Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          2otJMFj3Wej+fkAmNKPFVM5eBW6YqY6cJ+rdG92wF6w=
Subject key identifier:   77:C0:B3:87:C7:3A:71:D2:A5:BD:AD:6C:46:53:A0:E8:79:DB:C4:B5
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       019073885E39FA4280F37F5D4746C0EB21F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1004
Signing time:             Tue 02 Jul 2024 13:00:35 +0000
Manifest this update:     Tue 02 Jul 2024 13:00:35 +0000
Manifest next update:     Wed 03 Jul 2024 13:00:35 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: EYXBH/ORaOpp1QbnpkQ/ruKd/9zMqfk0h4ZelmH8wBo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jul 2024 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:73:88:5e:39:fa:42:80:f3:7f:5d:47:46:c0:eb:21:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Jul  2 13:00:35 2024 GMT
            Not After : Jul  3 13:00:35 2024 GMT
        Subject: CN=77c0b387c73a71d2a5bdad6c4653a0e879dbc4b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:c7:f7:e5:81:2e:46:04:09:68:0a:b1:09:6f:
                    e2:7a:59:25:ce:36:87:aa:25:24:14:d7:e5:c4:bd:
                    78:07:8d:54:d8:d7:c3:75:a7:fb:02:d6:b1:27:0b:
                    a7:3a:4a:97:17:ac:aa:20:cc:7d:eb:98:24:ea:71:
                    ee:40:0c:91:d7:48:e2:35:ca:fe:f5:80:2d:35:f7:
                    b4:fc:df:83:f8:08:63:22:e6:3a:a1:29:31:04:f7:
                    92:17:74:e4:1e:6e:6c:63:97:28:3d:5c:4d:06:1d:
                    da:5c:d5:1f:a7:ff:85:9e:f9:af:88:8f:24:d1:92:
                    19:ec:af:7d:ab:b9:99:80:6f:6e:21:81:6a:50:b3:
                    f1:3b:44:f2:6d:46:56:4a:4c:20:78:f1:37:0e:0b:
                    15:81:11:f1:7a:37:92:c3:89:5a:04:a2:23:d3:f9:
                    de:26:95:21:40:d1:28:02:4c:8f:2f:98:85:15:a3:
                    47:07:3e:15:c7:34:ee:b6:50:41:04:bd:ce:bc:fc:
                    f0:f5:7c:3f:db:f3:0d:05:d3:7d:5a:36:40:f0:3c:
                    10:58:cd:54:a9:2f:d0:1a:1f:d5:fe:83:c0:b4:1b:
                    f1:b3:0e:a1:48:de:54:30:b5:23:b2:38:e3:11:82:
                    8a:d9:b0:b0:e1:2c:f7:e0:2d:5d:33:0d:1b:a4:6e:
                    60:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:C0:B3:87:C7:3A:71:D2:A5:BD:AD:6C:46:53:A0:E8:79:DB:C4:B5
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:7f:c3:1a:3e:f3:e5:ca:f3:38:eb:69:09:8f:22:21:65:7a:
         da:64:07:a8:34:7c:c2:52:ab:4b:49:79:71:7d:03:53:19:e9:
         15:92:83:98:9b:a1:6e:09:ac:24:68:16:ec:24:4f:e2:16:b2:
         37:a0:21:f9:89:6a:60:76:63:04:e5:a4:f7:f5:33:40:39:2e:
         14:7c:0a:55:c4:f3:a4:35:e3:54:9b:51:f1:d0:51:3d:9b:36:
         72:88:5c:d6:12:ae:61:63:d4:d4:0c:d2:55:74:8e:4a:97:7a:
         7f:4b:5a:bd:9f:1c:21:30:bf:76:b6:5c:02:d5:9a:dc:da:dc:
         08:f0:41:be:35:4b:82:fd:ee:d0:39:03:65:cc:d2:03:2f:a3:
         7e:a9:01:55:53:31:77:f3:e6:9c:f9:e3:90:2d:3d:cf:83:c9:
         ab:04:73:aa:d8:5f:b9:8a:e2:44:a9:40:0a:bd:4f:ac:90:cc:
         fa:a7:32:4c:24:30:8d:a3:27:14:5a:b6:40:0c:1b:36:2f:a8:
         1f:63:68:89:f2:72:db:68:b7:31:eb:81:1b:4c:fd:f2:bc:fd:
         69:32:68:d0:21:e6:b0:7e:df:8a:e4:6a:e9:27:3c:d6:4e:f7:
         50:11:39:f3:23:be:e1:87:f6:20:41:d9:d3:11:e7:f5:d8:21:
         f4:dd:a9:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBziF45+kKA839dR0bA6yH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjQwNzAyMTMwMDM1WhcNMjQwNzAzMTMwMDM1WjAzMTEwLwYDVQQD
Eyg3N2MwYjM4N2M3M2E3MWQyYTViZGFkNmM0NjUzYTBlODc5ZGJjNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cf35YEuRgQJaAqxCW/ielklzjaH
qiUkFNflxL14B41U2NfDdaf7AtaxJwunOkqXF6yqIMx965gk6nHuQAyR10jiNcr+
9YAtNfe0/N+D+AhjIuY6oSkxBPeSF3TkHm5sY5coPVxNBh3aXNUfp/+FnvmviI8k
0ZIZ7K99q7mZgG9uIYFqULPxO0TybUZWSkwgePE3DgsVgRHxejeSw4laBKIj0/ne
JpUhQNEoAkyPL5iFFaNHBz4VxzTutlBBBL3OvPzw9Xw/2/MNBdN9WjZA8DwQWM1U
qS/QGh/V/oPAtBvxsw6hSN5UMLUjsjjjEYKK2bCw4Sz34C1dMw0bpG5gzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfAs4fHOnHSpb2tbEZToOh528S1MB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkX/DGj7z
5crzOOtpCY8iIWV62mQHqDR8wlKrS0l5cX0DUxnpFZKDmJuhbgmsJGgW7CRP4hay
N6Ah+YlqYHZjBOWk9/UzQDkuFHwKVcTzpDXjVJtR8dBRPZs2cohc1hKuYWPU1AzS
VXSOSpd6f0tavZ8cITC/drZcAtWa3NrcCPBBvjVLgv3u0DkDZczSAy+jfqkBVVMx
d/PmnPnjkC09z4PJqwRzqthfuYriRKlACr1PrJDM+qcyTCQwjaMnFFq2QAwbNi+o
H2NoifJy22i3MeuBG0z98rz9aTJo0CHmsH7fiuRq6Sc81k73UBE58yO+4Yf2IEHZ
0xHn9dgh9N2pKQ==
-----END CERTIFICATE-----