Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File:                     JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier:          /Zzt5UX5moo7QOMrXDLwTqJ31uPzKQSdyofMFhpO1H4=
Subject key identifier:   4D:37:F5:83:EF:CA:4A:16:F2:44:7B:AA:09:27:2B:1E:E0:8A:C1:04
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer:       /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial:       0193568AF9CB6EE24CCF3D595C1E460A58DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number:          065F
Signing time:             Sat 23 Nov 2024 01:02:48 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:48 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:48 +0000
Files and hashes:         1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: sSzAwu1WEv8RkVmgvs8sIw+yh9VcE5q1bkg2H9RKeXU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:f9:cb:6e:e2:4c:cf:3d:59:5c:1e:46:0a:58:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
        Validity
            Not Before: Nov 23 01:02:48 2024 GMT
            Not After : Nov 24 01:02:48 2024 GMT
        Subject: CN=4d37f583efca4a16f2447baa09272b1ee08ac104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:05:4c:4b:02:45:11:ea:fe:ec:37:48:27:
                    45:44:d9:b4:c0:14:29:b8:8f:6e:5b:72:76:ba:95:
                    80:43:73:73:d1:ca:47:ea:fd:c6:38:c3:72:ad:30:
                    56:10:99:ca:78:07:56:58:43:7f:42:9e:4f:c6:9f:
                    a7:b1:0d:da:9e:00:f0:01:42:54:f6:81:71:e4:2b:
                    a9:a0:90:a5:37:77:9b:50:f3:3a:fa:ee:f2:cd:d4:
                    78:be:4d:78:32:35:21:fe:90:17:9e:81:8c:1c:f7:
                    ae:1d:cd:cc:20:2e:fa:f0:0b:01:51:c9:66:8a:75:
                    c1:de:32:4d:44:3a:eb:b1:44:46:8c:ec:6a:65:38:
                    85:de:23:d1:c9:09:77:cd:c0:b1:d2:72:f7:6a:43:
                    be:fe:d0:92:92:c9:00:e3:60:b1:b0:cc:2f:c6:9c:
                    a4:1e:a8:f2:87:52:49:56:ba:03:82:72:5a:de:94:
                    b5:4e:a7:5b:b7:66:6e:e7:1b:fe:71:06:bd:03:9f:
                    60:57:12:ab:7d:bc:bd:82:66:6a:1c:dc:81:5c:09:
                    7b:3d:76:f6:3a:38:52:94:a3:3e:3b:0c:de:3e:4b:
                    c2:4f:f8:b3:32:04:05:49:ec:9d:ca:eb:79:bd:45:
                    f1:a3:b2:5a:4f:59:aa:16:e1:44:6b:e8:ce:f6:54:
                    1e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:37:F5:83:EF:CA:4A:16:F2:44:7B:AA:09:27:2B:1E:E0:8A:C1:04
            X509v3 Authority Key Identifier:
                keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:14:59:b3:ef:ad:e9:dd:ff:f0:cf:e4:93:62:a4:12:f5:69:
         59:5a:b9:72:fc:ad:07:4f:58:b7:71:5e:b5:69:58:06:5e:25:
         c6:a3:79:3b:cc:9a:9c:ff:ab:e5:2e:bb:ec:73:83:a7:82:10:
         ae:84:da:39:07:e4:1b:39:bf:bc:29:86:96:98:b1:a5:fd:37:
         0e:95:27:15:26:7a:ce:9f:05:7a:96:33:ef:91:3d:81:42:d4:
         78:f7:3c:de:96:d1:26:6b:7f:78:c0:ed:7c:da:39:aa:54:7d:
         9e:ab:0a:7b:f9:e5:bb:71:8e:e7:5f:b4:06:23:8d:a7:7a:2f:
         a4:8a:7b:e0:91:cc:44:8d:49:30:fc:2a:eb:62:82:4d:5d:2a:
         92:10:72:4c:bc:6b:5b:b6:51:f2:3b:e8:d7:02:fc:7c:8e:5c:
         22:53:d7:e5:6c:f3:96:83:b8:5d:83:e7:36:73:96:8c:57:7b:
         5f:b8:e4:63:38:b7:6b:40:1b:10:17:31:41:ca:05:b6:96:c8:
         a9:5a:f3:15:a6:56:19:44:a4:91:3b:14:e9:ee:fa:1e:72:f9:
         14:b2:70:b5:f0:f3:f6:1d:6f:68:99:c9:82:47:a0:3b:58:d9:
         09:32:6f:9c:49:6c:b9:0a:64:25:f5:49:39:e8:ab:55:fd:1f:
         79:a2:b4:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWivnLbuJMzz1ZXB5GCljdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjQxMTIzMDEwMjQ4WhcNMjQxMTI0MDEwMjQ4WjAzMTEwLwYDVQQD
Eyg0ZDM3ZjU4M2VmY2E0YTE2ZjI0NDdiYWEwOTI3MmIxZWUwOGFjMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoUFTEsCRRHq/uw3SCdFRNm0wBQp
uI9uW3J2upWAQ3Nz0cpH6v3GOMNyrTBWEJnKeAdWWEN/Qp5Pxp+nsQ3angDwAUJU
9oFx5CupoJClN3ebUPM6+u7yzdR4vk14MjUh/pAXnoGMHPeuHc3MIC768AsBUclm
inXB3jJNRDrrsURGjOxqZTiF3iPRyQl3zcCx0nL3akO+/tCSkskA42CxsMwvxpyk
Hqjyh1JJVroDgnJa3pS1Tqdbt2Zu5xv+cQa9A59gVxKrfby9gmZqHNyBXAl7PXb2
OjhSlKM+OwzePkvCT/izMgQFSeydyut5vUXxo7JaT1mqFuFEa+jO9lQegQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE039YPvykoW8kR7qgknKx7gisEEMB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORRZs++t
6d3/8M/kk2KkEvVpWVq5cvytB09Yt3FetWlYBl4lxqN5O8yanP+r5S677HODp4IQ
roTaOQfkGzm/vCmGlpixpf03DpUnFSZ6zp8FepYz75E9gULUePc83pbRJmt/eMDt
fNo5qlR9nqsKe/nlu3GO51+0BiONp3ovpIp74JHMRI1JMPwq62KCTV0qkhByTLxr
W7ZR8jvo1wL8fI5cIlPX5WzzloO4XYPnNnOWjFd7X7jkYzi3a0AbEBcxQcoFtpbI
qVrzFaZWGUSkkTsU6e76HnL5FLJwtfDz9h1vaJnJgkegO1jZCTJvnElsuQpkJfVJ
OeirVf0feaK0Fg==
-----END CERTIFICATE-----