Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
File:                     14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft (raw, json)
Hash identifier:          yCuVZFQyt+H7GH0C4xDjOYjzOC5UqoWtMLpUNRqwZ6w=
Subject key identifier:   9F:62:45:78:53:A4:C4:C9:7A:A1:0B:FB:32:E5:40:A9:22:8E:E2:FB
Authority key identifier: D7:88:85:19:81:CF:B3:C1:56:24:B6:E9:7F:60:A3:D9:91:D6:D9:69
Certificate issuer:       /CN=d788851981cfb3c15624b6e97f60a3d991d6d969
Certificate serial:       01935651CF59356BE6E6A44E83470FEB1404
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
Manifest number:          0247
Signing time:             Sat 23 Nov 2024 00:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 00:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 00:00:22 +0000
Files and hashes:         1: 14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl (hash: MDIwCV3Pjm7aDV+nBYV8GznMkQrmdUQ/xXRZIzPJ5gc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:51:cf:59:35:6b:e6:e6:a4:4e:83:47:0f:eb:14:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d788851981cfb3c15624b6e97f60a3d991d6d969
        Validity
            Not Before: Nov 23 00:00:22 2024 GMT
            Not After : Nov 24 00:00:22 2024 GMT
        Subject: CN=9f62457853a4c4c97aa10bfb32e540a9228ee2fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:23:71:70:74:f9:60:cd:43:25:e0:47:65:2b:
                    8c:c1:50:81:ca:21:1c:3d:dd:01:8a:74:be:6d:9b:
                    1f:41:3a:5b:59:53:53:77:46:94:3d:c6:24:5c:51:
                    36:eb:0b:ea:a8:cb:8f:05:99:ed:ee:57:91:d1:49:
                    b1:ee:9c:f2:a9:f9:b5:62:74:8a:01:e3:c0:50:fe:
                    86:92:35:d6:d7:40:77:37:d3:7d:f8:15:bb:54:05:
                    59:b3:c1:6c:a4:06:8b:6d:24:7f:ad:1f:cb:bb:96:
                    60:dc:b8:1d:07:f7:db:79:44:02:8c:68:9d:41:86:
                    91:f8:80:ea:9e:24:48:71:2a:d0:5d:0a:94:3e:67:
                    d3:26:94:31:90:a0:e4:72:82:c4:b5:d9:73:e2:e6:
                    5f:29:00:1b:2c:3d:ec:e6:ea:50:b0:57:22:a2:e9:
                    a6:7b:ae:cc:88:f8:92:be:be:ab:e3:dc:ae:b2:57:
                    08:d1:33:fa:b6:ff:02:63:e2:eb:3b:44:17:0f:8f:
                    df:b3:cb:c0:c1:7c:a8:96:60:11:e1:dd:ea:52:eb:
                    b5:d0:4d:10:b0:ff:69:b7:d7:f3:37:75:23:4b:23:
                    37:5d:e5:a5:f1:37:fb:d1:e9:1e:b2:93:b5:3c:2d:
                    49:41:ef:b6:e7:81:b0:4b:84:85:d3:46:d2:9b:04:
                    3d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:62:45:78:53:A4:C4:C9:7A:A1:0B:FB:32:E5:40:A9:22:8E:E2:FB
