54:B9:72:58:A3:70:D9:3E:E5:64:22:6A:4E:5C:26:3E:42
            X509v3 Authority Key Identifier:
                keyid:84:F3:80:50:D3:36:E2:57:00:6F:68:C2:4C:D0:D6:44:D0:F5:A1:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:2e:3b:a1:ea:64:b5:ce:ad:ca:dc:c1:48:72:ee:28:17:8b:
         02:33:fd:ec:e0:24:ea:44:33:50:fd:45:d3:15:5c:d7:0b:7e:
         33:9c:58:47:d1:ba:27:6f:d3:04:2a:3e:40:13:f9:7a:82:0b:
         d7:6b:18:16:84:ed:ca:0d:79:57:17:8e:c6:92:ac:b8:c4:60:
         1c:35:30:bf:23:19:40:03:5e:8c:30:02:5b:61:08:c5:68:7c:
         80:71:65:d7:31:16:e2:54:e3:ab:ec:42:36:a1:ad:9f:b7:cb:
         25:e4:38:d2:a2:6e:25:27:b3:e5:6e:59:3e:65:19:0b:b9:23:
         8a:07:8c:f8:c9:17:99:76:9d:db:a7:6b:77:d2:87:7c:ed:45:
         9e:ff:6e:37:fe:37:dd:ec:79:82:af:40:54:23:97:f2:4a:8a:
         ba:1e:6e:95:a5:68:f4:68:e5:a9:80:1b:89:19:c8:7c:1a:b1:
         c3:df:0b:52:18:3c:cf:39:79:6c:33:9d:1e:86:95:67:32:d5:
         ad:04:54:b7:f3:95:27:70:cd:a7:c4:72:dd:9e:50:1b:95:3e:
         af:fa:ed:f5:c2:c4:86:7c:3c:1f:3c:41:26:6d:e0:e1:db:c8:
         58:83:20:11:f6:99:96:69:eb:72:0d:6b:27:95:2f:32:ee:43:
         f1:c3:80:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6R8FUYtre6VmoKiCR0R4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjM4MDUwZDMzNmUyNTcwMDZmNjhjMjRjZDBkNjQ0ZDBm
NWExMzEwHhcNMjQwOTE2MTAwMTMyWhcNMjQwOTE3MTAwMTMyWjAzMTEwLwYDVQQD
EygyMDc3OWU1NGI5NzI1OGEzNzBkOTNlZTU2NDIyNmE0ZTVjMjYzZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jj4lzanVMTB6TGba0QhIOiUsqze
MTIjn1TPvasND08MEYu7nxiEEMp5kr8Gw/bSGPHHgpteeh303KIk2N1CXsCTyIOs
6iTdmnGCqxjN6R/NsRaYqp5rRSFvfp0/NqbSYXS+X0ly9rAE69Ih7GvHLPW7kp0o
MKPeGJOkNy0EfSdoDN/CjlyN+PzOmwBgvtmjA5F1zHzVpfc4axMt1DRBUX9jhZch
j4Aq23X+AUcJ7aKsJs6KlUoMSerSMXo12yUqiEwfgFT9nJ5hUpPSNCadNdYBf9hm
rMnLAIxQjAsWW5VSrko+vrc56iUPqjKzyAbv1h4sNG8ghiefrpn/1yd3rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCB3nlS5clijcNk+5WQiak5cJj5CMB8GA1UdIwQY
MBaAFITzgFDTNuJXAG9owkzQ1kTQ9aExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjg5NzUtNzhiYy00NWM1LTk5MTUt
MjgxNzBjZjkzOWM2LzEvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjg5NzUtNzhiYy00NWM1LTk5MTUtMjgxNzBjZjkzOWM2
LzEvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArS47oepk
tc6tytzBSHLuKBeLAjP97OAk6kQzUP1F0xVc1wt+M5xYR9G6J2/TBCo+QBP5eoIL
12sYFoTtyg15VxeOxpKsuMRgHDUwvyMZQANejDACW2EIxWh8gHFl1zEW4lTjq+xC
NqGtn7fLJeQ40qJuJSez5W5ZPmUZC7kjigeM+MkXmXad26drd9KHfO1Fnv9uN/43
3ex5gq9AVCOX8kqKuh5ulaVo9GjlqYAbiRnIfBqxw98LUhg8zzl5bDOdHoaVZzLV
rQRUt/OVJ3DNp8Ry3Z5QG5U+r/rt9cLEhnw8HzxBJm3g4dvIWIMgEfaZlmnrcg1r
J5UvMu5D8cOAUA==
-----END CERTIFICATE-----