Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
File:                     qSLK1G6tETX2TAWVGAe29y9xrfI.mft (raw, json)
Hash identifier:          nlsL3eZQpRDdlrXym15uP2xSyQHZDRlKCtSLjw9zVHk=
Subject key identifier:   BD:1B:74:5C:A5:B0:0B:8A:64:A2:9B:63:30:7F:32:86:26:24:CF:13
Authority key identifier: A9:22:CA:D4:6E:AD:11:35:F6:4C:05:95:18:07:B6:F7:2F:71:AD:F2
Certificate issuer:       /CN=a922cad46ead1135f64c05951807b6f72f71adf2
Certificate serial:       018F8748F2A7E58305D66599E5B7671723DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
Manifest number:          0D61
Signing time:             Fri 17 May 2024 16:00:55 +0000
Manifest this update:     Fri 17 May 2024 16:00:55 +0000
Manifest next update:     Sat 18 May 2024 16:00:55 +0000
Files and hashes:         1: qSLK1G6tETX2TAWVGAe29y9xrfI.crl (hash: 1A5kQyUXgkBTReSEihC8OVWu0x6dkr8WxQJoFGHIHuc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:f2:a7:e5:83:05:d6:65:99:e5:b7:67:17:23:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a922cad46ead1135f64c05951807b6f72f71adf2
        Validity
            Not Before: May 17 16:00:55 2024 GMT
            Not After : May 18 16:00:55 2024 GMT
        Subject: CN=bd1b745ca5b00b8a64a29b63307f32862624cf13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:71:15:6c:3a:b9:b8:8c:c1:e6:e4:f2:55:09:
                    37:a6:5b:dd:e7:df:4b:e8:03:48:96:b7:6f:8c:cb:
                    b7:19:39:52:d3:56:d5:fc:62:bc:91:5a:30:0b:1c:
                    b8:3a:8c:26:c7:ad:2f:6e:46:39:69:7f:9d:ae:f2:
                    d1:09:eb:9a:96:28:25:31:37:7a:f5:2a:1b:9d:25:
                    a1:a4:e6:b5:ab:2e:45:dc:d4:fd:40:7f:39:af:e8:
                    a3:09:70:79:0f:7e:17:02:5d:97:aa:e5:41:c1:d8:
                    4a:6e:42:fc:68:46:c0:15:53:3f:e2:3d:b5:1f:4f:
                    e8:51:67:ca:4e:64:93:d0:e6:9e:76:51:c7:83:9d:
                    96:6f:dc:ce:f8:ca:8f:9c:e6:be:45:7a:1f:e4:46:
                    d2:4c:6e:b3:28:d9:a9:d4:37:3c:0e:14:9e:d4:0b:
                    a5:64:dd:1f:37:f4:33:9e:c1:18:6f:83:0b:a1:42:
                    fa:e6:04:ce:01:82:8a:d8:4f:be:96:df:98:31:72:
                    e0:15:85:96:87:67:e7:e0:bf:9e:81:89:a1:7f:26:
                    f3:f8:6a:40:65:2e:59:cb:dd:0e:51:b5:1c:cc:17:
                    82:99:ab:43:47:d9:f3:31:b0:af:47:7e:b9:0c:c5:
                    6e:16:97:1b:e2:b9:0f:00:7d:93:32:57:08:2b:8b:
                    cc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:1B:74:5C:A5:B0:0B:8A:64:A2:9B:63:30:7F:32:86:26:24:CF:13
