Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.mft
File:                     o2ApslnXf2dY38twYITlGk7WP-0.mft (raw, json)
Hash identifier:          WrPVV8h/AzjiFmnbqT/lkg33EH+f4LiVUpz+HR/sH9A=
Subject key identifier:   2F:3B:98:5B:7A:40:15:28:A2:71:43:0C:23:2F:7F:DE:08:F2:FB:85
Authority key identifier: A3:60:29:B2:59:D7:7F:67:58:DF:CB:70:60:84:E5:1A:4E:D6:3F:ED
Certificate issuer:       /CN=a36029b259d77f6758dfcb706084e51a4ed63fed
Certificate serial:       019367EB821EA13D62D6D04CF97079831E2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2ApslnXf2dY38twYITlGk7WP-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.mft
Manifest number:          06E9
Signing time:             Tue 26 Nov 2024 10:01:47 +0000
Manifest this update:     Tue 26 Nov 2024 10:01:47 +0000
Manifest next update:     Wed 27 Nov 2024 10:01:47 +0000
Files and hashes:         1: o2ApslnXf2dY38twYITlGk7WP-0.crl (hash: ULfQ3HfvqkIlwXBUN/f3zqLx6q2DVq/zkVtt2sVipHY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o2ApslnXf2dY38twYITlGk7WP-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:67:eb:82:1e:a1:3d:62:d6:d0:4c:f9:70:79:83:1e:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36029b259d77f6758dfcb706084e51a4ed63fed
        Validity
            Not Before: Nov 26 10:01:47 2024 GMT
            Not After : Nov 27 10:01:47 2024 GMT
        Subject: CN=2f3b985b7a401528a271430c232f7fde08f2fb85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7d:c2:af:02:86:29:34:b6:3f:25:e4:2b:30:
                    5d:02:89:bd:5e:28:3b:c9:3e:fa:25:e1:10:94:2e:
                    d0:88:62:56:f1:89:cd:17:2c:d9:e0:44:c1:2c:95:
                    a4:af:a8:e8:d3:6c:f2:63:26:dc:5d:62:14:d2:13:
                    63:b6:ad:48:4b:cd:96:25:ce:f0:ae:25:c0:e9:51:
                    9d:6b:69:bf:bc:f0:23:14:58:73:00:0e:28:f0:a4:
                    77:71:dc:7f:31:3a:e7:a1:f2:6a:e8:a3:92:4e:35:
                    21:d1:8c:7a:b7:b6:d8:c1:5d:39:d2:5d:a2:db:b0:
                    01:17:26:68:c9:cd:f3:6d:e3:0f:a1:94:40:b4:46:
                    41:68:50:b2:9d:2b:5b:52:3d:1f:f0:b5:f2:eb:92:
                    af:25:a0:ff:04:54:ab:78:b5:84:09:f7:92:26:13:
                    8e:66:59:3e:55:e1:87:62:09:8f:6b:05:cb:d4:25:
                    1b:22:c4:b6:0c:f9:0e:fb:a9:f0:0d:b2:be:b0:ea:
                    ad:b5:c7:69:a5:63:4e:1c:15:14:55:61:25:cb:e4:
                    02:73:70:b2:d1:da:77:5e:5a:10:37:77:02:00:ba:
                    24:e2:03:74:cc:73:34:f5:f1:9a:b6:71:69:1a:72:
                    6b:61:70:5a:b3:59:d3:ce:a3:1f:a6:5a:60:64:77:
                    7c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:3B:98:5B:7A:40:15:28:A2:71:43:0C:23:2F:7F:DE:08:F2:FB:85
            X509v3 Authority Key Identifier:
