Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
File:                     9XGHM6rUPvapm9jZUEog3YkCLo8.mft (raw, json)
Hash identifier:          Scr6zh+UhW5HwVDmOhOLAws67t4H/h1pdc+/1ZLT2wY=
Subject key identifier:   0C:A4:B2:6D:75:48:FD:0A:83:12:F6:D4:84:D2:10:A5:8C:DE:2F:68
Authority key identifier: F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F
Certificate issuer:       /CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
Certificate serial:       019357D2B64F2229327AE168FFDEECF17DCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
Manifest number:          1071
Signing time:             Sat 23 Nov 2024 07:00:47 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:47 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:47 +0000
Files and hashes:         1: 9XGHM6rUPvapm9jZUEog3YkCLo8.crl (hash: lGbT4rflWluHa4EZwg4sIXhMuFUEOji+tpz9DJk3E3M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 00:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:b6:4f:22:29:32:7a:e1:68:ff:de:ec:f1:7d:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
        Validity
            Not Before: Nov 23 07:00:47 2024 GMT
            Not After : Nov 24 07:00:47 2024 GMT
        Subject: CN=0ca4b26d7548fd0a8312f6d484d210a58cde2f68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1a:28:ed:e7:13:33:a2:2c:48:0c:cd:a5:53:
                    25:97:99:20:0d:35:8e:d2:49:7b:65:34:a9:9f:4a:
                    16:37:dc:5a:c0:4d:8a:71:c6:21:a2:a9:81:0d:63:
                    eb:8c:28:d4:86:3c:91:e6:fd:be:f7:c0:3c:cf:f5:
                    85:01:3c:04:08:b6:68:95:99:7f:46:84:ff:39:d3:
                    c7:e2:2e:f1:ce:2f:db:4b:6e:f3:ae:10:ea:7d:f2:
                    0d:03:e1:b0:6f:23:9a:55:b8:e0:b7:f1:da:b6:e7:
                    22:36:81:c0:0c:d9:7b:f1:36:57:21:80:d6:09:fc:
                    3e:ff:df:85:81:21:32:46:08:1c:3d:1c:a1:8b:e0:
                    2e:72:f0:ed:2a:bc:f0:48:85:78:95:9a:cf:ae:8f:
                    c0:6d:12:ed:be:5d:67:38:b9:30:ae:96:2f:e6:2c:
                    fd:89:eb:c5:d6:4a:d6:85:78:27:e0:b0:c3:dd:dc:
                    e0:0b:1d:6e:23:06:18:ac:ac:97:75:e1:3c:34:b5:
                    3f:09:5f:97:63:65:8a:f3:fa:86:1e:44:fe:0a:f3:
                    63:65:87:1a:e7:ae:21:7f:a0:cf:22:b9:7f:08:b3:
                    1e:12:85:f2:79:53:09:8c:30:fd:17:09:de:6b:ae:
                    83:01:8a:30:57:d5:4c:f0:2e:f1:66:f4:5f:84:4e:
                    8a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:A4:B2:6D:75:48:FD:0A:83:12:F6:D4:84:D2:10:A5:8C:DE:2F:68
            X509v3 Authority Key Identifier:
                keyid:F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:0b:98:d0:7f:df:a0:ae:7f:ae:e5:f0:23:8d:30:a2:a4:8d:
         4a:cd:c6:ed:84:ed:9f:65:05:70:be:dc:5f:d2:d5:c9:4e:3b:
         57:90:d8:e0:68:35:51:e9:e4:10:c0:6f:11:a9:53:c9:70:46:
         fb:c7:d4:01:4f:9b:c4:77:64:da:a1:11:d6:47:29:ae:ae:de:
         89:11:e2:0d:0d:f2:cd:1c:59:07:8a:36:d9:cd:58:20:9d:7f:
         43:73:1c:6b:b6:3a:b5:ed:8c:79:f2:d4:9f:df:77:87:f6:d4:
         00:14:c8:cf:e8:fc:c1:9e:98:f9:10:1a:1e:b2:e1:ce:8c:46:
         e6:6d:61:31:e4:d9:3c:ec:a1:3f:08:53:ed:db:a9:47:dd:fb:
         5e:d5:b4:3f:ff:41:dc:b9:cc:bc:14:e6:e7:5a:45:c9:0c:23:
         39:4f:ff:b2:08:3e:f0:57:28:1e:25:9c:f6:c6:dd:f3:e3:55:
         40:a8:78:ea:91:bb:62:ad:2c:8b:a0:2e:8a:b8:d8:d7:38:73:
         9e:0d:70:4a:36:22:7a:90:31:ea:f0:d9:25:d6:3c:fa:08:6e:
         29:84:fe:63:0c:75:b2:b0:0b:3e:f3:45:28:a7:c1:da:b8:51:
         9a:ec:32:c0:e4:a8:82:07:ea:ac:32:c8:66:8e:6e:52:99:f9:
         04:c6:f3:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0rZPIikyeuFo/97s8X3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzE4NzMzYWFkNDNlZjZhOTliZDhkOTUwNGEyMGRkODkw
MjJlOGYwHhcNMjQxMTIzMDcwMDQ3WhcNMjQxMTI0MDcwMDQ3WjAzMTEwLwYDVQQD
EygwY2E0YjI2ZDc1NDhmZDBhODMxMmY2ZDQ4NGQyMTBhNThjZGUyZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBoo7ecTM6IsSAzNpVMll5kgDTWO
0kl7ZTSpn0oWN9xawE2KccYhoqmBDWPrjCjUhjyR5v2+98A8z/WFATwECLZolZl/
RoT/OdPH4i7xzi/bS27zrhDqffINA+GwbyOaVbjgt/HatuciNoHADNl78TZXIYDW
Cfw+/9+FgSEyRggcPRyhi+AucvDtKrzwSIV4lZrPro/AbRLtvl1nOLkwrpYv5iz9
ievF1krWhXgn4LDD3dzgCx1uIwYYrKyXdeE8NLU/CV+XY2WK8/qGHkT+CvNjZYca
564hf6DPIrl/CLMeEoXyeVMJjDD9Fwnea66DAYowV9VM8C7xZvRfhE6K8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyksm11SP0KgxL21ITSEKWM3i9oMB8GA1UdIwQY
MBaAFPVxhzOq1D72qZvY2VBKIN2JAi6PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5Yzgt
ZDcyNWZhNjczMmI2LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5YzgtZDcyNWZhNjczMmI2
LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZAuY0H/f
oK5/ruXwI40woqSNSs3G7YTtn2UFcL7cX9LVyU47V5DY4Gg1UenkEMBvEalTyXBG
+8fUAU+bxHdk2qER1kcprq7eiRHiDQ3yzRxZB4o22c1YIJ1/Q3Mca7Y6te2MefLU
n993h/bUABTIz+j8wZ6Y+RAaHrLhzoxG5m1hMeTZPOyhPwhT7dupR937XtW0P/9B
3LnMvBTm51pFyQwjOU//sgg+8FcoHiWc9sbd8+NVQKh46pG7Yq0si6AuirjY1zhz
ng1wSjYiepAx6vDZJdY8+ghuKYT+Ywx1srALPvNFKKfB2rhRmuwywOSoggfqrDLI
Zo5uUpn5BMbzGQ==
-----END CERTIFICATE-----