Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          8OqkEbwqRtsZi3XYZoRPxRbqyNsBf4bkEEtZG/OAJhI=
Subject key identifier:   D5:C9:85:4D:EA:45:14:10:BD:39:21:6F:AD:89:AB:24:9B:B0:9A:54
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       01906FABEC4EFF05C2E7CB100E0C38973C61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          0299
Signing time:             Mon 01 Jul 2024 19:00:56 +0000
Manifest this update:     Mon 01 Jul 2024 19:00:56 +0000
Manifest next update:     Tue 02 Jul 2024 19:00:56 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: q06zfCnRSG4lK98GbtywxKNn3rdqZuj/vqgIOa5A6ew=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 13:50:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6f:ab:ec:4e:ff:05:c2:e7:cb:10:0e:0c:38:97:3c:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Jul  1 19:00:56 2024 GMT
            Not After : Jul  2 19:00:56 2024 GMT
        Subject: CN=d5c9854dea451410bd39216fad89ab249bb09a54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:91:c0:58:be:51:b6:8a:dc:f4:82:cd:ab:f0:
                    45:a7:1a:5a:48:61:6e:84:bd:c3:09:b2:a1:66:78:
                    55:e2:96:2b:12:8c:b7:34:2a:f8:d3:ce:ac:2c:a5:
                    78:fa:36:78:1d:b7:72:97:c7:40:95:89:0e:ac:1d:
                    9e:47:0f:3a:a0:f1:79:ea:db:6f:a7:10:dd:84:f2:
                    69:fa:58:bf:4f:2d:af:e7:81:37:04:a1:f9:86:63:
                    43:47:1c:03:ad:0c:04:a6:5c:98:64:ba:70:90:23:
                    22:96:af:f5:3c:a4:a7:36:53:22:7a:05:32:5b:68:
                    f6:af:32:9d:2c:d5:9a:ba:d7:c7:db:6b:21:24:1f:
                    ad:e0:05:fd:88:4f:b9:79:f5:3f:97:90:5a:66:7b:
                    e8:19:ea:da:d9:02:ee:73:b6:c5:36:1c:62:ff:f6:
                    11:ea:f5:88:03:e8:30:ee:82:db:cb:2f:47:f9:54:
                    31:ea:d6:25:b3:d9:5d:bf:3b:6d:a6:ba:ba:87:02:
                    32:bf:85:31:d7:83:86:b4:6d:04:b3:cd:49:30:9b:
                    5b:35:db:32:94:73:00:75:81:06:e7:bf:b6:fe:2e:
                    e2:48:95:2c:3f:d5:bc:ae:93:42:32:ea:8f:d7:2f:
                    1d:b4:ee:cf:49:af:b9:4b:a4:1b:a0:44:cc:cb:21:
                    d8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:C9:85:4D:EA:45:14:10:BD:39:21:6F:AD:89:AB:24:9B:B0:9A:54
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:0b:ce:97:f9:f7:71:28:1b:ab:57:58:79:14:70:98:c9:3a:
         45:e9:6c:a5:12:be:b0:d8:69:3b:d8:55:f7:71:d4:d2:8e:2e:
         2b:34:fd:23:6f:ed:37:15:17:ec:bf:88:9a:7b:5f:d7:a1:d1:
         de:f2:ad:52:2c:ee:9b:ab:78:8e:cd:37:ad:40:86:8f:84:6f:
         b7:5f:a7:ec:5e:cb:2f:25:ab:8e:35:d7:9f:f1:aa:56:8b:b1:
         c9:df:34:46:aa:be:89:6f:86:01:13:95:33:5c:79:8d:a8:91:
         56:15:d9:1c:a5:1b:0f:eb:05:69:8b:31:71:2f:74:61:6f:0f:
         b3:84:8b:02:b0:21:66:3d:e7:5a:bb:d5:c3:8a:51:2b:2e:82:
         31:7e:fb:c8:98:e4:dc:92:33:da:7a:9e:14:1f:23:b7:56:75:
         08:f8:d3:09:21:86:58:62:72:30:4c:ef:85:ea:0b:0c:a2:0d:
         e8:9f:21:5c:1b:06:71:c1:75:8b:75:a5:3a:43:b1:b7:5f:89:
         10:0b:f5:95:15:ff:29:ea:30:f2:3c:cc:5f:a0:6b:b1:c8:a5:
         48:8a:49:22:ea:b3:54:1f:23:67:0d:22:02:9a:94:fa:e3:fb:
         39:80:df:4e:75:5d:ee:31:b9:44:bb:82:e3:a8:39:4d:2d:80:
         34:23:82:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBvq+xO/wXC58sQDgw4lzxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjQwNzAxMTkwMDU2WhcNMjQwNzAyMTkwMDU2WjAzMTEwLwYDVQQD
EyhkNWM5ODU0ZGVhNDUxNDEwYmQzOTIxNmZhZDg5YWIyNDliYjA5YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JHAWL5Rtorc9ILNq/BFpxpaSGFu
hL3DCbKhZnhV4pYrEoy3NCr4086sLKV4+jZ4Hbdyl8dAlYkOrB2eRw86oPF56ttv
pxDdhPJp+li/Ty2v54E3BKH5hmNDRxwDrQwEplyYZLpwkCMilq/1PKSnNlMiegUy
W2j2rzKdLNWautfH22shJB+t4AX9iE+5efU/l5BaZnvoGera2QLuc7bFNhxi//YR
6vWIA+gw7oLbyy9H+VQx6tYls9ldvzttprq6hwIyv4Ux14OGtG0Es81JMJtbNdsy
lHMAdYEG57+2/i7iSJUsP9W8rpNCMuqP1y8dtO7PSa+5S6QboETMyyHYnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXJhU3qRRQQvTkhb62JqySbsJpUMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPgvOl/n3
cSgbq1dYeRRwmMk6RelspRK+sNhpO9hV93HU0o4uKzT9I2/tNxUX7L+Imntf16HR
3vKtUizum6t4js03rUCGj4Rvt1+n7F7LLyWrjjXXn/GqVouxyd80Rqq+iW+GAROV
M1x5jaiRVhXZHKUbD+sFaYsxcS90YW8Ps4SLArAhZj3nWrvVw4pRKy6CMX77yJjk
3JIz2nqeFB8jt1Z1CPjTCSGGWGJyMEzvheoLDKIN6J8hXBsGccF1i3WlOkOxt1+J
EAv1lRX/Keow8jzMX6BrscilSIpJIuqzVB8jZw0iApqU+uP7OYDfTnVd7jG5RLuC
46g5TS2ANCOCpQ==
-----END CERTIFICATE-----