Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          P3tyxwnB1aEwjSPL/R3+x7IVlsQpw6k22AgmeCVGrE4=
Subject key identifier:   D7:0D:50:F6:4E:73:34:3D:97:4D:EE:90:6F:0A:B5:1A:5B:DD:0E:CB
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       01938B52492B166CC91633E37E8E939E160E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          0546
Signing time:             Tue 03 Dec 2024 07:00:45 +0000
Manifest this update:     Tue 03 Dec 2024 07:00:45 +0000
Manifest next update:     Wed 04 Dec 2024 07:00:45 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: jWXqyz8s/MXntw7lXrkMga9xswJwKcCe1RZ+Xhbgwdo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 07:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:8b:52:49:2b:16:6c:c9:16:33:e3:7e:8e:93:9e:16:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Dec  3 07:00:45 2024 GMT
            Not After : Dec  4 07:00:45 2024 GMT
        Subject: CN=d70d50f64e73343d974dee906f0ab51a5bdd0ecb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:53:e5:09:8c:90:5a:db:06:bc:03:ed:db:22:
                    dd:5a:e9:2f:20:d8:31:54:e6:f6:db:aa:86:61:6b:
                    72:97:e4:75:45:b1:a6:29:40:fb:83:b6:f7:59:63:
                    be:43:b8:73:ec:85:21:c4:c1:ed:8c:e5:7b:69:e9:
                    71:80:74:58:04:92:9f:56:1f:37:cb:90:ad:92:95:
                    c0:0c:fb:6e:a1:a0:aa:c6:80:74:ad:c5:36:8f:c3:
                    99:69:16:ea:c4:24:39:e7:90:04:ed:3b:9c:f7:b6:
                    60:cf:4a:96:8b:1b:bd:31:fd:d3:3f:d1:5a:5d:e7:
                    c0:8a:ee:8a:a2:1c:57:88:bf:db:75:00:c5:30:09:
                    7e:f1:ad:8e:45:fa:62:70:0b:f5:b7:03:76:a4:b3:
                    57:34:5a:21:b4:60:2e:1f:fb:c7:38:50:70:26:dc:
                    ca:3a:b0:70:27:5d:7b:d2:d6:12:37:45:f4:5f:aa:
                    4d:bf:29:84:c9:dd:78:bb:cb:64:d7:95:a8:22:95:
                    76:86:f7:c8:b3:00:6c:32:0a:91:a2:9a:42:dd:fb:
                    ad:ec:c0:13:1b:c5:56:c6:c9:06:7a:6e:5a:e3:96:
                    c6:cb:bf:d9:0c:0f:16:60:3e:39:06:58:e5:f9:90:
                    d3:79:99:35:03:79:7b:64:41:af:08:d7:d2:a2:a2:
                    b3:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:0D:50:F6:4E:73:34:3D:97:4D:EE:90:6F:0A:B5:1A:5B:DD:0E:CB
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:b4:f0:a9:2d:c1:ea:78:3e:61:70:40:8d:da:59:03:aa:2f:
         d2:d5:f1:30:da:cd:d7:42:d7:0c:e1:ba:df:2e:ee:90:59:9a:
         4e:a2:d0:d6:1d:64:25:36:76:d1:ab:0b:c5:b6:ab:28:0f:99:
         8a:62:dc:fd:3e:d4:36:2f:2f:a2:9e:32:b1:e6:b7:9a:c1:5c:
         13:cf:26:f1:18:8a:d0:33:bc:e6:3d:37:7a:c8:9a:83:73:77:
         c5:19:fc:60:66:65:ff:e0:60:24:36:ce:38:be:74:77:f0:f1:
         60:98:c6:ca:95:1f:7f:8b:6a:1a:47:bf:37:0d:6d:77:ab:a7:
         20:51:d8:32:87:c4:78:ae:86:4d:47:45:bf:2a:c3:5d:8f:b4:
         ea:ad:ec:27:fb:8d:36:e4:16:77:b7:a1:0c:e6:c4:bf:74:74:
         3e:54:8f:e5:0b:73:b1:e9:21:70:90:bb:ec:64:12:a4:dd:fb:
         26:ef:a9:17:1d:88:be:9b:f5:9a:49:ed:d2:e7:67:ef:a9:4a:
         09:f7:c4:79:fd:22:8e:b4:8d:dc:67:24:36:0b:ae:99:42:14:
         34:6a:09:22:d2:82:cd:ec:ad:5f:ef:6d:95:40:e1:fd:47:57:
         c9:cb:86:d5:25:a7:7e:e0:97:e8:7e:9c:92:db:4c:06:6e:93:
         22:5b:5f:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZOLUkkrFmzJFjPjfo6TnhYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjQxMjAzMDcwMDQ1WhcNMjQxMjA0MDcwMDQ1WjAzMTEwLwYDVQQD
EyhkNzBkNTBmNjRlNzMzNDNkOTc0ZGVlOTA2ZjBhYjUxYTViZGQwZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVPlCYyQWtsGvAPt2yLdWukvINgx
VOb226qGYWtyl+R1RbGmKUD7g7b3WWO+Q7hz7IUhxMHtjOV7aelxgHRYBJKfVh83
y5CtkpXADPtuoaCqxoB0rcU2j8OZaRbqxCQ555AE7Tuc97Zgz0qWixu9Mf3TP9Fa
XefAiu6KohxXiL/bdQDFMAl+8a2ORfpicAv1twN2pLNXNFohtGAuH/vHOFBwJtzK
OrBwJ1170tYSN0X0X6pNvymEyd14u8tk15WoIpV2hvfIswBsMgqRoppC3fut7MAT
G8VWxskGem5a45bGy7/ZDA8WYD45Bljl+ZDTeZk1A3l7ZEGvCNfSoqKzPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcNUPZOczQ9l03ukG8KtRpb3Q7LMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7TwqS3B
6ng+YXBAjdpZA6ov0tXxMNrN10LXDOG63y7ukFmaTqLQ1h1kJTZ20asLxbarKA+Z
imLc/T7UNi8vop4ysea3msFcE88m8RiK0DO85j03esiag3N3xRn8YGZl/+BgJDbO
OL50d/DxYJjGypUff4tqGke/Nw1td6unIFHYMofEeK6GTUdFvyrDXY+06q3sJ/uN
NuQWd7ehDObEv3R0PlSP5QtzsekhcJC77GQSpN37Ju+pFx2Ivpv1mknt0udn76lK
CffEef0ijrSN3GckNguumUIUNGoJItKCzeytX+9tlUDh/UdXycuG1SWnfuCX6H6c
kttMBm6TIltfWQ==
-----END CERTIFICATE-----