Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
File:                     QFphtYwdUt5SLgQQCcv80fflK3w.mft (raw, json)
Hash identifier:          7Nsx64ZBsgoThUGYu0nv0fkxH6HKvdRiRuqzMhSHNi4=
Subject key identifier:   13:87:52:1A:1E:B2:E1:65:98:42:82:81:1F:A0:B4:9E:E1:7B:7C:45
Authority key identifier: 40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C
Certificate issuer:       /CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
Certificate serial:       0193549BD88A7DEF20B14743CDA228FFBD5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
Manifest number:          0E6A
Signing time:             Fri 22 Nov 2024 16:01:59 +0000
Manifest this update:     Fri 22 Nov 2024 16:01:59 +0000
Manifest next update:     Sat 23 Nov 2024 16:01:59 +0000
Files and hashes:         1: QFphtYwdUt5SLgQQCcv80fflK3w.crl (hash: XcumUIxD/dJ+YXUap1pEvn2gtdWzmOKljJFkA0R4DxM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 16:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:54:9b:d8:8a:7d:ef:20:b1:47:43:cd:a2:28:ff:bd:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
        Validity
            Not Before: Nov 22 16:01:59 2024 GMT
            Not After : Nov 23 16:01:59 2024 GMT
        Subject: CN=1387521a1eb2e165984282811fa0b49ee17b7c45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ec:d4:b1:c7:a3:f2:89:9a:ae:f2:3e:91:1f:
                    27:f1:43:56:1d:a4:b8:8a:fe:93:2c:d4:82:a1:85:
                    e6:68:b3:39:69:66:71:1a:92:d8:a8:be:c5:67:27:
                    94:8c:fd:3b:f4:16:39:22:1c:9e:77:41:04:48:ec:
                    33:40:5f:0e:e2:b1:94:03:08:93:8b:f0:c2:c2:93:
                    13:a1:77:1d:d6:c8:93:0d:5c:b7:b9:81:32:ed:7c:
                    c6:91:e5:09:6f:62:12:e9:ff:96:91:a2:5c:b6:a3:
                    ee:27:5b:6d:5b:96:05:2b:38:89:a8:7a:42:dd:73:
                    00:be:08:b3:f2:c2:aa:96:4c:67:4a:63:11:98:52:
                    d4:ec:ef:f2:6d:87:d8:ff:b9:8a:67:a1:97:5e:1a:
                    81:ea:e7:e4:91:b3:16:1b:69:ae:73:55:e4:59:cd:
                    b5:2c:63:32:f8:b8:d9:3a:e5:c7:8c:40:c5:5c:2c:
                    6e:72:23:3e:2c:fe:1b:83:c7:45:52:13:de:77:db:
                    3c:f8:cf:3c:9b:d1:28:0e:62:50:bc:22:db:9c:4d:
                    a4:d6:dc:01:a3:ec:39:89:80:b2:7a:97:c5:90:61:
                    8b:08:38:5c:7d:aa:ef:c0:e0:fe:17:66:17:e1:59:
                    0d:4b:7b:44:5c:64:69:7b:1f:a7:c7:29:68:d1:3c:
                    34:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:87:52:1A:1E:B2:E1:65:98:42:82:81:1F:A0:B4:9E:E1:7B:7C:45
            X509v3 Authority Key Identifier:
                keyid:40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:c4:ea:02:10:4f:b4:ad:3f:35:2a:52:c6:f5:4d:98:23:01:
         5c:4d:f8:c5:5a:15:7e:a5:f2:ef:4e:a5:24:37:8e:18:ed:f3:
         2c:81:8d:0f:f7:03:5c:be:09:4e:88:9d:1b:64:67:26:cf:60:
         56:c7:33:26:e3:ee:6d:6d:de:ad:58:50:9d:fe:f2:b6:22:74:
         c4:1f:cf:b1:b4:1e:d8:33:2d:b6:1c:b4:0f:ed:2b:10:e1:ba:
         d7:fb:be:df:42:c9:59:c4:34:0d:46:a0:51:ec:56:64:b8:4a:
         75:d9:f6:a6:e2:0e:68:e1:23:d0:8f:dd:2d:03:86:23:1b:84:
         5e:36:5d:be:f5:b7:7a:69:33:78:64:9f:a9:56:d0:87:54:bb:
         15:a7:48:f0:d2:8e:41:9f:4b:67:5b:c3:43:28:7e:08:2b:ca:
         05:ab:ea:1e:f5:49:fc:e7:ce:48:5e:6d:a5:0e:b1:a3:9b:ed:
         34:d2:b1:9d:15:bf:5e:09:5d:7b:1a:1d:1b:42:2d:b2:20:5c:
         18:57:d6:53:f0:29:10:2d:22:fb:da:e7:c8:3e:f2:18:1b:75:
         e9:0a:79:7a:e0:a9:c3:b3:21:88:ff:09:40:d1:c5:56:f3:44:
         9b:11:c2:b1:32:03:62:42:a9:48:f2:7d:5a:5a:95:44:d4:c4:
         c8:de:f7:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNUm9iKfe8gsUdDzaIo/71eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWE2MWI1OGMxZDUyZGU1MjJlMDQxMDA5Y2JmY2QxZjdl
NTJiN2MwHhcNMjQxMTIyMTYwMTU5WhcNMjQxMTIzMTYwMTU5WjAzMTEwLwYDVQQD
EygxMzg3NTIxYTFlYjJlMTY1OTg0MjgyODExZmEwYjQ5ZWUxN2I3YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOzUscej8omarvI+kR8n8UNWHaS4
iv6TLNSCoYXmaLM5aWZxGpLYqL7FZyeUjP079BY5Ihyed0EESOwzQF8O4rGUAwiT
i/DCwpMToXcd1siTDVy3uYEy7XzGkeUJb2IS6f+WkaJctqPuJ1ttW5YFKziJqHpC
3XMAvgiz8sKqlkxnSmMRmFLU7O/ybYfY/7mKZ6GXXhqB6ufkkbMWG2muc1XkWc21
LGMy+LjZOuXHjEDFXCxuciM+LP4bg8dFUhPed9s8+M88m9EoDmJQvCLbnE2k1twB
o+w5iYCyepfFkGGLCDhcfarvwOD+F2YX4VkNS3tEXGRpex+nxylo0Tw0oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOHUhoesuFlmEKCgR+gtJ7he3xFMB8GA1UdIwQY
MBaAFEBaYbWMHVLeUi4EEAnL/NH35St8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTct
ZmUwMTMzY2RhNTM1LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTctZmUwMTMzY2RhNTM1
LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMTqAhBP
tK0/NSpSxvVNmCMBXE34xVoVfqXy706lJDeOGO3zLIGND/cDXL4JToidG2RnJs9g
VsczJuPubW3erVhQnf7ytiJ0xB/PsbQe2DMtthy0D+0rEOG61/u+30LJWcQ0DUag
UexWZLhKddn2puIOaOEj0I/dLQOGIxuEXjZdvvW3emkzeGSfqVbQh1S7FadI8NKO
QZ9LZ1vDQyh+CCvKBavqHvVJ/OfOSF5tpQ6xo5vtNNKxnRW/XgldexodG0ItsiBc
GFfWU/ApEC0i+9rnyD7yGBt16Qp5euCpw7MhiP8JQNHFVvNEmxHCsTIDYkKpSPJ9
WlqVRNTEyN73Vg==
-----END CERTIFICATE-----