Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          JKDPhkvCgfOUSI9YxkFZDTYEQsONgD/QFKJxo45lQX0=
Subject key identifier:   E4:2E:56:1F:43:A7:D5:4F:DE:87:50:5D:22:86:2F:B7:05:3C:29:A9
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       0191F9D985D5480A35D66561CE10F9747CE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          C6
Signing time:             Mon 16 Sep 2024 08:01:07 +0000
Manifest this update:     Mon 16 Sep 2024 08:01:07 +0000
Manifest next update:     Tue 17 Sep 2024 08:01:07 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: OLh32o0LiQ/ix5XmamVTRHKaxOFpNV6rJ60w8hxKzek=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 08:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:d9:85:d5:48:0a:35:d6:65:61:ce:10:f9:74:7c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Sep 16 08:01:07 2024 GMT
            Not After : Sep 17 08:01:07 2024 GMT
        Subject: CN=e42e561f43a7d54fde87505d22862fb7053c29a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f5:e9:eb:cc:2f:09:49:27:94:1f:9a:f0:4f:
                    d8:ac:bf:73:4c:4e:cd:e2:95:8d:60:82:af:f8:70:
                    f3:8a:ca:29:58:e9:8f:d4:9b:19:5d:3b:02:ad:75:
                    11:70:bd:7b:bb:3f:20:36:8f:f7:8e:ba:20:3b:82:
                    65:7d:17:8f:28:f7:8b:ec:1d:a7:38:e6:61:ee:66:
                    dd:28:27:7c:36:d3:50:b3:a4:2d:95:94:c2:eb:29:
                    b2:98:f7:95:cc:d9:38:51:2d:5b:83:9e:77:6b:93:
                    56:f3:da:67:a7:56:39:6f:8b:51:37:35:dd:47:ba:
                    05:fd:6d:bd:44:58:42:cf:59:72:a9:1b:a9:ce:87:
                    7b:4b:ec:dc:8a:41:0e:09:a5:a6:b9:74:4b:33:18:
                    39:99:b9:2a:7a:6f:1b:00:fc:8d:e9:14:ca:e2:b6:
                    71:ab:b7:9f:39:e9:c9:7b:ea:fa:b2:80:6e:8d:d1:
                    6a:33:ca:75:83:ee:06:b6:3b:2c:21:5c:18:15:77:
                    c9:df:8c:e7:41:14:de:da:35:ee:1f:9b:9a:42:4e:
                    16:d5:1b:10:7f:49:78:4a:56:10:0a:a4:e4:18:69:
                    c2:17:b2:91:33:44:d4:03:ad:0e:b2:92:6a:c1:15:
                    b2:ef:d8:e3:7f:8f:d6:89:05:b7:62:db:0e:c8:08:
                    87:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:2E:56:1F:43:A7:D5:4F:DE:87:50:5D:22:86:2F:B7:05:3C:29:A9
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:56:ce:36:ac:26:2e:84:dc:91:1d:76:f9:01:0e:28:51:d5:
         b9:33:24:b2:7a:1f:57:16:57:3a:f1:14:88:85:ae:3f:1c:ed:
         c3:78:9d:da:ee:e9:97:69:f4:0a:31:dc:3a:59:ac:a1:a5:bc:
         c0:d0:8c:57:81:3d:e5:e9:60:33:36:4e:37:96:b6:79:be:e5:
         8d:75:a1:a4:be:5a:39:73:e7:ca:5d:85:03:a7:98:54:d2:2b:
         ca:b1:ce:51:96:35:8a:f3:b8:f7:28:f8:20:fb:04:01:b3:60:
         d1:e9:29:4c:c9:e7:d7:2f:18:5b:7f:03:a3:fe:fa:a3:56:74:
         8b:18:e4:4c:ea:04:b1:15:9a:16:5b:79:c1:68:cf:79:35:76:
         fa:f9:94:4f:63:26:31:c1:31:cf:7d:60:0c:23:c4:e2:79:3e:
         ab:ed:59:98:52:92:14:7d:f6:12:f8:65:15:44:3a:fc:ee:89:
         5d:db:f2:a5:5d:fb:bc:83:e5:1b:2a:7c:d7:d4:79:90:a5:20:
         10:b6:b4:b8:0d:b8:18:37:84:03:16:34:d4:04:62:76:d5:0e:
         f6:0a:7d:d8:36:30:61:58:45:23:7f:21:1c:9e:d0:72:a9:a5:
         a8:6d:ec:1b:a2:94:dd:b5:df:84:6f:49:46:14:b7:62:40:d9:
         c7:26:97:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH52YXVSAo11mVhzhD5dHzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjQwOTE2MDgwMTA3WhcNMjQwOTE3MDgwMTA3WjAzMTEwLwYDVQQD
EyhlNDJlNTYxZjQzYTdkNTRmZGU4NzUwNWQyMjg2MmZiNzA1M2MyOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfXp68wvCUknlB+a8E/YrL9zTE7N
4pWNYIKv+HDzisopWOmP1JsZXTsCrXURcL17uz8gNo/3jrogO4JlfRePKPeL7B2n
OOZh7mbdKCd8NtNQs6QtlZTC6ymymPeVzNk4US1bg553a5NW89pnp1Y5b4tRNzXd
R7oF/W29RFhCz1lyqRupzod7S+zcikEOCaWmuXRLMxg5mbkqem8bAPyN6RTK4rZx
q7efOenJe+r6soBujdFqM8p1g+4GtjssIVwYFXfJ34znQRTe2jXuH5uaQk4W1RsQ
f0l4SlYQCqTkGGnCF7KRM0TUA60OspJqwRWy79jjf4/WiQW3YtsOyAiHkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQuVh9Dp9VP3odQXSKGL7cFPCmpMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFbONqwm
LoTckR12+QEOKFHVuTMksnofVxZXOvEUiIWuPxztw3id2u7pl2n0CjHcOlmsoaW8
wNCMV4E95elgMzZON5a2eb7ljXWhpL5aOXPnyl2FA6eYVNIryrHOUZY1ivO49yj4
IPsEAbNg0ekpTMnn1y8YW38Do/76o1Z0ixjkTOoEsRWaFlt5wWjPeTV2+vmUT2Mm
McExz31gDCPE4nk+q+1ZmFKSFH32EvhlFUQ6/O6JXdvypV37vIPlGyp819R5kKUg
ELa0uA24GDeEAxY01ARidtUO9gp92DYwYVhFI38hHJ7QcqmlqG3sG6KU3bXfhG9J
RhS3YkDZxyaXlw==
-----END CERTIFICATE-----