            X509v3 Authority Key Identifier:
                keyid:A9:22:CA:D4:6E:AD:11:35:F6:4C:05:95:18:07:B6:F7:2F:71:AD:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:b9:dd:a6:1e:fc:55:cf:9d:ce:84:74:c5:0f:e1:f5:df:b8:
         40:b2:2e:3b:05:c3:9f:30:e9:e8:68:e1:28:45:78:e7:6f:e7:
         6b:6b:65:2d:b1:40:fa:9a:b6:d6:e3:cc:9a:94:2a:10:10:1e:
         4d:65:94:34:9a:f5:f7:5e:c8:bd:3a:1e:e2:d2:2a:a1:38:7d:
         85:f4:2a:7d:93:e1:d7:3a:b2:15:9d:c4:1b:33:c7:95:88:a5:
         a3:42:22:29:c1:91:83:66:29:a1:38:8f:e1:1f:88:f9:86:46:
         a7:69:94:4c:0d:b3:af:5a:4b:ef:78:c5:0d:ed:29:48:43:3d:
         da:ea:98:dc:f0:5c:c4:42:c5:45:c6:08:cc:e0:6b:f5:41:bf:
         ad:7a:78:8f:18:ae:fe:68:b1:9e:43:35:65:8d:73:c8:35:bc:
         f2:5c:0b:23:0c:b8:35:1c:24:c2:d5:ed:4b:5a:87:67:50:23:
         3c:91:8f:27:37:6d:d4:95:f4:7f:7c:50:9d:f9:38:21:35:84:
         fb:4e:c1:2a:c3:74:51:e9:27:e5:97:6c:db:79:e5:50:db:ca:
         e3:96:b0:97:9d:5b:d1:ec:a8:c2:53:37:4c:64:52:0e:db:8e:
         5f:29:d2:05:4f:9a:1a:16:2a:c1:a2:2f:83:e2:68:96:95:db:
         58:f3:9b:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSPKn5YMF1mWZ5bdnFyPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjJjYWQ0NmVhZDExMzVmNjRjMDU5NTE4MDdiNmY3MmY3
MWFkZjIwHhcNMjQwNTE3MTYwMDU1WhcNMjQwNTE4MTYwMDU1WjAzMTEwLwYDVQQD
EyhiZDFiNzQ1Y2E1YjAwYjhhNjRhMjliNjMzMDdmMzI4NjI2MjRjZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nEVbDq5uIzB5uTyVQk3plvd599L
6ANIlrdvjMu3GTlS01bV/GK8kVowCxy4Oowmx60vbkY5aX+drvLRCeualiglMTd6
9SobnSWhpOa1qy5F3NT9QH85r+ijCXB5D34XAl2XquVBwdhKbkL8aEbAFVM/4j21
H0/oUWfKTmST0OaedlHHg52Wb9zO+MqPnOa+RXof5EbSTG6zKNmp1Dc8DhSe1Aul
ZN0fN/QznsEYb4MLoUL65gTOAYKK2E++lt+YMXLgFYWWh2fn4L+egYmhfybz+GpA
ZS5Zy90OUbUczBeCmatDR9nzMbCvR365DMVuFpcb4rkPAH2TMlcIK4vMFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0bdFylsAuKZKKbYzB/MoYmJM8TMB8GA1UdIwQY
MBaAFKkiytRurRE19kwFlRgHtvcvca3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNTAzMjAtZmI4MS00ZDcyLTg5MmEt
ODRhZmVhOGViZTVhLzEvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNTAzMjAtZmI4MS00ZDcyLTg5MmEtODRhZmVhOGViZTVh
LzEvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbLndph78
Vc+dzoR0xQ/h9d+4QLIuOwXDnzDp6GjhKEV452/na2tlLbFA+pq21uPMmpQqEBAe
TWWUNJr1917IvToe4tIqoTh9hfQqfZPh1zqyFZ3EGzPHlYilo0IiKcGRg2YpoTiP
4R+I+YZGp2mUTA2zr1pL73jFDe0pSEM92uqY3PBcxELFRcYIzOBr9UG/rXp4jxiu
/mixnkM1ZY1zyDW88lwLIwy4NRwkwtXtS1qHZ1AjPJGPJzdt1JX0f3xQnfk4ITWE
+07BKsN0Uekn5Zds23nlUNvK45awl51b0eyowlM3TGRSDtuOXynSBU+aGhYqwaIv
g+JolpXbWPObsg==
-----END CERTIFICATE-----