Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
File:                     MKNPnR29IKqH-w9ivStsXjDGFKI.mft (raw, json)
Hash identifier:          j40MKl6KnIaciLKT8ZA0SkHtQhmgtR44Be5jAmXWmls=
Subject key identifier:   79:7B:F9:D6:09:B5:10:2F:21:46:41:0D:20:C7:81:77:C4:DF:8E:F3
Authority key identifier: 30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
Certificate issuer:       /CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Certificate serial:       018F87B65B2FFA494F0E806972529FBDB16E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
Manifest number:          0229
Signing time:             Fri 17 May 2024 18:00:26 +0000
Manifest this update:     Fri 17 May 2024 18:00:26 +0000
Manifest next update:     Sat 18 May 2024 18:00:26 +0000
Files and hashes:         1: MKNPnR29IKqH-w9ivStsXjDGFKI.crl (hash: DMXkXgvtpk9F4ZMuyWvh+BQOJHyzoMF1TKOSqqdN2P0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:5b:2f:fa:49:4f:0e:80:69:72:52:9f:bd:b1:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
        Validity
            Not Before: May 17 18:00:26 2024 GMT
            Not After : May 18 18:00:26 2024 GMT
        Subject: CN=797bf9d609b5102f2146410d20c78177c4df8ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1c:94:0f:f9:f7:20:6d:93:24:b0:2b:b9:a9:
                    56:f8:19:37:23:2a:d6:ee:e1:ee:31:94:9d:05:23:
                    31:6b:9c:6b:2b:79:aa:37:b8:75:87:00:67:f2:5b:
                    4e:43:c8:67:16:50:6a:29:8a:31:7d:ff:5b:04:91:
                    7f:64:e8:c8:7c:7e:ad:e5:eb:91:12:2a:fb:db:e3:
                    91:b7:f9:2a:68:4e:3d:9e:f3:13:4a:05:a3:78:7e:
                    ee:cb:01:4b:b3:ef:8a:a6:2a:7d:99:f9:c6:54:6d:
                    26:c5:be:da:08:bc:04:70:2f:17:3b:7f:b7:16:6d:
                    c5:f7:6f:13:15:b6:2a:2d:80:f3:53:a5:7d:02:8d:
                    f4:b5:f2:fb:ea:51:ec:b1:3b:6e:aa:64:6b:2a:9b:
                    fb:38:5f:66:7d:b1:8f:2a:88:9d:4b:e3:5a:a7:28:
                    5c:98:57:46:0d:3a:a8:95:40:59:71:f0:d2:a3:a4:
                    32:32:ec:69:fd:ef:e5:23:7a:39:18:a4:e7:7b:32:
                    d5:66:20:3c:db:19:2b:5f:1d:13:5a:c5:85:d7:34:
                    bc:ca:89:c9:7a:38:c9:08:e8:2d:a1:b7:7d:4e:78:
                    1b:b9:97:23:96:2a:82:c5:0a:ed:54:87:90:b9:57:
                    d2:15:e9:70:41:a6:9f:ba:75:88:9a:dc:d6:f7:67:
                    25:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:7B:F9:D6:09:B5:10:2F:21:46:41:0D:20:C7:81:77:C4:DF:8E:F3
            X509v3 Authority Key Identifier:
                keyid:30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:75:dc:5e:0d:a9:4c:1b:0e:e1:cc:ad:60:c0:2e:70:f8:46:
         af:6e:e3:63:bd:8c:2a:aa:3d:0d:d9:e1:eb:5c:ab:01:5c:45:
         a5:b4:45:da:cd:8a:bc:90:fc:5c:0f:f6:fa:f9:24:40:f0:23:
         9b:60:37:76:26:7b:f4:6f:85:ce:c4:da:aa:24:36:f3:38:21:
         06:1c:4c:e7:f2:9b:a2:dc:c5:75:2c:83:c3:91:e0:29:2c:35:
         6b:5e:53:9b:10:fe:7c:62:be:b9:89:67:47:5d:db:13:e9:2f:
         bb:5c:49:00:09:a7:5b:b9:b8:0b:4c:74:a7:5e:72:69:75:37:
         d6:c5:47:de:2b:cd:fb:71:dc:2b:9c:14:74:41:9c:09:8d:d7:
         38:19:45:1a:b6:aa:8b:e5:24:0f:06:26:3f:73:7d:09:e4:75:
         b0:0d:f4:f1:39:77:89:52:a8:bb:49:e5:65:76:de:6e:a1:32:
         db:4c:e1:58:f7:c1:2c:08:80:83:ab:18:c0:37:9f:5f:a2:ac:
         76:30:ad:b9:49:69:8c:f9:eb:93:44:bf:4c:b6:24:b6:ef:ab:
         71:2d:81:9f:db:27:dc:84:21:c8:b0:0c:6b:a2:af:de:13:47:
         1e:69:54:5c:20:7e:11:b0:4a:ca:6c:b5:a3:05:f8:14:54:bd:
         2d:2b:bd:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htlsv+klPDoBpclKfvbFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTM0ZjlkMWRiZDIwYWE4N2ZiMGY2MmJkMmI2YzVlMzBj
NjE0YTIwHhcNMjQwNTE3MTgwMDI2WhcNMjQwNTE4MTgwMDI2WjAzMTEwLwYDVQQD
Eyg3OTdiZjlkNjA5YjUxMDJmMjE0NjQxMGQyMGM3ODE3N2M0ZGY4ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxyUD/n3IG2TJLArualW+Bk3IyrW
7uHuMZSdBSMxa5xrK3mqN7h1hwBn8ltOQ8hnFlBqKYoxff9bBJF/ZOjIfH6t5euR
Eir72+ORt/kqaE49nvMTSgWjeH7uywFLs++Kpip9mfnGVG0mxb7aCLwEcC8XO3+3
Fm3F928TFbYqLYDzU6V9Ao30tfL76lHssTtuqmRrKpv7OF9mfbGPKoidS+Napyhc
mFdGDTqolUBZcfDSo6QyMuxp/e/lI3o5GKTnezLVZiA82xkrXx0TWsWF1zS8yonJ
ejjJCOgtobd9TngbuZcjliqCxQrtVIeQuVfSFelwQaafunWImtzW92cljwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHl7+dYJtRAvIUZBDSDHgXfE347zMB8GA1UdIwQY
MBaAFDCjT50dvSCqh/sPYr0rbF4wxhSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEt
ZWI2NTNkMzYyMmJiLzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEtZWI2NTNkMzYyMmJi
LzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsnXcXg2p
TBsO4cytYMAucPhGr27jY72MKqo9Ddnh61yrAVxFpbRF2s2KvJD8XA/2+vkkQPAj
m2A3diZ79G+FzsTaqiQ28zghBhxM5/KbotzFdSyDw5HgKSw1a15TmxD+fGK+uYln
R13bE+kvu1xJAAmnW7m4C0x0p15yaXU31sVH3ivN+3HcK5wUdEGcCY3XOBlFGraq
i+UkDwYmP3N9CeR1sA308Tl3iVKou0nlZXbebqEy20zhWPfBLAiAg6sYwDefX6Ks
djCtuUlpjPnrk0S/TLYktu+rcS2Bn9sn3IQhyLAMa6Kv3hNHHmlUXCB+EbBKymy1
owX4FFS9LSu9Ww==
-----END CERTIFICATE-----