Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          PZiQejKaCPDMttwCcIEuTruZogcD37Ue/O5PQif85/Y=
Subject key identifier:   84:85:1D:E1:29:87:44:CD:CA:0D:FA:CF:57:9C:31:BD:00:E1:B2:D4
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       018F885B33C86B67D829B3147EA437C1E11C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0280
Signing time:             Fri 17 May 2024 21:00:29 +0000
Manifest this update:     Fri 17 May 2024 21:00:29 +0000
Manifest next update:     Sat 18 May 2024 21:00:29 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: ZRK57eUhEWgVBMZp9ZINoOpdS09eyUI4Tv0D5j5zxIk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:5b:33:c8:6b:67:d8:29:b3:14:7e:a4:37:c1:e1:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: May 17 21:00:29 2024 GMT
            Not After : May 18 21:00:29 2024 GMT
        Subject: CN=84851de1298744cdca0dfacf579c31bd00e1b2d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c4:09:b5:02:ef:2b:0b:a6:bb:ba:31:5f:28:
                    97:c6:cc:65:12:24:bc:02:db:f5:91:2e:80:fa:1f:
                    3a:e5:e2:fa:9c:85:85:99:54:11:7a:15:60:da:6a:
                    47:80:c7:64:17:aa:78:63:38:71:37:54:94:ba:b2:
                    ae:5e:bd:ba:da:50:f0:9d:51:7a:3d:fd:1d:2d:2d:
                    7a:86:45:fc:f2:79:d9:b0:b3:84:a4:ae:e5:1f:aa:
                    00:75:97:9a:67:2c:15:5d:d5:f0:00:ed:44:25:8a:
                    d5:a3:b5:5d:56:f9:51:29:5f:05:d4:d6:53:84:35:
                    22:85:6c:d0:74:9f:b5:c4:25:50:fb:84:c9:f2:99:
                    3f:7b:6e:9b:d1:50:6e:9f:b9:68:66:87:0f:b0:34:
                    54:65:ab:22:45:b2:77:b9:fa:aa:dc:91:7c:4c:9e:
                    1e:a6:f0:f2:2a:e1:85:da:5a:7b:72:f6:11:ce:a3:
                    91:5d:ba:fb:cf:0d:d0:76:a9:ec:e9:c7:f9:dc:2f:
                    de:90:d5:40:59:15:4e:0d:35:4d:3e:97:18:74:59:
                    4a:69:7f:74:02:70:0e:c1:b0:36:e9:e5:4f:65:c1:
                    59:eb:74:61:b2:04:90:80:2f:0f:74:42:b6:ab:ef:
                    bf:25:b3:b0:b1:27:1d:cd:da:95:b7:ad:3b:2f:d4:
                    21:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:85:1D:E1:29:87:44:CD:CA:0D:FA:CF:57:9C:31:BD:00:E1:B2:D4
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:e6:1f:97:6e:e0:79:b0:b8:4b:98:0f:61:ca:29:8a:81:e3:
         e5:79:3b:07:7a:70:68:d1:70:62:45:f9:a3:0c:43:9c:70:c1:
         b3:11:60:f6:fe:5e:e9:57:18:0a:de:c8:ee:0b:43:2c:1e:2c:
         e6:d1:f7:fa:8c:db:ee:d7:e7:ea:b2:7f:ae:6b:11:62:b6:d1:
         90:8d:53:45:3b:3b:12:54:36:4b:ba:04:64:52:d1:4d:e1:43:
         e8:fc:03:61:f8:d1:fd:e5:5c:cc:8d:e5:1d:ae:79:db:86:5e:
         ca:86:64:e4:f4:e8:8c:13:26:dd:60:41:8c:84:ca:8f:ad:b0:
         f2:8b:00:5f:66:27:3f:a4:a5:21:7a:eb:06:5b:a7:3a:ad:b7:
         cd:28:f2:2a:1f:d2:79:13:1f:53:3a:9b:00:41:0f:62:06:56:
         65:79:1c:f5:b9:df:6a:82:ae:bd:15:80:3d:64:3d:e6:4d:65:
         46:1c:e3:a9:27:04:85:eb:19:dc:d9:35:0e:ed:23:a1:e4:29:
         c9:0a:a3:94:ca:05:cc:c3:3b:32:7d:23:d0:02:18:35:bb:1d:
         0f:0e:5c:49:ea:09:d9:26:a8:98:24:d0:64:33:4c:0c:f4:2c:
         53:fa:71:6e:a7:13:75:4c:ee:82:0e:f2:73:80:09:4b:a3:41:
         7a:ff:5b:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IWzPIa2fYKbMUfqQ3weEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjQwNTE3MjEwMDI5WhcNMjQwNTE4MjEwMDI5WjAzMTEwLwYDVQQD
Eyg4NDg1MWRlMTI5ODc0NGNkY2EwZGZhY2Y1NzljMzFiZDAwZTFiMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cQJtQLvKwumu7oxXyiXxsxlEiS8
Atv1kS6A+h865eL6nIWFmVQRehVg2mpHgMdkF6p4YzhxN1SUurKuXr262lDwnVF6
Pf0dLS16hkX88nnZsLOEpK7lH6oAdZeaZywVXdXwAO1EJYrVo7VdVvlRKV8F1NZT
hDUihWzQdJ+1xCVQ+4TJ8pk/e26b0VBun7loZocPsDRUZasiRbJ3ufqq3JF8TJ4e
pvDyKuGF2lp7cvYRzqORXbr7zw3Qdqns6cf53C/ekNVAWRVODTVNPpcYdFlKaX90
AnAOwbA26eVPZcFZ63RhsgSQgC8PdEK2q++/JbOwsScdzdqVt607L9Qh8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISFHeEph0TNyg36z1ecMb0A4bLUMB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOYfl27g
ebC4S5gPYcopioHj5Xk7B3pwaNFwYkX5owxDnHDBsxFg9v5e6VcYCt7I7gtDLB4s
5tH3+ozb7tfn6rJ/rmsRYrbRkI1TRTs7ElQ2S7oEZFLRTeFD6PwDYfjR/eVczI3l
Ha5524ZeyoZk5PTojBMm3WBBjITKj62w8osAX2YnP6SlIXrrBlunOq23zSjyKh/S
eRMfUzqbAEEPYgZWZXkc9bnfaoKuvRWAPWQ95k1lRhzjqScEhesZ3Nk1Du0joeQp
yQqjlMoFzMM7Mn0j0AIYNbsdDw5cSeoJ2SaomCTQZDNMDPQsU/pxbqcTdUzugg7y
c4AJS6NBev9big==
-----END CERTIFICATE-----