Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
File:                     JK_wO1q_sXhyXKbpD149mMumjr8.mft (raw, json)
Hash identifier:          ODt66pkYwsmoMlFV8/wCJVQrf7Q+tXxL5Yh9p1ppzHE=
Subject key identifier:   1C:6D:16:45:BD:B9:3B:46:BF:8F:49:E7:DD:69:7D:1A:2C:52:79:FE
Authority key identifier: 24:AF:F0:3B:5A:BF:B1:78:72:5C:A6:E9:0F:5E:3D:98:CB:A6:8E:BF
Certificate issuer:       /CN=24aff03b5abfb178725ca6e90f5e3d98cba68ebf
Certificate serial:       01936143C04C291E2BB8C187311DF91FBF31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
Manifest number:          0479
Signing time:             Mon 25 Nov 2024 03:00:50 +0000
Manifest this update:     Mon 25 Nov 2024 03:00:50 +0000
Manifest next update:     Tue 26 Nov 2024 03:00:50 +0000
Files and hashes:         1: JK_wO1q_sXhyXKbpD149mMumjr8.crl (hash: +sNEYhF25zJnaR3dZfWfmiLolWxD/u5AlkRWhGsIbP4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:61:43:c0:4c:29:1e:2b:b8:c1:87:31:1d:f9:1f:bf:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24aff03b5abfb178725ca6e90f5e3d98cba68ebf
        Validity
            Not Before: Nov 25 03:00:50 2024 GMT
            Not After : Nov 26 03:00:50 2024 GMT
        Subject: CN=1c6d1645bdb93b46bf8f49e7dd697d1a2c5279fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:34:6a:75:ce:0b:29:5b:4e:c7:e6:99:88:f5:
                    eb:7a:88:aa:9d:90:36:a2:34:e4:e2:17:56:5f:ab:
                    08:7c:e2:42:3a:99:15:8f:24:e5:13:59:35:50:65:
                    61:d2:82:97:5c:cb:ac:2b:68:6b:de:08:27:9c:28:
                    c5:33:54:57:db:6f:c8:53:a2:20:a4:e9:af:19:ff:
                    3d:8e:69:7f:a5:5c:b2:dd:4a:cd:c7:34:d9:19:fd:
                    03:f3:4b:e6:78:f1:01:8c:3a:ce:82:75:05:fc:de:
                    90:ba:3d:96:d3:fb:25:63:75:3d:4c:2f:ba:e3:e8:
                    b3:88:00:c9:37:50:4b:6b:71:24:7a:25:13:e3:05:
                    b0:cd:23:a3:d6:ec:2b:41:50:49:3a:05:4e:59:d4:
                    75:70:4f:21:5b:90:eb:01:33:ab:2a:e0:80:a6:85:
                    d1:a8:ed:67:19:b3:62:1c:28:77:58:ed:ba:dd:93:
                    16:ad:50:69:8e:de:19:fb:90:39:63:99:29:00:fd:
                    de:5a:d1:30:95:a0:b0:f0:00:0b:b8:bc:9d:e8:d4:
                    c5:7f:b5:59:a5:84:67:1e:ac:96:14:08:4d:3d:c8:
                    76:c7:5e:0d:3a:de:c1:3e:ac:14:99:f9:10:79:86:
                    37:db:cd:60:59:11:94:a9:3f:88:8b:54:52:a0:39:
                    2a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:6D:16:45:BD:B9:3B:46:BF:8F:49:E7:DD:69:7D:1A:2C:52:79:FE
            X509v3 Authority Key Identifier:
