Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          FxFgJ7N0s4b8EJd7n+4br1J7vm9Z1/S1JQ2k1qZFHQo=
Subject key identifier:   51:66:D4:7E:EA:45:12:80:63:BA:75:EF:69:06:6C:60:D0:6E:C6:D4
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       018F88927773051CBE04A594D68E4B03497C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          0312
Signing time:             Fri 17 May 2024 22:00:51 +0000
Manifest this update:     Fri 17 May 2024 22:00:51 +0000
Manifest next update:     Sat 18 May 2024 22:00:51 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: xol5OFiohVFNUJMEnHG5BeyJLvbw5uDJuNJYRaZ2nrQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:77:73:05:1c:be:04:a5:94:d6:8e:4b:03:49:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: May 17 22:00:51 2024 GMT
            Not After : May 18 22:00:51 2024 GMT
        Subject: CN=5166d47eea45128063ba75ef69066c60d06ec6d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e7:36:c2:b3:e6:ff:25:53:13:15:77:3a:35:
                    b1:11:95:58:25:53:86:bd:76:73:96:6f:dd:f1:72:
                    05:85:b9:b1:62:64:6e:66:ce:ca:72:50:81:bd:fb:
                    a6:eb:62:f2:89:6d:b1:ab:7b:2e:f3:ac:61:d5:32:
                    41:8e:6d:34:d3:57:de:c2:39:c8:be:30:97:a9:33:
                    d1:cd:cb:e8:a8:74:d9:14:08:e8:3d:19:ab:02:31:
                    1a:c9:db:ba:60:03:42:a0:d1:4b:ed:0a:7e:e0:29:
                    e4:9f:c2:f8:9f:ac:f8:50:1e:5c:91:e5:15:09:6f:
                    8a:f1:24:24:5f:4c:0a:53:93:7d:71:fd:8e:92:b4:
                    a7:f7:19:c3:de:9b:20:21:b9:e6:6e:c1:1c:47:42:
                    31:08:2f:48:da:6e:56:f0:ca:1c:f1:fc:1d:80:3a:
                    b6:15:7a:7b:13:e4:eb:b0:c4:86:11:45:1b:a4:a2:
                    58:27:ad:ee:2f:12:8d:bb:ea:a6:c6:fa:78:0e:fc:
                    a3:87:fe:de:39:08:3c:22:92:56:45:27:70:14:a1:
                    b2:5b:a5:d0:c2:a6:99:44:55:ac:06:11:a2:d7:37:
                    3c:06:c9:c1:66:91:7f:d8:61:dd:cf:93:a7:f5:fd:
                    67:97:8c:33:73:f8:22:5e:dd:ba:17:d1:1f:b0:21:
                    ff:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:66:D4:7E:EA:45:12:80:63:BA:75:EF:69:06:6C:60:D0:6E:C6:D4
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:8e:11:c1:40:23:e9:e7:a4:99:a6:da:11:e3:85:18:ae:de:
         d6:d5:44:87:42:81:ba:ee:7e:b6:af:ac:3f:e1:29:f4:8b:62:
         74:0d:b9:17:42:b3:e0:ac:fa:c0:29:a4:56:c6:79:97:1b:04:
         65:ec:f1:e7:60:17:a2:1c:28:aa:71:b7:aa:23:ad:0f:cb:6c:
         6c:d4:0f:30:71:aa:08:80:a5:07:a1:47:4c:dc:72:cf:43:5f:
         57:01:9d:d2:42:bf:ca:47:68:37:a8:70:53:b8:20:17:78:c3:
         13:e4:4c:4b:6d:60:7d:67:99:ee:a5:a7:c6:57:e2:dd:60:96:
         22:d8:89:42:b4:1d:62:38:d8:8d:13:55:84:1f:a8:22:f6:73:
         04:14:12:a5:1f:c6:02:6f:3a:87:ce:d8:67:67:f0:da:14:0a:
         a0:53:a2:dc:85:19:69:d1:3b:24:37:9c:fb:d4:49:e4:46:54:
         6c:cc:3d:65:ac:d3:e4:02:2b:ad:c2:65:f0:68:a8:b8:17:ce:
         a7:4c:9f:f2:1f:45:57:a8:fd:d0:1e:7f:32:c1:29:e2:ff:d4:
         ff:5d:d7:96:13:38:13:36:b9:ea:8e:e1:1a:c2:bb:b7:3e:fb:
         26:af:e5:22:6a:f2:7e:03:d3:d6:69:14:91:18:7d:9c:55:2d:
         4c:21:e5:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IkndzBRy+BKWU1o5LA0l8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjQwNTE3MjIwMDUxWhcNMjQwNTE4MjIwMDUxWjAzMTEwLwYDVQQD
Eyg1MTY2ZDQ3ZWVhNDUxMjgwNjNiYTc1ZWY2OTA2NmM2MGQwNmVjNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+c2wrPm/yVTExV3OjWxEZVYJVOG
vXZzlm/d8XIFhbmxYmRuZs7KclCBvfum62LyiW2xq3su86xh1TJBjm0001fewjnI
vjCXqTPRzcvoqHTZFAjoPRmrAjEaydu6YANCoNFL7Qp+4Cnkn8L4n6z4UB5ckeUV
CW+K8SQkX0wKU5N9cf2OkrSn9xnD3psgIbnmbsEcR0IxCC9I2m5W8Moc8fwdgDq2
FXp7E+TrsMSGEUUbpKJYJ63uLxKNu+qmxvp4Dvyjh/7eOQg8IpJWRSdwFKGyW6XQ
wqaZRFWsBhGi1zc8BsnBZpF/2GHdz5On9f1nl4wzc/giXt26F9EfsCH/vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFFm1H7qRRKAY7p172kGbGDQbsbUMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQY4RwUAj
6eekmabaEeOFGK7e1tVEh0KBuu5+tq+sP+Ep9ItidA25F0Kz4Kz6wCmkVsZ5lxsE
Zezx52AXohwoqnG3qiOtD8tsbNQPMHGqCIClB6FHTNxyz0NfVwGd0kK/ykdoN6hw
U7ggF3jDE+RMS21gfWeZ7qWnxlfi3WCWItiJQrQdYjjYjRNVhB+oIvZzBBQSpR/G
Am86h87YZ2fw2hQKoFOi3IUZadE7JDec+9RJ5EZUbMw9ZazT5AIrrcJl8GiouBfO
p0yf8h9FV6j90B5/MsEp4v/U/13XlhM4Eza56o7hGsK7tz77Jq/lImryfgPT1mkU
kRh9nFUtTCHl3A==
-----END CERTIFICATE-----