Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          nhx302PeKvHttSkyvQ8Bmn4rc9BrUzCoRYla9VFFGM4=
Subject key identifier:   AF:D3:F4:6B:B0:76:5B:9D:37:E3:5B:F5:7B:2E:F7:50:45:53:A9:F9
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019369DB11ADBE861ABCE03F7639F7E84886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          04BF
Signing time:             Tue 26 Nov 2024 19:03:04 +0000
Manifest this update:     Tue 26 Nov 2024 19:03:04 +0000
Manifest next update:     Wed 27 Nov 2024 19:03:04 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: OAuqby5PvhgStoWYGEfbRd3nvSOOJVxrRCKws17zpRk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:db:11:ad:be:86:1a:bc:e0:3f:76:39:f7:e8:48:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Nov 26 19:03:04 2024 GMT
            Not After : Nov 27 19:03:04 2024 GMT
        Subject: CN=afd3f46bb0765b9d37e35bf57b2ef7504553a9f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4d:89:1e:c2:67:c5:0e:b4:90:1c:df:71:27:
                    0e:42:81:e5:b6:fe:fa:6a:eb:4d:4d:f0:a0:56:ed:
                    ef:71:4f:31:e6:e0:bf:43:33:fd:72:ba:09:92:e6:
                    64:1b:91:94:4a:da:21:0d:02:27:ba:fa:7a:23:cc:
                    7a:db:fe:30:2f:4d:71:4b:39:cc:fd:31:8d:82:73:
                    1d:2d:e3:f0:49:10:f1:b6:93:5a:e9:be:96:64:ff:
                    5f:2c:7d:20:b8:a4:36:4a:7c:5f:4d:cf:a9:69:bf:
                    f7:59:7d:62:af:e9:76:33:c7:0a:b2:66:22:41:49:
                    71:d0:9a:72:c5:8d:77:1a:ad:b7:ed:13:0e:40:17:
                    39:06:6a:87:bb:72:3f:ef:bd:bf:a3:e9:24:1b:f4:
                    a8:44:fd:98:b1:23:d6:86:d0:4c:40:ad:f9:8f:f0:
                    08:8f:00:57:62:7a:c3:2e:5a:36:06:84:25:18:4d:
                    ce:de:ba:d8:34:9d:a9:ba:13:83:88:c6:38:8b:c0:
                    69:55:36:19:05:1b:88:bb:6c:49:71:1b:41:a5:10:
                    19:a7:1b:d0:a6:d8:91:24:9f:ee:97:29:57:f2:39:
                    7f:8f:24:8b:f3:f3:75:ea:97:93:e7:1a:8a:61:c8:
                    ac:9d:af:87:e9:47:cf:54:31:cb:a1:70:cc:2d:c4:
                    bd:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:D3:F4:6B:B0:76:5B:9D:37:E3:5B:F5:7B:2E:F7:50:45:53:A9:F9
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:6f:84:9f:a8:98:35:77:b0:d4:c4:8d:25:da:31:33:96:aa:
         e3:80:75:54:d8:3c:33:ee:c3:de:14:39:cf:40:ac:83:74:a5:
         a3:fb:dc:84:43:52:84:fb:13:71:c4:3c:c2:9a:41:43:0f:78:
         aa:85:a2:7a:56:57:c2:fb:1c:0d:89:09:a2:29:4b:2d:30:8a:
         70:ec:0e:15:a6:cc:eb:b0:30:32:95:9c:3b:f3:07:f0:1a:84:
         92:c1:09:8b:d3:7d:f9:e7:44:8b:4e:56:03:d8:5b:2f:25:11:
         7a:5d:70:4c:9e:09:33:9b:2f:8c:51:eb:5b:79:0e:61:c7:31:
         95:d7:f2:61:e5:39:12:2f:fe:61:16:3a:a9:bb:b1:60:28:05:
         25:44:a5:92:aa:ef:86:df:12:a5:9d:bd:20:5b:42:3a:18:3d:
         c4:f2:6d:a3:d4:cd:b8:54:3a:52:43:bf:8e:ef:85:1c:76:07:
         04:01:71:e0:0f:9a:fe:94:b3:a4:7e:fa:0c:0b:90:df:dd:d5:
         53:5f:d0:e7:c1:2b:59:0c:df:b1:25:98:fd:23:66:e3:2f:9a:
         45:08:30:d4:6a:4b:b4:d2:76:69:14:05:55:87:e6:83:4c:c2:
         d0:61:71:a1:11:6b:89:90:f5:2d:93:45:e4:12:8c:d9:fe:67:
         fb:f9:ba:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2xGtvoYavOA/djn36EiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjQxMTI2MTkwMzA0WhcNMjQxMTI3MTkwMzA0WjAzMTEwLwYDVQQD
EyhhZmQzZjQ2YmIwNzY1YjlkMzdlMzViZjU3YjJlZjc1MDQ1NTNhOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk2JHsJnxQ60kBzfcScOQoHltv76
autNTfCgVu3vcU8x5uC/QzP9croJkuZkG5GUStohDQInuvp6I8x62/4wL01xSznM
/TGNgnMdLePwSRDxtpNa6b6WZP9fLH0guKQ2SnxfTc+pab/3WX1ir+l2M8cKsmYi
QUlx0JpyxY13Gq237RMOQBc5BmqHu3I/772/o+kkG/SoRP2YsSPWhtBMQK35j/AI
jwBXYnrDLlo2BoQlGE3O3rrYNJ2puhODiMY4i8BpVTYZBRuIu2xJcRtBpRAZpxvQ
ptiRJJ/ulylX8jl/jySL8/N16peT5xqKYcisna+H6UfPVDHLoXDMLcS95wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/T9GuwdludN+Nb9Xsu91BFU6n5MB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2+En6iY
NXew1MSNJdoxM5aq44B1VNg8M+7D3hQ5z0Csg3Slo/vchENShPsTccQ8wppBQw94
qoWielZXwvscDYkJoilLLTCKcOwOFabM67AwMpWcO/MH8BqEksEJi9N9+edEi05W
A9hbLyURel1wTJ4JM5svjFHrW3kOYccxldfyYeU5Ei/+YRY6qbuxYCgFJUSlkqrv
ht8SpZ29IFtCOhg9xPJto9TNuFQ6UkO/ju+FHHYHBAFx4A+a/pSzpH76DAuQ393V
U1/Q58ErWQzfsSWY/SNm4y+aRQgw1GpLtNJ2aRQFVYfmg0zC0GFxoRFriZD1LZNF
5BKM2f5n+/m6QA==
-----END CERTIFICATE-----