Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          iU3BoQdvkKT98lTprhzmd6q2Dmi+zgt21lfDe506hwA=
Subject key identifier:   88:48:00:CA:03:0F:94:08:18:9E:C1:4E:DB:F1:C1:58:6E:A7:5D:B7
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019357D2EE0DA33DC96F09455C59619F81DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          136F
Signing time:             Sat 23 Nov 2024 07:01:01 +0000
Manifest this update:     Sat 23 Nov 2024 07:01:01 +0000
Manifest next update:     Sun 24 Nov 2024 07:01:01 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: KM/+YRAKDA51zUsuxlV3Us5z6O/eJ4LD2o/Wyuow8fM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:ee:0d:a3:3d:c9:6f:09:45:5c:59:61:9f:81:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Nov 23 07:01:01 2024 GMT
            Not After : Nov 24 07:01:01 2024 GMT
        Subject: CN=884800ca030f9408189ec14edbf1c1586ea75db7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fb:61:51:e1:72:5f:9c:ea:37:ec:e5:b3:35:
                    f1:33:b5:99:e8:1e:65:9f:20:11:3f:df:e1:8a:b7:
                    89:05:8a:c4:c6:88:a0:73:a4:7d:e4:f3:69:7b:4f:
                    c4:9a:11:4a:e9:61:67:ea:1b:81:c1:f6:cc:be:b0:
                    3e:05:db:2a:ba:73:1e:c5:a3:bc:8f:bd:54:e4:7f:
                    73:6a:37:1c:e0:1b:52:b2:f8:11:3c:1e:6a:21:98:
                    bf:7e:ad:b2:0a:ad:a4:65:61:dd:53:dd:da:59:df:
                    32:95:26:cb:c7:64:a6:3f:cf:2b:7c:3b:7b:9b:c0:
                    0f:53:ce:49:c0:bb:98:4a:5c:a3:ae:60:79:78:77:
                    b0:d0:32:9a:63:d5:73:9b:95:2c:13:5a:0a:18:3f:
                    45:06:e4:b2:86:cb:80:94:d8:13:64:f7:de:15:63:
                    c5:09:c4:3c:dd:e9:cc:7e:92:ee:f4:22:02:be:ee:
                    49:f4:a2:9e:bc:d1:d1:45:23:c0:eb:f7:7a:85:fd:
                    7a:41:3e:1c:8c:a2:be:b3:cb:4a:f2:1d:c7:6d:a7:
                    50:ff:bf:3e:0f:7b:a3:09:72:da:e5:1d:13:42:9c:
                    68:1b:19:45:f0:54:1e:34:1b:de:55:e7:22:15:73:
                    fe:09:a5:9e:1c:6e:09:4e:c3:ae:38:f8:69:c1:a1:
                    9a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:48:00:CA:03:0F:94:08:18:9E:C1:4E:DB:F1:C1:58:6E:A7:5D:B7
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:5c:e1:08:c7:01:15:35:8d:72:76:d2:67:c9:4d:ca:a7:1c:
         0b:23:8a:a9:cc:b7:a7:cb:85:4d:10:bf:8b:cd:3c:3c:2c:7c:
         41:4f:d3:1e:15:04:a0:9d:f0:4a:19:e5:ca:65:34:9d:8c:26:
         c8:c8:14:ec:01:4f:76:6d:44:c3:33:ea:5f:22:ef:c0:bd:e7:
         29:94:3d:bd:7d:1b:92:6b:bf:7b:2a:32:b3:ab:d8:dd:f1:f1:
         b6:11:78:f5:77:73:b4:eb:3a:02:f5:71:14:51:ca:ac:6c:da:
         de:10:8f:b1:78:21:3a:e9:89:06:5b:64:8a:ab:e6:02:17:f0:
         3e:0b:e7:a5:cb:c4:14:66:61:ad:46:cd:da:d9:24:03:04:af:
         2f:20:04:39:36:4d:db:21:d6:ba:f9:e9:e6:d2:bd:56:6b:a7:
         88:b3:d5:0c:82:27:f1:f8:dd:57:30:68:63:04:d3:fc:a4:4f:
         54:78:9b:9f:71:67:30:cb:62:8a:d7:9c:b2:e2:c2:8c:a6:a1:
         30:3c:11:e0:6c:d1:85:17:8d:47:02:e3:1a:8c:0a:bd:d7:72:
         85:1f:b5:c7:86:b9:64:0f:37:d0:ec:0d:46:be:a0:a3:96:a2:
         75:1f:08:78:0c:3a:0e:a3:f3:66:e4:b8:83:75:8d:4f:79:4d:
         36:99:af:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0u4Noz3JbwlFXFlhn4HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjQxMTIzMDcwMTAxWhcNMjQxMTI0MDcwMTAxWjAzMTEwLwYDVQQD
Eyg4ODQ4MDBjYTAzMGY5NDA4MTg5ZWMxNGVkYmYxYzE1ODZlYTc1ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/thUeFyX5zqN+zlszXxM7WZ6B5l
nyARP9/hireJBYrExoigc6R95PNpe0/EmhFK6WFn6huBwfbMvrA+BdsqunMexaO8
j71U5H9zajcc4BtSsvgRPB5qIZi/fq2yCq2kZWHdU93aWd8ylSbLx2SmP88rfDt7
m8APU85JwLuYSlyjrmB5eHew0DKaY9Vzm5UsE1oKGD9FBuSyhsuAlNgTZPfeFWPF
CcQ83enMfpLu9CICvu5J9KKevNHRRSPA6/d6hf16QT4cjKK+s8tK8h3HbadQ/78+
D3ujCXLa5R0TQpxoGxlF8FQeNBveVeciFXP+CaWeHG4JTsOuOPhpwaGaYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhIAMoDD5QIGJ7BTtvxwVhup123MB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhlzhCMcB
FTWNcnbSZ8lNyqccCyOKqcy3p8uFTRC/i808PCx8QU/THhUEoJ3wShnlymU0nYwm
yMgU7AFPdm1EwzPqXyLvwL3nKZQ9vX0bkmu/eyoys6vY3fHxthF49XdztOs6AvVx
FFHKrGza3hCPsXghOumJBltkiqvmAhfwPgvnpcvEFGZhrUbN2tkkAwSvLyAEOTZN
2yHWuvnp5tK9VmuniLPVDIIn8fjdVzBoYwTT/KRPVHibn3FnMMtiitecsuLCjKah
MDwR4GzRhReNRwLjGowKvddyhR+1x4a5ZA830OwNRr6go5aidR8IeAw6DqPzZuS4
g3WNT3lNNpmvCg==
-----END CERTIFICATE-----