Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          2HyHTOai8tfApkRt0gXUwEEPvn3ZQdX/TTBDzx9SBZ8=
Subject key identifier:   CC:07:B6:2A:E8:1F:1E:68:1A:A2:02:37:3E:3F:93:C4:44:F9:37:B3
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       018F3AE5A800C63822311BACE9A2B1180C40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          091A
Signing time:             Thu 02 May 2024 20:01:20 +0000
Manifest this update:     Thu 02 May 2024 20:01:20 +0000
Manifest next update:     Fri 03 May 2024 20:01:20 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: ShcGFrhNNsToDbVXDXlNEnuetpiYQX1+ZKwBDRxwQgk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:e5:a8:00:c6:38:22:31:1b:ac:e9:a2:b1:18:0c:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: May  2 20:01:20 2024 GMT
            Not After : May  3 20:01:20 2024 GMT
        Subject: CN=cc07b62ae81f1e681aa202373e3f93c444f937b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:fb:7c:73:48:91:ee:96:a1:fd:7b:59:ab:d0:
                    32:68:83:5a:eb:1b:f2:03:ec:06:52:27:06:5e:a2:
                    90:4a:6e:78:aa:b1:0a:b3:e9:10:d5:97:c2:95:72:
                    6a:5a:76:3c:38:e4:ba:e6:12:09:d1:50:18:05:47:
                    39:10:e9:ee:1e:62:f1:7c:bb:2a:99:db:eb:d1:2b:
                    f5:67:87:54:4e:3d:69:a0:1b:ca:e9:e6:59:32:e9:
                    22:93:87:18:f1:95:c4:3d:81:0b:cd:e9:2d:01:18:
                    9d:4d:ef:d1:67:ed:e6:80:8e:dc:8e:5a:ad:b1:ad:
                    37:e3:db:01:d4:10:d4:55:dd:b2:34:73:32:b5:87:
                    a4:1a:69:fc:26:68:51:c5:22:41:35:0f:5d:d6:44:
                    0e:a9:de:74:0b:8a:76:f6:3c:c9:49:e1:46:0f:be:
                    12:65:c1:99:28:18:85:48:28:a8:27:aa:c0:76:35:
                    a8:2f:c9:82:65:d4:c3:75:9b:ab:d7:23:06:5e:37:
                    b3:47:00:14:57:ab:60:fb:5e:e6:d4:bf:56:84:b9:
                    92:7b:84:a4:73:86:5c:2a:ac:3c:38:17:21:f1:bd:
                    a6:78:65:50:11:4a:47:c5:c5:0c:04:4c:bc:2f:f7:
                    32:40:b4:2e:e8:54:72:b0:be:ad:42:82:59:56:c8:
                    48:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:07:B6:2A:E8:1F:1E:68:1A:A2:02:37:3E:3F:93:C4:44:F9:37:B3
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d2:0b:88:c4:cc:c2:26:99:b0:87:91:da:fe:4b:aa:94:e1:ff:
         f9:ae:98:38:55:19:24:cd:05:c7:a5:6b:b0:0b:8f:c1:1d:4a:
         84:f2:b0:d1:8a:37:af:5c:0c:e9:fb:34:ea:2c:62:a8:15:25:
         bc:30:9c:a1:20:f9:8c:69:cc:ae:80:ad:b1:96:9d:a4:5c:e6:
         5e:4f:52:01:ff:b7:e2:fa:0c:a4:fe:80:6f:99:da:60:15:34:
         4b:b8:7a:d7:96:1a:7a:b0:16:38:d8:75:b2:97:77:50:e7:65:
         7f:b1:48:a2:f8:b1:b7:1d:1a:37:9a:cf:53:e3:51:d3:6a:ee:
         9f:d1:1b:bb:77:09:e8:85:8b:f6:56:19:dd:56:7e:76:b4:2a:
         de:9f:20:b7:ef:3a:6c:7f:cd:50:fc:ac:9b:49:f3:8d:fa:ce:
         b9:d8:d4:16:60:c5:03:26:59:57:b1:5d:a4:35:34:63:6b:04:
         e8:c7:5f:41:76:55:c0:9b:17:39:61:77:8e:ad:4f:45:51:0a:
         70:45:d8:b5:0b:c0:b2:8d:87:e7:a0:6d:bf:b4:ec:66:71:f0:
         20:09:54:e6:d3:82:a4:cc:11:d9:5a:20:5a:a5:7d:e5:f2:04:
         86:3a:44:9f:6d:f6:cd:13:ef:94:b8:bd:83:86:55:df:97:be:
         8e:9f:0f:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY865agAxjgiMRus6aKxGAxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjQwNTAyMjAwMTIwWhcNMjQwNTAzMjAwMTIwWjAzMTEwLwYDVQQD
EyhjYzA3YjYyYWU4MWYxZTY4MWFhMjAyMzczZTNmOTNjNDQ0ZjkzN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ft8c0iR7pah/XtZq9AyaINa6xvy
A+wGUicGXqKQSm54qrEKs+kQ1ZfClXJqWnY8OOS65hIJ0VAYBUc5EOnuHmLxfLsq
mdvr0Sv1Z4dUTj1poBvK6eZZMukik4cY8ZXEPYELzektARidTe/RZ+3mgI7cjlqt
sa0349sB1BDUVd2yNHMytYekGmn8JmhRxSJBNQ9d1kQOqd50C4p29jzJSeFGD74S
ZcGZKBiFSCioJ6rAdjWoL8mCZdTDdZur1yMGXjezRwAUV6tg+17m1L9WhLmSe4Sk
c4ZcKqw8OBch8b2meGVQEUpHxcUMBEy8L/cyQLQu6FRysL6tQoJZVshI/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwHtiroHx5oGqICNz4/k8RE+TezMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0guIxMzC
Jpmwh5Ha/kuqlOH/+a6YOFUZJM0Fx6VrsAuPwR1KhPKw0Yo3r1wM6fs06ixiqBUl
vDCcoSD5jGnMroCtsZadpFzmXk9SAf+34voMpP6Ab5naYBU0S7h615YaerAWONh1
spd3UOdlf7FIovixtx0aN5rPU+NR02run9Ebu3cJ6IWL9lYZ3VZ+drQq3p8gt+86
bH/NUPysm0nzjfrOudjUFmDFAyZZV7FdpDU0Y2sE6MdfQXZVwJsXOWF3jq1PRVEK
cEXYtQvAso2H56Btv7TsZnHwIAlU5tOCpMwR2VogWqV95fIEhjpEn232zRPvlLi9
g4ZV35e+jp8PEw==
-----END CERTIFICATE-----