Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          yJLaSBD73J9ORzXjGSQ5qpj4s2U2g35F8UYUkznRrSo=
Subject key identifier:   2C:DE:51:CF:4B:87:B2:9C:42:E9:AD:8E:F0:95:A2:50:8B:0E:9C:D7
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       018F87492A8A040DDEB3F60328CE40858455
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          0F0D
Signing time:             Fri 17 May 2024 16:01:10 +0000
Manifest this update:     Fri 17 May 2024 16:01:10 +0000
Manifest next update:     Sat 18 May 2024 16:01:10 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: rSzn2XRHSJiDKNeFTyszeBYYTbx97Bx2tPZ66sbZtBI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:2a:8a:04:0d:de:b3:f6:03:28:ce:40:85:84:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: May 17 16:01:10 2024 GMT
            Not After : May 18 16:01:10 2024 GMT
        Subject: CN=2cde51cf4b87b29c42e9ad8ef095a2508b0e9cd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:70:95:a3:75:48:92:ff:24:e8:57:16:80:84:
                    6e:13:49:c1:e3:a2:aa:27:e4:16:61:ae:73:89:26:
                    c5:2f:95:bb:1e:6d:eb:04:c9:4b:63:b0:40:a0:e4:
                    73:d6:5d:3b:99:7a:2c:25:6d:40:6c:6f:64:46:86:
                    3a:86:20:0d:04:6b:d8:ad:25:75:ba:5a:ba:9d:20:
                    b7:45:75:f0:a6:c0:d4:0b:07:6f:12:95:d1:00:47:
                    b3:f8:3c:a1:0e:13:ac:e1:6c:a0:b8:31:b6:87:7a:
                    59:78:4a:34:a1:2c:d6:68:99:3b:10:7f:1a:92:41:
                    d1:fe:76:10:0e:70:d5:1c:c7:23:72:84:d5:b8:09:
                    60:80:1b:c1:fb:a7:e5:34:df:4a:79:5f:6b:90:dd:
                    a5:8f:6d:c8:06:04:23:c7:93:d6:fc:3a:cf:b3:12:
                    ca:4d:38:5a:e8:d8:ef:a3:61:54:f6:94:c7:36:29:
                    df:d8:54:ac:06:b3:b5:5b:60:2f:df:d7:89:9a:fd:
                    6b:8d:d2:ac:ca:17:7b:e8:88:b5:a4:07:aa:ea:be:
                    60:83:9b:87:6c:57:9b:ac:f1:a1:ea:f4:5d:bf:fc:
                    3b:fe:f8:ae:fc:a7:d2:67:62:69:81:bd:31:2b:19:
                    25:3b:46:64:c1:4b:db:32:60:7f:3b:ae:10:e3:9d:
                    c0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:DE:51:CF:4B:87:B2:9C:42:E9:AD:8E:F0:95:A2:50:8B:0E:9C:D7
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:f7:42:5f:d5:c4:c4:71:ed:60:3c:e4:96:d7:14:9b:9e:c1:
         09:72:79:41:1c:ea:ec:a7:27:0c:ef:ec:46:d5:b7:ff:90:ec:
         93:00:f6:33:97:d8:f7:3a:b9:20:6f:f5:19:39:e3:6d:79:64:
         ce:77:21:63:73:1d:33:3c:b7:04:d7:37:8d:6e:62:67:67:0d:
         13:f5:ae:0a:1a:b2:e5:1e:e4:09:3e:5e:3e:6a:57:e4:62:04:
         98:f0:67:9f:07:3c:4d:36:6e:af:49:44:69:d5:2b:16:df:07:
         ad:f4:d4:e9:9a:00:9a:f0:df:b4:be:ca:be:72:68:18:38:9c:
         96:40:d0:37:86:18:aa:32:63:b7:30:79:e9:ad:7d:ab:80:a0:
         8e:68:f9:08:a4:63:0b:4a:1e:06:4e:30:9f:0b:77:54:21:4f:
         d5:e8:55:b8:d0:03:aa:f9:6e:2a:8c:a9:97:a7:43:33:62:b8:
         0b:45:70:d2:24:1b:8b:95:b5:ea:e7:e3:40:e5:66:ab:59:35:
         1c:fb:ca:bb:c8:c8:b9:42:c0:13:41:be:94:58:4a:bf:8b:6c:
         6a:75:d8:6b:9c:cc:c2:8c:36:b7:98:d4:a6:65:e0:dc:1b:c1:
         ff:7a:6e:c7:d2:ce:43:c0:6c:6e:28:91:b9:af:f1:8f:de:36:
         59:89:e5:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSSqKBA3es/YDKM5AhYRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjQwNTE3MTYwMTEwWhcNMjQwNTE4MTYwMTEwWjAzMTEwLwYDVQQD
EygyY2RlNTFjZjRiODdiMjljNDJlOWFkOGVmMDk1YTI1MDhiMGU5Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXCVo3VIkv8k6FcWgIRuE0nB46Kq
J+QWYa5ziSbFL5W7Hm3rBMlLY7BAoORz1l07mXosJW1AbG9kRoY6hiANBGvYrSV1
ulq6nSC3RXXwpsDUCwdvEpXRAEez+DyhDhOs4WyguDG2h3pZeEo0oSzWaJk7EH8a
kkHR/nYQDnDVHMcjcoTVuAlggBvB+6flNN9KeV9rkN2lj23IBgQjx5PW/DrPsxLK
TTha6Njvo2FU9pTHNinf2FSsBrO1W2Av39eJmv1rjdKsyhd76Ii1pAeq6r5gg5uH
bFebrPGh6vRdv/w7/viu/KfSZ2Jpgb0xKxklO0ZkwUvbMmB/O64Q453AXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzeUc9Lh7KcQumtjvCVolCLDpzXMB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfdCX9XE
xHHtYDzkltcUm57BCXJ5QRzq7KcnDO/sRtW3/5DskwD2M5fY9zq5IG/1GTnjbXlk
znchY3MdMzy3BNc3jW5iZ2cNE/WuChqy5R7kCT5ePmpX5GIEmPBnnwc8TTZur0lE
adUrFt8HrfTU6ZoAmvDftL7KvnJoGDiclkDQN4YYqjJjtzB56a19q4Cgjmj5CKRj
C0oeBk4wnwt3VCFP1ehVuNADqvluKoypl6dDM2K4C0Vw0iQbi5W16ufjQOVmq1k1
HPvKu8jIuULAE0G+lFhKv4tsanXYa5zMwow2t5jUpmXg3BvB/3pux9LOQ8BsbiiR
ua/xj942WYnl4Q==
-----END CERTIFICATE-----