Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          sQcwsCN4ju0COAxElFIsNPy5Z+re2w0wmG/GkhKtUSA=
Subject key identifier:   0D:B0:A0:9A:9F:D6:DD:6C:1A:AE:84:B7:F1:6C:61:72:E8:12:6F:AF
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       01935764F80D43579B09CDA2BF5014101868
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          07AA
Signing time:             Sat 23 Nov 2024 05:00:55 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:55 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:55 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: X9u5ODF6rUx3cY2H0y6TI13ySsGF6W6LTvrUIbcy5Ek=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:f8:0d:43:57:9b:09:cd:a2:bf:50:14:10:18:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Nov 23 05:00:55 2024 GMT
            Not After : Nov 24 05:00:55 2024 GMT
        Subject: CN=0db0a09a9fd6dd6c1aae84b7f16c6172e8126faf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:76:4a:2c:53:c2:bb:9e:ec:d4:30:b8:dd:b3:
                    25:86:63:f0:1d:e0:84:e4:26:fc:82:1e:fd:c0:06:
                    7b:bd:ad:89:44:e5:07:fa:04:6e:8e:7e:51:1e:40:
                    fd:ee:10:da:53:0a:42:80:8a:9b:2c:66:13:ac:b8:
                    4e:4a:c6:24:3a:71:f1:7c:58:58:b8:43:73:0c:61:
                    5d:4e:84:fc:69:15:95:c2:ed:05:a2:5f:6c:27:2c:
                    db:30:b3:d7:53:50:8d:ea:5a:3a:e0:52:27:cd:98:
                    18:99:0a:22:2f:e2:50:d8:6c:77:90:1a:95:f0:e6:
                    a8:2f:3c:51:85:56:34:a3:a2:f3:ef:47:5a:df:a2:
                    cd:e9:f0:3e:cc:df:6b:9c:7b:5b:fd:de:61:aa:9a:
                    4e:d1:14:4c:08:bf:3a:8c:db:b9:9a:99:e6:57:b7:
                    66:dc:2c:fa:69:b3:5b:27:58:de:df:68:99:e1:0d:
                    88:2c:0d:7f:68:c9:49:45:dc:78:f7:af:89:01:6c:
                    f9:4b:e2:c7:e5:0a:89:9c:6a:c5:20:ab:0d:62:bb:
                    d2:b2:0a:e5:ad:69:24:d9:a5:e0:63:ea:9d:13:9c:
                    03:1f:93:e2:4b:34:f7:fd:ee:b8:af:14:ca:e4:43:
                    82:86:7f:77:6c:a9:0b:03:c2:1c:44:b0:08:d6:f9:
                    7a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B0:A0:9A:9F:D6:DD:6C:1A:AE:84:B7:F1:6C:61:72:E8:12:6F:AF
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:1a:f6:29:47:48:66:53:75:13:90:93:55:7e:10:af:da:f2:
         91:55:2e:43:cd:1b:cd:8c:a5:17:df:f4:88:34:14:6f:14:6c:
         c8:e2:5c:2c:ac:63:19:7a:d4:5a:50:02:a9:e7:3a:1f:f5:ec:
         72:f3:4b:bc:e5:8d:eb:31:c9:88:29:af:8d:7a:30:ae:43:2c:
         ff:dc:82:52:0b:22:b5:c3:c6:7a:02:96:65:82:8c:10:44:2d:
         fd:89:ae:ac:40:f3:fd:95:f7:f1:92:93:e1:96:8e:06:35:32:
         f8:a0:62:82:83:8e:03:0b:18:37:12:76:fb:7f:7c:cf:f0:05:
         69:16:3a:41:4e:91:84:1e:d0:ed:b4:22:42:d2:31:0a:f7:79:
         04:af:46:6d:d7:0b:44:ed:ba:13:4c:b6:db:e4:c0:9c:cc:0c:
         ce:6d:e7:c2:0b:41:73:9d:25:16:02:80:ca:b3:21:90:8d:5d:
         7f:b6:d5:45:d8:92:bc:ed:e3:05:f4:95:dd:33:09:db:3c:7e:
         40:7c:46:58:4f:1e:46:48:fd:20:dd:60:a6:70:7a:4a:61:d0:
         ba:67:5c:79:b4:b2:0c:d8:81:20:b1:a8:50:f5:fe:91:de:21:
         87:37:17:db:d7:42:05:43:2f:1c:25:d4:ee:ef:ee:9c:32:24:
         ab:93:6f:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZPgNQ1ebCc2iv1AUEBhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjQxMTIzMDUwMDU1WhcNMjQxMTI0MDUwMDU1WjAzMTEwLwYDVQQD
EygwZGIwYTA5YTlmZDZkZDZjMWFhZTg0YjdmMTZjNjE3MmU4MTI2ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3ZKLFPCu57s1DC43bMlhmPwHeCE
5Cb8gh79wAZ7va2JROUH+gRujn5RHkD97hDaUwpCgIqbLGYTrLhOSsYkOnHxfFhY
uENzDGFdToT8aRWVwu0Fol9sJyzbMLPXU1CN6lo64FInzZgYmQoiL+JQ2Gx3kBqV
8OaoLzxRhVY0o6Lz70da36LN6fA+zN9rnHtb/d5hqppO0RRMCL86jNu5mpnmV7dm
3Cz6abNbJ1je32iZ4Q2ILA1/aMlJRdx496+JAWz5S+LH5QqJnGrFIKsNYrvSsgrl
rWkk2aXgY+qdE5wDH5PiSzT3/e64rxTK5EOChn93bKkLA8IcRLAI1vl6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2woJqf1t1sGq6Et/FsYXLoEm+vMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAShr2KUdI
ZlN1E5CTVX4Qr9rykVUuQ80bzYylF9/0iDQUbxRsyOJcLKxjGXrUWlACqec6H/Xs
cvNLvOWN6zHJiCmvjXowrkMs/9yCUgsitcPGegKWZYKMEEQt/YmurEDz/ZX38ZKT
4ZaOBjUy+KBigoOOAwsYNxJ2+398z/AFaRY6QU6RhB7Q7bQiQtIxCvd5BK9GbdcL
RO26E0y22+TAnMwMzm3nwgtBc50lFgKAyrMhkI1df7bVRdiSvO3jBfSV3TMJ2zx+
QHxGWE8eRkj9IN1gpnB6SmHQumdcebSyDNiBILGoUPX+kd4hhzcX29dCBUMvHCXU
7u/unDIkq5NvQg==
-----END CERTIFICATE-----