                keyid:A3:60:29:B2:59:D7:7F:67:58:DF:CB:70:60:84:E5:1A:4E:D6:3F:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2ApslnXf2dY38twYITlGk7WP-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7d82a1-4e1b-46d7-83bb-211b62485666/1/o2ApslnXf2dY38twYITlGk7WP-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:98:e6:39:8d:22:86:61:eb:94:58:f7:eb:39:30:30:08:53:
         f1:de:30:3e:53:01:f9:17:24:66:2e:ef:60:49:70:d3:61:4e:
         86:60:b6:ec:4d:fb:7b:73:ae:ea:c8:93:b9:b2:4c:72:bc:07:
         5d:74:d7:12:29:41:6d:2b:da:6d:51:b5:d5:09:a9:bb:dc:bd:
         c2:a5:11:59:a5:b0:f5:c3:83:6d:3c:56:68:52:a2:df:cd:87:
         31:4d:bc:7b:7f:4a:a5:35:07:80:23:20:d0:e3:02:fd:92:ca:
         27:1d:aa:bd:56:7d:a5:a8:df:e3:20:df:f9:a3:35:7f:7f:38:
         d2:e5:3e:e8:af:83:48:bf:97:f5:06:f4:e3:03:1d:bb:33:f0:
         f3:03:f8:6f:3e:26:4e:27:14:6a:3c:e1:b4:1b:2c:a2:d3:6c:
         ef:d6:ed:98:7f:b9:2f:3a:49:18:8b:0f:92:67:57:a1:ed:2f:
         94:b7:45:e5:9c:a9:76:be:5e:e2:fb:9d:52:e0:83:8c:58:4a:
         3c:14:fc:c6:27:5f:54:6a:38:47:d2:57:f0:db:15:26:b9:b7:
         4c:8f:7d:3f:b7:6e:45:2c:f7:1c:5e:77:b1:6a:bc:4a:78:d7:
         c3:e9:e1:34:8f:fb:34:2d:c1:68:35:88:bf:23:92:ba:5c:5e:
         79:4a:6f:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNn64IeoT1i1tBM+XB5gx4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjAyOWIyNTlkNzdmNjc1OGRmY2I3MDYwODRlNTFhNGVk
NjNmZWQwHhcNMjQxMTI2MTAwMTQ3WhcNMjQxMTI3MTAwMTQ3WjAzMTEwLwYDVQQD
EygyZjNiOTg1YjdhNDAxNTI4YTI3MTQzMGMyMzJmN2ZkZTA4ZjJmYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH3CrwKGKTS2PyXkKzBdAom9Xig7
yT76JeEQlC7QiGJW8YnNFyzZ4ETBLJWkr6jo02zyYybcXWIU0hNjtq1IS82WJc7w
riXA6VGda2m/vPAjFFhzAA4o8KR3cdx/MTrnofJq6KOSTjUh0Yx6t7bYwV050l2i
27ABFyZoyc3zbeMPoZRAtEZBaFCynStbUj0f8LXy65KvJaD/BFSreLWECfeSJhOO
Zlk+VeGHYgmPawXL1CUbIsS2DPkO+6nwDbK+sOqttcdppWNOHBUUVWEly+QCc3Cy
0dp3XloQN3cCALok4gN0zHM09fGatnFpGnJrYXBas1nTzqMfplpgZHd8rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC87mFt6QBUoonFDDCMvf94I8vuFMB8GA1UdIwQY
MBaAFKNgKbJZ139nWN/LcGCE5RpO1j/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJBcHNsblhmMmRZMzh0d1lJVGxHazdXUC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC83ZDgyYTEtNGUxYi00NmQ3LTgzYmIt
MjExYjYyNDg1NjY2LzEvbzJBcHNsblhmMmRZMzh0d1lJVGxHazdXUC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC83ZDgyYTEtNGUxYi00NmQ3LTgzYmItMjExYjYyNDg1NjY2
LzEvbzJBcHNsblhmMmRZMzh0d1lJVGxHazdXUC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5jmOY0i
hmHrlFj36zkwMAhT8d4wPlMB+RckZi7vYElw02FOhmC27E37e3Ou6siTubJMcrwH
XXTXEilBbSvabVG11Qmpu9y9wqURWaWw9cODbTxWaFKi382HMU28e39KpTUHgCMg
0OMC/ZLKJx2qvVZ9pajf4yDf+aM1f3840uU+6K+DSL+X9Qb04wMduzPw8wP4bz4m
TicUajzhtBssotNs79btmH+5LzpJGIsPkmdXoe0vlLdF5Zypdr5e4vudUuCDjFhK
PBT8xidfVGo4R9JX8NsVJrm3TI99P7duRSz3HF53sWq8SnjXw+nhNI/7NC3BaDWI
vyOSulxeeUpviA==
-----END CERTIFICATE-----