Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          xm7ffmcJhc/6Tn4ZbK1RrlIAnJc5w5kozDF0L9fEYzA=
Subject key identifier:   31:D6:DA:17:C9:86:FF:7A:BA:44:54:1E:D6:66:85:D6:C6:83:25:79
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       018F88925CED5D037D6194C71BB762231BB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 22:00:44 +0000
Manifest this update:     Fri 17 May 2024 22:00:44 +0000
Manifest next update:     Sat 18 May 2024 22:00:44 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: tzSE9oCSH7e8XUA6Qv+Sk3A3gyHl5FDFxwTBwjVBpO8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:5c:ed:5d:03:7d:61:94:c7:1b:b7:62:23:1b:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: May 17 22:00:44 2024 GMT
            Not After : May 18 22:00:44 2024 GMT
        Subject: CN=31d6da17c986ff7aba44541ed66685d6c6832579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8f:35:c5:15:01:eb:17:ed:23:25:a1:6a:b1:
                    b8:fe:d6:1e:4d:8b:1c:27:9c:07:39:c1:e4:2d:f7:
                    e5:c1:d2:6b:1b:09:3a:04:5c:e6:d8:d5:50:15:b6:
                    66:bd:08:78:da:55:b0:27:03:d7:25:97:ac:b6:f6:
                    f0:c2:7d:b1:fa:03:98:f4:76:ce:d7:28:90:f8:96:
                    d9:ad:39:08:96:3f:a9:a8:13:ff:81:80:2a:44:9b:
                    a2:06:1c:e2:ee:fb:29:74:48:b1:a7:bd:29:68:1c:
                    c4:d8:90:b3:5c:bf:b0:7a:d2:ad:e0:c8:ee:26:86:
                    8e:79:b6:49:f2:7f:75:48:7f:c7:ae:c8:82:ea:eb:
                    14:1e:e8:be:fc:b8:51:34:47:a3:b7:4d:be:d3:a2:
                    8c:de:a0:01:04:28:e7:b0:ed:3c:9a:f8:b4:3b:09:
                    32:62:78:e2:0c:a2:0b:0d:ae:32:6e:7b:7c:5c:a0:
                    c1:33:df:05:ee:55:fe:7f:44:65:ca:6d:6d:e7:b9:
                    11:a4:8f:bf:0c:91:ae:11:3d:28:af:88:9d:5d:1c:
                    a8:d7:14:43:ad:0d:5b:a2:9c:80:af:2b:fe:8e:f5:
                    8b:2a:e6:7c:7d:45:a4:7d:c7:0f:38:49:22:b5:6a:
                    2e:52:ab:2d:b7:66:b7:93:0d:d6:70:c7:4f:b8:54:
                    4e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:D6:DA:17:C9:86:FF:7A:BA:44:54:1E:D6:66:85:D6:C6:83:25:79
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:32:cd:68:46:b3:20:1f:48:fb:3a:76:c2:93:17:0d:6c:cd:
         23:9e:e6:b4:7b:46:9e:7b:25:0d:96:11:a3:53:fa:29:3a:66:
         c4:fe:08:88:1a:e7:cb:fd:81:cf:08:ce:6c:9e:4d:12:02:b5:
         84:2d:d8:72:b7:3b:80:84:75:96:ec:4c:0c:13:c4:f7:81:20:
         97:43:99:db:34:34:9a:93:c5:cf:8f:f3:14:4b:b6:b5:b9:5e:
         ab:4d:5f:35:40:83:4c:45:b4:e9:12:09:0b:09:fa:b0:f0:af:
         d5:a3:18:ed:53:51:3f:ad:0d:89:8e:7c:53:7d:eb:e5:b2:51:
         0e:d6:c1:f6:69:f7:2f:44:47:9a:38:b4:54:c2:04:2b:4f:ef:
         aa:27:2b:17:74:0e:51:69:8f:3a:fd:b4:ce:ba:48:23:32:76:
         3b:4a:14:25:36:66:63:a6:68:d3:e3:2b:5e:c8:14:84:b8:15:
         72:8a:6a:b8:0b:70:b5:e3:c3:31:ac:f1:5d:22:9e:79:cc:39:
         68:e8:9c:56:36:6d:59:20:c4:73:f7:d6:82:36:b8:c8:15:7b:
         20:c7:35:30:0a:bd:33:19:e6:c0:f3:63:be:12:da:09:7f:4b:
         de:60:a1:b0:36:33:c8:ed:61:15:63:87:7a:e5:1c:e6:72:07:
         3a:41:d0:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IklztXQN9YZTHG7diIxu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjQwNTE3MjIwMDQ0WhcNMjQwNTE4MjIwMDQ0WjAzMTEwLwYDVQQD
EygzMWQ2ZGExN2M5ODZmZjdhYmE0NDU0MWVkNjY2ODVkNmM2ODMyNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1481xRUB6xftIyWharG4/tYeTYsc
J5wHOcHkLfflwdJrGwk6BFzm2NVQFbZmvQh42lWwJwPXJZestvbwwn2x+gOY9HbO
1yiQ+JbZrTkIlj+pqBP/gYAqRJuiBhzi7vspdEixp70paBzE2JCzXL+wetKt4Mju
JoaOebZJ8n91SH/HrsiC6usUHui+/LhRNEejt02+06KM3qABBCjnsO08mvi0Owky
YnjiDKILDa4ybnt8XKDBM98F7lX+f0Rlym1t57kRpI+/DJGuET0or4idXRyo1xRD
rQ1bopyAryv+jvWLKuZ8fUWkfccPOEkitWouUqstt2a3kw3WcMdPuFROAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHW2hfJhv96ukRUHtZmhdbGgyV5MB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzLNaEaz
IB9I+zp2wpMXDWzNI57mtHtGnnslDZYRo1P6KTpmxP4IiBrny/2BzwjObJ5NEgK1
hC3Ycrc7gIR1luxMDBPE94Egl0OZ2zQ0mpPFz4/zFEu2tbleq01fNUCDTEW06RIJ
Cwn6sPCv1aMY7VNRP60NiY58U33r5bJRDtbB9mn3L0RHmji0VMIEK0/vqicrF3QO
UWmPOv20zrpIIzJ2O0oUJTZmY6Zo0+MrXsgUhLgVcopquAtwtePDMazxXSKeecw5
aOicVjZtWSDEc/fWgja4yBV7IMc1MAq9MxnmwPNjvhLaCX9L3mChsDYzyO1hFWOH
euUc5nIHOkHQoA==
-----END CERTIFICATE-----