            X509v3 Authority Key Identifier:
                keyid:D7:88:85:19:81:CF:B3:C1:56:24:B6:E9:7F:60:A3:D9:91:D6:D9:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:00:5c:e1:8b:ec:ec:07:f6:6e:46:c3:23:58:70:54:43:c7:
         4d:e4:58:1e:56:cb:cb:4e:68:54:98:d5:b8:52:ed:24:fb:df:
         7c:95:a2:ff:76:3b:0c:6e:32:19:7c:09:fe:b9:d6:4e:ad:31:
         0e:56:d0:c2:b8:29:52:d2:df:45:2a:ee:fc:98:f4:1d:7a:55:
         c2:9e:03:8b:48:dd:c3:53:03:23:7a:67:80:c8:c4:e0:2e:da:
         67:20:8f:f6:d4:6d:db:3c:5b:76:80:d8:31:db:92:00:fd:53:
         a2:ff:23:cc:bf:e9:40:df:24:71:04:a5:da:59:b6:d7:4c:56:
         2b:e9:3e:1b:c3:48:cf:f7:2b:1c:00:5b:9e:e2:f6:8a:d0:82:
         59:3f:29:79:31:3f:aa:5b:a4:2c:5e:82:4f:3a:44:64:06:1b:
         f8:69:3e:bd:78:22:9e:98:f6:9b:2a:14:62:43:8c:d0:df:f2:
         99:1a:1a:18:0d:b2:ef:d3:0f:6f:d2:46:00:b1:ec:c0:7a:7f:
         47:1a:cd:ca:2b:61:fb:13:60:98:43:e4:78:ca:94:e0:23:ad:
         a4:4f:98:33:9d:f5:a6:6e:21:99:ae:ae:26:aa:33:26:2d:17:
         66:0a:fe:71:8b:cf:94:51:31:bb:b0:d4:8b:f0:4d:83:36:7a:
         74:5b:fc:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWUc9ZNWvm5qROg0cP6xQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ODg4NTE5ODFjZmIzYzE1NjI0YjZlOTdmNjBhM2Q5OTFk
NmQ5NjkwHhcNMjQxMTIzMDAwMDIyWhcNMjQxMTI0MDAwMDIyWjAzMTEwLwYDVQQD
Eyg5ZjYyNDU3ODUzYTRjNGM5N2FhMTBiZmIzMmU1NDBhOTIyOGVlMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriNxcHT5YM1DJeBHZSuMwVCByiEc
Pd0BinS+bZsfQTpbWVNTd0aUPcYkXFE26wvqqMuPBZnt7leR0Umx7pzyqfm1YnSK
AePAUP6GkjXW10B3N9N9+BW7VAVZs8FspAaLbSR/rR/Lu5Zg3LgdB/fbeUQCjGid
QYaR+IDqniRIcSrQXQqUPmfTJpQxkKDkcoLEtdlz4uZfKQAbLD3s5upQsFcioumm
e67MiPiSvr6r49yuslcI0TP6tv8CY+LrO0QXD4/fs8vAwXyolmAR4d3qUuu10E0Q
sP9pt9fzN3UjSyM3XeWl8Tf70ekespO1PC1JQe+254GwS4SF00bSmwQ9LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9iRXhTpMTJeqEL+zLlQKkijuL7MB8GA1UdIwQY
MBaAFNeIhRmBz7PBViS26X9go9mR1tlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZTIzMTEtZjlhMS00ODk2LTlkOTgt
ZDA4MDA0NDkzZDE0LzEvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZTIzMTEtZjlhMS00ODk2LTlkOTgtZDA4MDA0NDkzZDE0
LzEvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgBc4Yvs
7Af2bkbDI1hwVEPHTeRYHlbLy05oVJjVuFLtJPvffJWi/3Y7DG4yGXwJ/rnWTq0x
DlbQwrgpUtLfRSru/Jj0HXpVwp4Di0jdw1MDI3pngMjE4C7aZyCP9tRt2zxbdoDY
MduSAP1Tov8jzL/pQN8kcQSl2lm210xWK+k+G8NIz/crHABbnuL2itCCWT8peTE/
qlukLF6CTzpEZAYb+Gk+vXginpj2myoUYkOM0N/ymRoaGA2y79MPb9JGALHswHp/
RxrNyith+xNgmEPkeMqU4COtpE+YM531pm4hma6uJqozJi0XZgr+cYvPlFExu7DU
i/BNgzZ6dFv8vA==
-----END CERTIFICATE-----