Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          ZCLn/7rAnGk+rRJbtYDDMXYS9hIAL/uLqaluIbgD3KI=
Subject key identifier:   14:3B:C6:2C:2E:73:5D:A5:3B:00:38:71:D5:49:A1:74:6B:F4:3A:EA
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       018F874A6994F95B468A5C7EA055EC3FCCE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0162
Signing time:             Fri 17 May 2024 16:02:31 +0000
Manifest this update:     Fri 17 May 2024 16:02:31 +0000
Manifest next update:     Sat 18 May 2024 16:02:31 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: r6Cgk5euY7iy/sdM2dlNB+PaF0QK2d2gOwAPI/1mo/U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:69:94:f9:5b:46:8a:5c:7e:a0:55:ec:3f:cc:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: May 17 16:02:31 2024 GMT
            Not After : May 18 16:02:31 2024 GMT
        Subject: CN=143bc62c2e735da53b003871d549a1746bf43aea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a9:0b:5b:8f:25:ce:24:1b:27:d0:a8:19:6c:
                    c1:f0:c0:2d:9d:99:43:51:e1:21:71:5f:49:73:f3:
                    62:40:c5:1f:c5:fa:fb:bc:dd:26:fc:62:ce:51:6a:
                    bf:05:36:03:f4:e1:87:35:92:fb:5d:d5:7f:c6:33:
                    7e:2a:72:0d:01:fd:9a:7e:69:9d:95:25:eb:27:d1:
                    3d:f5:d6:ef:83:af:d5:df:43:bf:3c:ca:09:e5:d6:
                    75:25:5a:66:7c:78:ac:29:f0:62:8e:e4:03:b6:4e:
                    87:5a:4c:26:26:cf:da:74:3f:e3:ca:16:96:1b:81:
                    3d:fb:ea:d3:bc:88:24:d6:7a:bb:05:d1:fb:ee:01:
                    9b:fc:7e:6c:0d:c0:0a:db:c8:b8:c7:23:8d:21:04:
                    66:14:dc:b2:83:e1:95:67:00:3e:f1:5a:41:d9:20:
                    94:44:fd:9f:a2:5c:0e:df:37:36:7f:04:87:1a:df:
                    1f:a6:24:8b:44:7c:c4:e6:40:d5:43:ff:5b:38:21:
                    6d:47:e6:a3:d2:7e:26:b1:09:a3:9f:1f:f9:0a:fd:
                    55:6b:7f:1a:bc:72:c0:79:08:c8:4a:ef:5a:3f:67:
                    20:20:bb:97:f6:64:4f:ee:b4:28:7b:04:42:4a:df:
                    c2:be:69:33:63:1a:38:3b:f1:c3:5b:05:d7:e8:41:
                    67:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:3B:C6:2C:2E:73:5D:A5:3B:00:38:71:D5:49:A1:74:6B:F4:3A:EA
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:6a:3c:5e:eb:69:70:2b:30:f1:59:a3:43:f8:47:cc:30:7b:
         ba:a6:87:85:e9:1f:37:15:ad:20:d6:79:ff:c5:28:88:f8:65:
         13:04:ee:66:96:b0:69:cf:5d:77:09:1f:d3:59:d1:55:b0:a2:
         2d:8a:76:44:cd:98:47:1f:3a:f8:fb:5e:77:82:7f:cb:26:28:
         65:93:0d:19:97:c5:d3:39:98:37:4e:3a:bb:d7:f4:bb:a7:b8:
         80:da:c1:3e:26:a5:28:06:e7:37:32:c0:e2:88:2d:e5:c9:31:
         8a:98:98:65:95:25:b8:e9:ad:71:18:68:1a:2e:16:85:8d:e5:
         06:a5:21:ab:ac:32:a1:a6:c6:ec:7a:5f:1b:e4:80:74:4c:da:
         f8:6a:57:09:29:a4:7b:27:b5:c5:61:f8:62:2a:6b:06:1f:d6:
         e9:2c:5a:98:90:f9:35:e9:21:72:37:6b:2f:54:63:c6:fc:ec:
         16:3f:cf:bc:5d:da:62:b6:e4:03:0a:17:09:66:f9:92:89:a8:
         09:19:d1:87:c7:17:8d:ad:eb:e1:5f:4a:f0:5d:cf:82:e1:36:
         ca:ab:b0:c2:a1:80:81:d5:d7:a0:2b:49:90:5a:74:dd:70:87:
         e1:73:49:d6:63:c3:51:83:05:b1:59:e0:4c:20:0d:2a:01:77:
         b6:0f:e1:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSmmU+VtGilx+oFXsP8zpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjQwNTE3MTYwMjMxWhcNMjQwNTE4MTYwMjMxWjAzMTEwLwYDVQQD
EygxNDNiYzYyYzJlNzM1ZGE1M2IwMDM4NzFkNTQ5YTE3NDZiZjQzYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqkLW48lziQbJ9CoGWzB8MAtnZlD
UeEhcV9Jc/NiQMUfxfr7vN0m/GLOUWq/BTYD9OGHNZL7XdV/xjN+KnINAf2afmmd
lSXrJ9E99dbvg6/V30O/PMoJ5dZ1JVpmfHisKfBijuQDtk6HWkwmJs/adD/jyhaW
G4E9++rTvIgk1nq7BdH77gGb/H5sDcAK28i4xyONIQRmFNyyg+GVZwA+8VpB2SCU
RP2folwO3zc2fwSHGt8fpiSLRHzE5kDVQ/9bOCFtR+aj0n4msQmjnx/5Cv1Va38a
vHLAeQjISu9aP2cgILuX9mRP7rQoewRCSt/CvmkzYxo4O/HDWwXX6EFnrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQ7xiwuc12lOwA4cdVJoXRr9DrqMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVGo8Xutp
cCsw8VmjQ/hHzDB7uqaHhekfNxWtINZ5/8UoiPhlEwTuZpawac9ddwkf01nRVbCi
LYp2RM2YRx86+Pted4J/yyYoZZMNGZfF0zmYN046u9f0u6e4gNrBPialKAbnNzLA
4ogt5ckxipiYZZUluOmtcRhoGi4WhY3lBqUhq6wyoabG7HpfG+SAdEza+GpXCSmk
eye1xWH4YiprBh/W6SxamJD5NekhcjdrL1RjxvzsFj/PvF3aYrbkAwoXCWb5komo
CRnRh8cXja3r4V9K8F3PguE2yquwwqGAgdXXoCtJkFp03XCH4XNJ1mPDUYMFsVng
TCANKgF3tg/hlQ==
-----END CERTIFICATE-----