Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
File:                     OXy939eSBtZcTugWjq9ucJAg-V0.mft (raw, json)
Hash identifier:          LIdRnjW3sto/TDQogABRWflsyudjA7B89rBtt8vbFvA=
Subject key identifier:   51:2C:D4:C3:EA:0A:94:31:13:DD:CB:16:3A:03:F0:3F:55:E2:45:56
Authority key identifier: 39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D
Certificate issuer:       /CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
Certificate serial:       018F874936521D2FF28DEE45C4B70289C4FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
Manifest number:          0537
Signing time:             Fri 17 May 2024 16:01:13 +0000
Manifest this update:     Fri 17 May 2024 16:01:13 +0000
Manifest next update:     Sat 18 May 2024 16:01:13 +0000
Files and hashes:         1: OXy939eSBtZcTugWjq9ucJAg-V0.crl (hash: cfbkXY6PE7mpAwRcIj4LLCZhofyOviYN+hqXkrwGnqw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:36:52:1d:2f:f2:8d:ee:45:c4:b7:02:89:c4:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
        Validity
            Not Before: May 17 16:01:13 2024 GMT
            Not After : May 18 16:01:13 2024 GMT
        Subject: CN=512cd4c3ea0a943113ddcb163a03f03f55e24556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:97:d5:50:61:bd:5c:09:93:db:ec:64:7a:1b:
                    6a:6d:51:9d:39:58:07:0a:be:41:1d:b1:40:e3:40:
                    04:0f:1e:ea:1b:9d:7f:4f:98:92:af:a9:70:eb:b2:
                    1e:22:c0:c2:10:85:70:1f:aa:ca:a5:13:04:06:c4:
                    aa:89:98:b4:78:9f:ae:44:b5:d6:7b:fd:dc:4f:f9:
                    10:6b:c1:22:f1:03:13:dc:b4:55:ec:38:27:28:ac:
                    c6:2d:c0:9d:81:1b:5e:18:f8:38:78:fd:02:44:c9:
                    8f:8d:4b:18:ec:02:29:99:7b:4e:08:67:74:c0:47:
                    49:86:fa:0b:82:9b:5e:07:a1:63:93:9b:ff:e5:4c:
                    f5:71:7e:56:f2:74:59:23:0f:0a:93:1c:5d:36:b6:
                    22:f5:33:2d:f3:07:52:25:92:ff:93:0f:50:4e:68:
                    2e:51:6b:53:5e:f1:3a:72:8f:3f:68:f6:92:41:41:
                    59:18:da:e1:01:6b:e6:35:49:41:2b:1b:ee:2e:b0:
                    bd:53:c2:28:3f:e8:7e:5d:9b:51:11:25:07:ca:7d:
                    37:cc:25:e1:37:57:f4:74:81:b4:6a:fe:e1:93:d6:
                    b3:6e:f9:74:45:bb:af:f8:e6:4f:4f:59:21:7e:8e:
                    9d:89:8d:7f:e9:be:76:17:d4:99:93:94:c3:5a:e7:
                    8f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:2C:D4:C3:EA:0A:94:31:13:DD:CB:16:3A:03:F0:3F:55:E2:45:56
            X509v3 Authority Key Identifier:
                keyid:39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:a1:d0:60:8f:c0:cd:87:99:6b:cf:10:2a:b7:83:87:1a:c4:
         a2:55:70:c8:c1:78:1d:b1:3c:d8:fe:3a:95:4a:f5:c8:07:cc:
         5d:7a:39:78:08:5c:5f:36:e7:b1:98:98:03:fc:ad:96:fd:36:
         3a:31:42:df:9d:c1:db:e0:a2:92:94:25:b6:f2:81:46:1c:fb:
         aa:15:bb:f5:c3:ed:30:2b:83:f0:57:24:fb:39:0a:96:31:79:
         db:c7:0b:8e:ab:d7:23:e3:8b:2f:f9:72:51:bf:0e:b3:12:9e:
         3f:63:88:92:97:47:ee:9b:37:03:81:80:65:f3:3c:05:bd:fd:
         f9:78:3d:48:b0:55:91:54:b7:cf:f2:f9:d3:f8:fb:a2:da:ec:
         b0:85:d6:b3:c0:d2:05:29:30:e4:90:f1:ab:ed:e8:a3:81:fe:
         7c:05:de:48:35:46:ac:e5:b1:7f:77:5f:1e:4f:4d:a1:fb:6a:
         66:8f:61:83:d8:d1:a5:a2:b1:7a:e5:c5:51:ff:80:e9:01:d1:
         f2:5b:44:45:35:bf:9b:78:fa:f2:d7:3e:f5:19:37:6e:a0:3b:
         f6:d3:13:dd:f0:b8:d4:65:b4:42:12:f1:68:b3:bd:1e:82:96:
         f9:15:04:c9:a6:cd:ac:bf:22:f7:83:87:f4:1f:f9:63:58:f7:
         d7:9f:da:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSTZSHS/yje5FxLcCicT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2NiZGRmZDc5MjA2ZDY1YzRlZTgxNjhlYWY2ZTcwOTAy
MGY5NWQwHhcNMjQwNTE3MTYwMTEzWhcNMjQwNTE4MTYwMTEzWjAzMTEwLwYDVQQD
Eyg1MTJjZDRjM2VhMGE5NDMxMTNkZGNiMTYzYTAzZjAzZjU1ZTI0NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJfVUGG9XAmT2+xkehtqbVGdOVgH
Cr5BHbFA40AEDx7qG51/T5iSr6lw67IeIsDCEIVwH6rKpRMEBsSqiZi0eJ+uRLXW
e/3cT/kQa8Ei8QMT3LRV7DgnKKzGLcCdgRteGPg4eP0CRMmPjUsY7AIpmXtOCGd0
wEdJhvoLgpteB6Fjk5v/5Uz1cX5W8nRZIw8KkxxdNrYi9TMt8wdSJZL/kw9QTmgu
UWtTXvE6co8/aPaSQUFZGNrhAWvmNUlBKxvuLrC9U8IoP+h+XZtRESUHyn03zCXh
N1f0dIG0av7hk9azbvl0Rbuv+OZPT1khfo6diY1/6b52F9SZk5TDWueP2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEs1MPqCpQxE93LFjoD8D9V4kVWMB8GA1UdIwQY
MBaAFDl8vd/XkgbWXE7oFo6vbnCQIPldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2Mt
YTZiMGZkZTIxOTA2LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2MtYTZiMGZkZTIxOTA2
LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqHQYI/A
zYeZa88QKreDhxrEolVwyMF4HbE82P46lUr1yAfMXXo5eAhcXzbnsZiYA/ytlv02
OjFC353B2+CikpQltvKBRhz7qhW79cPtMCuD8Fck+zkKljF528cLjqvXI+OLL/ly
Ub8OsxKeP2OIkpdH7ps3A4GAZfM8Bb39+Xg9SLBVkVS3z/L50/j7otrssIXWs8DS
BSkw5JDxq+3oo4H+fAXeSDVGrOWxf3dfHk9NoftqZo9hg9jRpaKxeuXFUf+A6QHR
8ltERTW/m3j68tc+9Rk3bqA79tMT3fC41GW0QhLxaLO9HoKW+RUEyabNrL8i94OH
9B/5Y1j315/aTw==
-----END CERTIFICATE-----