Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          InL1lIw1ScjMKazhx42B4JPuowO+iO5maBUzz4Lq18s=
Subject key identifier:   39:A4:2F:C0:70:94:D3:CC:E1:C4:8F:ED:F5:25:49:4A:33:47:C0:6E
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       0193572DDD7E20039A107A73458972A87EF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1183
Signing time:             Sat 23 Nov 2024 04:00:43 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:43 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:43 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: RfmmF9YHCzbzCwLObNGQnFcUPlk1wwpBjzExHQ4NXjE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:dd:7e:20:03:9a:10:7a:73:45:89:72:a8:7e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Nov 23 04:00:43 2024 GMT
            Not After : Nov 24 04:00:43 2024 GMT
        Subject: CN=39a42fc07094d3cce1c48fedf525494a3347c06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:79:a5:4e:02:fe:bb:a6:c6:22:97:39:26:0e:
                    6c:c5:99:19:e1:72:49:26:fc:50:db:28:7f:97:5d:
                    8b:95:b5:38:dd:81:b1:10:f2:4f:44:89:f1:40:94:
                    f9:fb:c8:32:e5:35:85:f5:23:f4:95:35:6c:ff:e5:
                    10:cf:3f:97:5b:be:6c:08:f7:49:a3:bc:2a:82:c6:
                    ed:42:45:38:c2:6b:d4:ce:4e:05:ba:07:49:ff:47:
                    e1:71:2b:29:65:11:d8:05:a6:41:c0:77:08:f7:7b:
                    38:a5:8d:c8:3c:b9:2e:c0:2a:1b:c3:80:78:b3:09:
                    dc:41:76:dd:d2:20:d1:9c:b8:70:30:cc:af:91:71:
                    91:91:18:32:e9:69:05:da:98:fb:d4:9a:4b:48:c3:
                    4d:2d:92:30:a8:37:f6:dc:ac:d8:74:b4:68:63:62:
                    53:42:b3:f5:90:e8:3c:77:f4:6e:f2:88:e3:22:15:
                    9d:ce:82:cb:1d:c4:48:33:0f:d9:55:26:de:60:fe:
                    d8:18:5d:c7:ac:62:5b:1e:f0:08:f7:ef:86:1b:ba:
                    96:dc:1a:98:e8:9e:fb:1f:09:ba:c7:49:6a:33:ce:
                    05:e9:d1:3c:0d:0e:53:7a:09:1f:d9:38:27:9b:05:
                    43:15:97:10:67:94:cf:e5:db:23:f3:69:fe:d1:a0:
                    88:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:A4:2F:C0:70:94:D3:CC:E1:C4:8F:ED:F5:25:49:4A:33:47:C0:6E
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:5a:9e:c0:fc:83:45:8a:1d:46:1f:39:bc:db:8a:67:ed:38:
         00:fd:e6:11:8b:cd:1d:9b:65:d4:30:72:c4:be:5a:65:ff:e8:
         f9:4e:1b:f7:40:9c:da:e7:1b:a4:57:2e:21:43:7d:6b:bd:c5:
         13:8f:63:15:5b:38:51:05:93:d2:59:a8:9f:9f:15:4d:49:2e:
         a1:f0:35:22:27:32:a1:f7:0c:03:e1:bf:4c:d5:24:5d:ae:d5:
         dd:56:44:0e:b2:06:97:85:d5:08:65:b4:cf:e4:64:7f:32:71:
         4c:4c:ae:84:7e:4f:82:23:43:47:c2:0a:bd:3e:b2:ca:30:c7:
         e7:a9:05:a6:bb:84:5b:4b:7c:b2:97:97:1e:8c:48:40:3a:ac:
         11:64:48:40:74:80:dc:b4:82:11:a7:88:d1:b1:43:cf:69:69:
         eb:0b:b7:1c:2b:99:bd:20:4f:c8:0f:c4:94:5b:b0:ce:e7:ab:
         9d:55:df:26:1e:25:98:53:24:d0:e9:b7:d9:32:d0:8e:f6:83:
         54:d0:15:51:26:15:c7:e8:96:44:69:10:0c:25:d3:b4:6a:0e:
         fb:4b:8f:a7:e2:59:df:22:9d:d0:f9:b7:97:95:34:ad:35:66:
         1c:38:92:67:cd:ab:24:92:cd:20:b3:05:0f:c8:af:64:6b:95:
         7a:79:c3:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLd1+IAOaEHpzRYlyqH75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjQxMTIzMDQwMDQzWhcNMjQxMTI0MDQwMDQzWjAzMTEwLwYDVQQD
EygzOWE0MmZjMDcwOTRkM2NjZTFjNDhmZWRmNTI1NDk0YTMzNDdjMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXmlTgL+u6bGIpc5Jg5sxZkZ4XJJ
JvxQ2yh/l12LlbU43YGxEPJPRInxQJT5+8gy5TWF9SP0lTVs/+UQzz+XW75sCPdJ
o7wqgsbtQkU4wmvUzk4FugdJ/0fhcSspZRHYBaZBwHcI93s4pY3IPLkuwCobw4B4
swncQXbd0iDRnLhwMMyvkXGRkRgy6WkF2pj71JpLSMNNLZIwqDf23KzYdLRoY2JT
QrP1kOg8d/Ru8ojjIhWdzoLLHcRIMw/ZVSbeYP7YGF3HrGJbHvAI9++GG7qW3BqY
6J77Hwm6x0lqM84F6dE8DQ5Tegkf2TgnmwVDFZcQZ5TP5dsj82n+0aCI0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmkL8BwlNPM4cSP7fUlSUozR8BuMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFqewPyD
RYodRh85vNuKZ+04AP3mEYvNHZtl1DByxL5aZf/o+U4b90Cc2ucbpFcuIUN9a73F
E49jFVs4UQWT0lmon58VTUkuofA1IicyofcMA+G/TNUkXa7V3VZEDrIGl4XVCGW0
z+RkfzJxTEyuhH5PgiNDR8IKvT6yyjDH56kFpruEW0t8speXHoxIQDqsEWRIQHSA
3LSCEaeI0bFDz2lp6wu3HCuZvSBPyA/ElFuwzuernVXfJh4lmFMk0Om32TLQjvaD
VNAVUSYVx+iWRGkQDCXTtGoO+0uPp+JZ3yKd0Pm3l5U0rTVmHDiSZ82rJJLNILMF
D8ivZGuVennDJA==
-----END CERTIFICATE-----