                keyid:24:AF:F0:3B:5A:BF:B1:78:72:5C:A6:E9:0F:5E:3D:98:CB:A6:8E:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JK_wO1q_sXhyXKbpD149mMumjr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ab8137-3753-4eca-a94e-8c2130a35016/1/JK_wO1q_sXhyXKbpD149mMumjr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:67:7c:a6:43:ee:aa:02:7f:fd:a8:57:6c:54:98:dd:bb:19:
         79:26:ea:71:69:15:a2:f1:4d:d9:fa:05:17:ac:be:be:51:a0:
         ae:06:66:39:c7:bd:4d:b2:8e:c1:23:ac:77:20:d9:2f:74:a3:
         67:ad:23:db:73:75:4e:65:81:e2:13:f2:b9:83:69:1e:86:d1:
         74:38:60:87:6b:6d:8d:a9:4e:fc:26:df:23:ca:a8:1f:16:9d:
         5b:1e:71:7e:ec:f0:82:82:5e:d6:3d:ce:0a:e3:2b:25:87:d1:
         01:2e:72:ea:97:42:0f:a9:d8:86:80:da:a0:25:7c:67:02:83:
         10:2d:e6:5e:58:2e:4b:db:98:bd:7b:d5:36:2e:82:a7:cb:76:
         5a:4c:17:e2:1f:8d:ea:e0:12:5f:b4:af:d0:fd:2b:a1:84:20:
         a1:04:ba:ad:8e:ff:da:2d:cd:bf:78:c6:5a:68:bf:0e:18:df:
         6d:ed:f9:ae:7f:ef:c2:59:e8:d6:0c:b0:ce:e1:d7:d7:70:d1:
         58:31:fc:84:d7:80:7f:90:b1:86:8e:7e:98:cf:65:09:69:62:
         69:86:a5:bd:da:0f:1a:0d:94:a8:5c:99:fb:64:1d:1d:01:8e:
         8e:99:7c:b9:42:df:aa:18:43:2d:21:1e:e2:f9:28:08:1c:c4:
         fd:d2:12:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNhQ8BMKR4ruMGHMR35H78xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWZmMDNiNWFiZmIxNzg3MjVjYTZlOTBmNWUzZDk4Y2Jh
NjhlYmYwHhcNMjQxMTI1MDMwMDUwWhcNMjQxMTI2MDMwMDUwWjAzMTEwLwYDVQQD
EygxYzZkMTY0NWJkYjkzYjQ2YmY4ZjQ5ZTdkZDY5N2QxYTJjNTI3OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDRqdc4LKVtOx+aZiPXreoiqnZA2
ojTk4hdWX6sIfOJCOpkVjyTlE1k1UGVh0oKXXMusK2hr3ggnnCjFM1RX22/IU6Ig
pOmvGf89jml/pVyy3UrNxzTZGf0D80vmePEBjDrOgnUF/N6Quj2W0/slY3U9TC+6
4+iziADJN1BLa3EkeiUT4wWwzSOj1uwrQVBJOgVOWdR1cE8hW5DrATOrKuCApoXR
qO1nGbNiHCh3WO263ZMWrVBpjt4Z+5A5Y5kpAP3eWtEwlaCw8AALuLyd6NTFf7VZ
pYRnHqyWFAhNPch2x14NOt7BPqwUmfkQeYY3281gWRGUqT+Ii1RSoDkqDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxtFkW9uTtGv49J591pfRosUnn+MB8GA1UdIwQY
MBaAFCSv8Dtav7F4clym6Q9ePZjLpo6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hYjgxMzctMzc1My00ZWNhLWE5NGUt
OGMyMTMwYTM1MDE2LzEvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hYjgxMzctMzc1My00ZWNhLWE5NGUtOGMyMTMwYTM1MDE2
LzEvSktfd08xcV9zWGh5WEticEQxNDltTXVtanI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmd8pkPu
qgJ//ahXbFSY3bsZeSbqcWkVovFN2foFF6y+vlGgrgZmOce9TbKOwSOsdyDZL3Sj
Z60j23N1TmWB4hPyuYNpHobRdDhgh2ttjalO/CbfI8qoHxadWx5xfuzwgoJe1j3O
CuMrJYfRAS5y6pdCD6nYhoDaoCV8ZwKDEC3mXlguS9uYvXvVNi6Cp8t2WkwX4h+N
6uASX7Sv0P0roYQgoQS6rY7/2i3Nv3jGWmi/Dhjfbe35rn/vwlno1gywzuHX13DR
WDH8hNeAf5Cxho5+mM9lCWliaYalvdoPGg2UqFyZ+2QdHQGOjpl8uULfqhhDLSEe
4vkoCBzE/dIS2g==
-----END CERTIFICATE-----