Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          76QEcY3ohPkR8HC3/dk0YON+s2M8q+E9sGb0syequSo=
Subject key identifier:   45:6F:16:D1:FB:8A:3B:4B:55:80:97:3C:2A:18:AC:D6:18:26:9D:49
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019367EA5A2087063E584D43DBA02F7D850B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 10:00:31 +0000
Manifest this update:     Tue 26 Nov 2024 10:00:31 +0000
Manifest next update:     Wed 27 Nov 2024 10:00:31 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: N+maUlwI33dJxlqSfIHGFojrGok1FOqLTCa+64b4zok=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:67:ea:5a:20:87:06:3e:58:4d:43:db:a0:2f:7d:85:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Nov 26 10:00:31 2024 GMT
            Not After : Nov 27 10:00:31 2024 GMT
        Subject: CN=456f16d1fb8a3b4b5580973c2a18acd618269d49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:00:9e:c2:84:ef:df:f5:1e:fd:e1:99:3f:6a:
                    b7:bf:14:af:24:47:16:55:68:4f:59:95:5e:c8:39:
                    c2:e2:85:09:65:3c:4d:97:6b:40:20:c8:3f:d3:73:
                    23:c5:92:0a:2a:b6:3c:ed:e5:19:fa:d8:be:35:2e:
                    db:05:07:60:e9:69:92:8b:2b:6c:62:0e:68:32:03:
                    73:59:14:57:98:60:de:ac:f9:17:d9:10:45:8e:6f:
                    93:bc:87:e4:ae:f6:c8:a1:b5:8e:e1:11:4e:71:d7:
                    14:23:de:e1:8d:5c:2f:9c:6a:8a:81:f3:01:d8:3e:
                    50:75:34:8b:63:51:a5:d1:2f:34:cb:26:f7:1d:ff:
                    d4:f0:25:00:77:1e:db:0d:c4:1a:8b:02:79:69:3a:
                    49:4d:be:10:de:6f:da:fa:fb:a2:95:bf:82:86:bd:
                    90:e8:87:ae:b8:9c:b5:35:01:c5:06:ab:01:0b:25:
                    a5:de:33:a5:15:a2:ea:cd:2d:9e:99:85:6c:29:14:
                    2f:f1:d7:b7:e3:4c:17:08:2e:e7:ee:20:57:d1:ad:
                    ac:3f:31:22:b8:29:bc:e7:57:ad:d5:1e:f5:30:aa:
                    20:9f:a6:dd:a5:c5:7e:cd:0d:13:b5:f2:b0:0a:f5:
                    67:a7:c0:c3:2a:23:9c:8f:7c:c0:8b:01:1c:fa:e0:
                    c4:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:6F:16:D1:FB:8A:3B:4B:55:80:97:3C:2A:18:AC:D6:18:26:9D:49
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:7b:04:39:d7:e0:8b:1c:99:cc:6f:47:5f:28:c6:12:09:1f:
         b6:1b:94:a8:9c:71:1c:49:95:e3:b1:4a:1c:ae:25:e0:88:bd:
         6d:54:56:63:1e:bc:ba:f5:2d:4e:b1:b9:ca:d8:97:a7:0f:41:
         75:cc:41:06:a5:8f:9c:b8:d0:f3:c0:64:6f:f9:56:cb:7a:96:
         54:68:7a:df:8c:48:3f:e0:92:a0:84:93:90:a9:7c:64:4e:b0:
         31:25:8b:3e:7e:ec:53:84:75:4d:02:e9:f8:b6:ff:0e:44:ad:
         fd:a0:fe:e4:c8:a2:25:c8:b3:8c:3e:d7:bd:ae:1d:60:5b:fb:
         5b:4b:39:e4:ff:8d:08:24:be:77:cf:2b:1b:05:2e:48:51:ee:
         43:cb:29:37:2e:87:3b:b9:a7:a6:d9:0c:8d:99:fb:ad:a9:33:
         de:08:8f:3b:72:06:fb:16:fb:78:37:30:e8:bb:b9:2b:e0:91:
         f7:69:13:a2:2e:c2:79:93:d8:cc:ad:e3:9b:28:70:ef:d8:b2:
         fb:16:88:5d:56:31:46:19:6c:ae:3d:e4:ea:43:46:49:97:ad:
         1e:41:e0:28:b1:c6:89:c5:5d:10:97:76:cc:1b:a4:44:dd:0c:
         cb:45:ac:fb:b1:8f:86:91:d7:79:79:b4:cc:11:59:f0:5a:b0:
         85:19:c2:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNn6loghwY+WE1D26AvfYULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjQxMTI2MTAwMDMxWhcNMjQxMTI3MTAwMDMxWjAzMTEwLwYDVQQD
Eyg0NTZmMTZkMWZiOGEzYjRiNTU4MDk3M2MyYTE4YWNkNjE4MjY5ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wCewoTv3/Ue/eGZP2q3vxSvJEcW
VWhPWZVeyDnC4oUJZTxNl2tAIMg/03MjxZIKKrY87eUZ+ti+NS7bBQdg6WmSiyts
Yg5oMgNzWRRXmGDerPkX2RBFjm+TvIfkrvbIobWO4RFOcdcUI97hjVwvnGqKgfMB
2D5QdTSLY1Gl0S80yyb3Hf/U8CUAdx7bDcQaiwJ5aTpJTb4Q3m/a+vuilb+Chr2Q
6IeuuJy1NQHFBqsBCyWl3jOlFaLqzS2emYVsKRQv8de340wXCC7n7iBX0a2sPzEi
uCm851et1R71MKogn6bdpcV+zQ0TtfKwCvVnp8DDKiOcj3zAiwEc+uDE5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVvFtH7ijtLVYCXPCoYrNYYJp1JMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxXsEOdfg
ixyZzG9HXyjGEgkfthuUqJxxHEmV47FKHK4l4Ii9bVRWYx68uvUtTrG5ytiXpw9B
dcxBBqWPnLjQ88Bkb/lWy3qWVGh634xIP+CSoISTkKl8ZE6wMSWLPn7sU4R1TQLp
+Lb/DkSt/aD+5MiiJcizjD7Xva4dYFv7W0s55P+NCCS+d88rGwUuSFHuQ8spNy6H
O7mnptkMjZn7rakz3giPO3IG+xb7eDcw6Lu5K+CR92kToi7CeZPYzK3jmyhw79iy
+xaIXVYxRhlsrj3k6kNGSZetHkHgKLHGicVdEJd2zBukRN0My0Ws+7GPhpHXeXm0
zBFZ8FqwhRnCDw==
-----END CERTIFICATE-----