Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          a3U5y+mIuP/FsOSnORGBU7daO48oH2Qsiipvei0JVjg=
Subject key identifier:   FE:C2:4A:10:18:0F:40:9A:6F:A7:F3:D5:F3:CA:D4:D3:EA:3F:EC:3A
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       019367EC38614BB0A633A6418ED6F0667465
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          0594
Signing time:             Tue 26 Nov 2024 10:02:34 +0000
Manifest this update:     Tue 26 Nov 2024 10:02:34 +0000
Manifest next update:     Wed 27 Nov 2024 10:02:34 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: sAI1snejBYowai/RnGvNHneXoBzLHR3BV6AMMWaQVEk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:67:ec:38:61:4b:b0:a6:33:a6:41:8e:d6:f0:66:74:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Nov 26 10:02:34 2024 GMT
            Not After : Nov 27 10:02:34 2024 GMT
        Subject: CN=fec24a10180f409a6fa7f3d5f3cad4d3ea3fec3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b8:c4:3e:53:13:0d:6b:bb:18:ef:61:7f:70:
                    c0:ca:ed:6a:ec:af:0f:be:f0:8e:5d:7e:6f:bc:69:
                    0d:51:ef:f2:38:65:29:92:62:3d:e7:87:ee:5d:2e:
                    12:eb:1d:71:b9:fd:32:3f:af:87:7c:26:b2:b1:60:
                    39:28:92:96:99:11:5b:51:51:8b:36:d9:83:2e:57:
                    62:c7:bd:04:09:c8:3c:44:67:ca:8a:12:91:b8:6d:
                    aa:af:b1:8c:e8:db:fb:65:11:e3:f0:2d:3d:47:f8:
                    21:ab:fe:c7:18:81:f8:00:24:87:ff:25:c2:4a:2a:
                    66:7d:b6:51:36:03:50:6f:51:06:60:66:82:99:ed:
                    42:2a:bb:7e:eb:03:62:bd:66:71:b9:03:d4:38:33:
                    83:c9:e1:31:45:b1:18:f4:fd:5b:bd:ba:f9:74:74:
                    db:09:6c:32:11:3a:df:cd:5a:6e:65:03:29:37:c1:
                    df:cd:d8:fe:b7:d4:00:7a:21:0a:88:90:37:cf:21:
                    05:e0:0a:1b:11:47:c0:9a:18:01:7b:9e:2a:f1:65:
                    9a:a7:6b:f0:5f:c4:bc:f2:f8:75:8e:6e:39:49:17:
                    2e:d9:c2:58:c6:e9:70:94:46:c3:fb:74:2c:b6:fe:
                    6c:a0:6f:41:0b:5a:36:6b:8b:e2:f2:3b:aa:76:70:
                    30:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C2:4A:10:18:0F:40:9A:6F:A7:F3:D5:F3:CA:D4:D3:EA:3F:EC:3A
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:29:8c:ac:69:fd:ec:fe:27:6c:e0:7d:a1:6f:83:d7:52:07:
         f6:fc:70:e7:8b:54:5b:23:f6:32:55:90:de:79:ff:4c:be:50:
         57:53:19:29:65:b5:40:42:95:50:64:b0:be:84:ba:dc:0b:20:
         fd:1f:2c:4a:b4:94:4b:8d:09:f9:c8:5e:c3:7e:30:a6:7e:d6:
         86:17:bf:d1:04:1e:dc:1c:a5:0e:eb:fd:f4:18:88:c1:69:8d:
         ba:47:f5:6b:95:86:28:00:dc:8d:cf:f1:43:80:e9:e6:d5:a7:
         44:6d:0b:40:07:14:15:5a:73:61:ca:49:f1:23:0d:44:49:72:
         04:05:8d:da:10:d8:0f:91:91:3f:80:f8:21:bc:78:2e:91:5a:
         9b:d7:47:87:47:02:a7:21:03:7c:f4:be:ac:70:af:ff:bc:ed:
         f4:10:91:ad:cf:d0:ca:9c:76:0b:2a:35:e5:e2:75:24:f5:fa:
         57:30:df:b4:7c:10:b1:9a:74:73:2c:dd:11:8b:86:00:30:5c:
         52:1b:bc:25:f3:66:14:eb:39:8d:90:2f:c1:0f:98:e7:5c:04:
         01:c9:b8:b7:79:97:1a:d9:59:ac:b7:16:0f:5b:f6:5a:2b:18:
         4c:56:2e:68:9c:a9:e0:f9:6e:31:24:7a:59:5e:43:f8:9c:7f:
         f2:6c:d2:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNn7DhhS7CmM6ZBjtbwZnRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjQxMTI2MTAwMjM0WhcNMjQxMTI3MTAwMjM0WjAzMTEwLwYDVQQD
EyhmZWMyNGExMDE4MGY0MDlhNmZhN2YzZDVmM2NhZDRkM2VhM2ZlYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7jEPlMTDWu7GO9hf3DAyu1q7K8P
vvCOXX5vvGkNUe/yOGUpkmI954fuXS4S6x1xuf0yP6+HfCaysWA5KJKWmRFbUVGL
NtmDLldix70ECcg8RGfKihKRuG2qr7GM6Nv7ZRHj8C09R/ghq/7HGIH4ACSH/yXC
SipmfbZRNgNQb1EGYGaCme1CKrt+6wNivWZxuQPUODODyeExRbEY9P1bvbr5dHTb
CWwyETrfzVpuZQMpN8Hfzdj+t9QAeiEKiJA3zyEF4AobEUfAmhgBe54q8WWap2vw
X8S88vh1jm45SRcu2cJYxulwlEbD+3Qstv5soG9BC1o2a4vi8juqdnAw5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7CShAYD0Cab6fz1fPK1NPqP+w6MB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUCmMrGn9
7P4nbOB9oW+D11IH9vxw54tUWyP2MlWQ3nn/TL5QV1MZKWW1QEKVUGSwvoS63Asg
/R8sSrSUS40J+chew34wpn7Whhe/0QQe3BylDuv99BiIwWmNukf1a5WGKADcjc/x
Q4Dp5tWnRG0LQAcUFVpzYcpJ8SMNRElyBAWN2hDYD5GRP4D4Ibx4LpFam9dHh0cC
pyEDfPS+rHCv/7zt9BCRrc/Qypx2Cyo15eJ1JPX6VzDftHwQsZp0cyzdEYuGADBc
Uhu8JfNmFOs5jZAvwQ+Y51wEAcm4t3mXGtlZrLcWD1v2WisYTFYuaJyp4PluMSR6
WV5D+Jx/8mzSeg==
-----END CERTIFICATE-----