Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
File:                     6MSDt1wtsc-f9OlMeg_fDbAADwA.mft (raw, json)
Hash identifier:          lGe2CeHyKL960x2NyXrXFZdEw+2RJONREHoSIFNGApU=
Subject key identifier:   C9:74:09:9B:A8:46:B2:77:09:27:86:DF:AC:03:64:8C:29:7D:15:18
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Certificate issuer:       /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial:       01936A7D8A303F54C2165C23B98F54556C89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
Manifest number:          0EB7
Signing time:             Tue 26 Nov 2024 22:00:32 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:32 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:32 +0000
Files and hashes:         1: 6MSDt1wtsc-f9OlMeg_fDbAADwA.crl (hash: 38CMXtQvwGpraMDScK4I8zja860u6HBx8zTxwacpqRQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:8a:30:3f:54:c2:16:5c:23:b9:8f:54:55:6c:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
        Validity
            Not Before: Nov 26 22:00:32 2024 GMT
            Not After : Nov 27 22:00:32 2024 GMT
        Subject: CN=c974099ba846b277092786dfac03648c297d1518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ed:bf:2c:a6:73:c8:6e:b7:e1:e3:06:d1:f1:
                    8e:12:76:b5:d7:4e:d4:8f:e1:5a:06:ea:87:54:88:
                    b0:89:d6:55:e1:46:f3:c8:06:8b:f7:6a:35:3c:7b:
                    78:ce:74:b7:52:99:6b:92:6f:c9:f9:bf:8e:26:aa:
                    2a:5b:2d:c0:b1:19:16:a2:6f:42:c7:e3:47:ad:bd:
                    4c:a0:71:1a:db:67:f6:46:6c:4c:e4:72:31:eb:ca:
                    23:3b:2e:15:c8:a9:a7:6c:e2:18:96:20:32:6d:32:
                    42:77:84:99:0f:1e:65:aa:f0:94:c9:6f:ed:6e:77:
                    7e:e2:f9:cd:ff:6f:eb:40:14:46:92:93:8a:eb:f2:
                    a7:44:53:23:5a:6f:d3:69:63:2b:84:d5:d9:d9:3c:
                    7f:1b:c9:12:92:15:b5:e9:cb:2c:0a:f3:e2:38:c0:
                    cb:96:17:29:87:f8:fc:d1:0d:ff:a6:13:50:a0:6f:
                    00:eb:de:b5:7c:d0:38:bc:54:d2:43:21:da:e5:8c:
                    e3:b7:20:80:4f:fa:38:7e:75:77:3f:10:70:ab:4e:
                    df:f6:97:3f:74:4d:9a:54:63:75:21:5f:21:52:13:
                    53:94:a2:52:98:9f:d0:08:38:37:c7:53:41:09:36:
                    80:d3:ed:c8:ec:49:f0:4d:d5:c2:6b:ac:e9:ac:17:
                    4b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:74:09:9B:A8:46:B2:77:09:27:86:DF:AC:03:64:8C:29:7D:15:18
            X509v3 Authority Key Identifier:
                keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:f2:5a:ad:fc:6e:8e:ba:b6:b0:9c:bf:1d:9b:c4:75:b6:29:
         42:b4:03:b7:3d:08:b0:a6:80:f6:58:fe:b1:9a:63:04:a8:33:
         40:d9:04:4e:8d:7b:6e:a7:e9:71:dc:14:e3:b3:39:6a:b9:9a:
         cc:df:05:9c:71:8a:97:f3:5b:33:74:f0:80:cb:df:e6:af:5b:
         41:0b:dc:1e:94:a8:5f:84:dd:42:76:a1:34:4f:65:12:a4:ac:
         20:65:e8:b9:7b:73:12:9b:02:f9:06:7b:f1:bf:68:14:07:71:
         0b:b7:68:c7:8d:5b:fa:6b:31:8e:50:6c:c8:a5:bf:95:e0:b8:
         c7:c7:3f:a5:22:3c:8b:62:f2:cd:97:ca:96:08:b6:81:22:28:
         04:07:7a:25:71:60:fe:bc:94:d6:21:0f:40:64:4b:aa:a0:66:
         ec:50:08:99:09:c9:f3:fc:16:a7:aa:18:9b:42:a0:c0:a8:3a:
         c4:3c:b6:a5:9f:f3:90:64:cb:14:23:2c:be:7d:21:a9:cd:a0:
         ad:8f:84:89:6d:47:27:7a:e7:90:8a:0d:30:f6:0a:d5:4e:d2:
         03:bf:03:d6:87:fc:f7:0b:c5:9e:fb:ea:7b:76:4f:76:12:83:
         5b:7b:a5:eb:ec:ee:39:f1:04:24:f6:47:11:86:f0:6a:06:26:
         d3:e8:84:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfYowP1TCFlwjuY9UVWyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzQ4M2I3NWMyZGIxY2Y5ZmY0ZTk0YzdhMGZkZjBkYjAw
MDBmMDAwHhcNMjQxMTI2MjIwMDMyWhcNMjQxMTI3MjIwMDMyWjAzMTEwLwYDVQQD
EyhjOTc0MDk5YmE4NDZiMjc3MDkyNzg2ZGZhYzAzNjQ4YzI5N2QxNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu2/LKZzyG634eMG0fGOEna1107U
j+FaBuqHVIiwidZV4UbzyAaL92o1PHt4znS3Uplrkm/J+b+OJqoqWy3AsRkWom9C
x+NHrb1MoHEa22f2RmxM5HIx68ojOy4VyKmnbOIYliAybTJCd4SZDx5lqvCUyW/t
bnd+4vnN/2/rQBRGkpOK6/KnRFMjWm/TaWMrhNXZ2Tx/G8kSkhW16cssCvPiOMDL
lhcph/j80Q3/phNQoG8A6961fNA4vFTSQyHa5YzjtyCAT/o4fnV3PxBwq07f9pc/
dE2aVGN1IV8hUhNTlKJSmJ/QCDg3x1NBCTaA0+3I7EnwTdXCa6zprBdLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMl0CZuoRrJ3CSeG36wDZIwpfRUYMB8GA1UdIwQY
MBaAFOjEg7dcLbHPn/TpTHoP3w2wAA8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTIt
ZWIzNWJmYTA2NWFkLzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTItZWIzNWJmYTA2NWFk
LzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZfJarfxu
jrq2sJy/HZvEdbYpQrQDtz0IsKaA9lj+sZpjBKgzQNkETo17bqfpcdwU47M5arma
zN8FnHGKl/NbM3TwgMvf5q9bQQvcHpSoX4TdQnahNE9lEqSsIGXouXtzEpsC+QZ7
8b9oFAdxC7dox41b+msxjlBsyKW/leC4x8c/pSI8i2LyzZfKlgi2gSIoBAd6JXFg
/ryU1iEPQGRLqqBm7FAImQnJ8/wWp6oYm0KgwKg6xDy2pZ/zkGTLFCMsvn0hqc2g
rY+EiW1HJ3rnkIoNMPYK1U7SA78D1of89wvFnvvqe3ZPdhKDW3ul6+zuOfEEJPZH
EYbwagYm0+iEqw==
-----END CERTIFICATE-----