Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          foVJQQum8cwDJ9CuS5kcpY2d0HjTpjQUVP5/juSwAXk=
Subject key identifier:   54:62:C7:81:E5:80:E1:0B:D0:7F:D4:C9:C4:3C:B8:07:CD:76:9F:AF
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       019357D28CF87B9AB7DE3F6C3FFBC43D4E9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0302
Signing time:             Sat 23 Nov 2024 07:00:36 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:36 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:36 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: oXLycNst7QTej/nyY7Agh+yZ1riJuqMu23k/EXFt7W0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:8c:f8:7b:9a:b7:de:3f:6c:3f:fb:c4:3d:4e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Nov 23 07:00:36 2024 GMT
            Not After : Nov 24 07:00:36 2024 GMT
        Subject: CN=5462c781e580e10bd07fd4c9c43cb807cd769faf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e0:93:a8:ad:38:d7:6e:49:a2:6d:20:4f:13:
                    bc:c2:54:b7:bb:e6:f5:c4:c8:7c:94:b4:6e:cb:2b:
                    4b:14:23:29:dc:95:72:b4:52:17:b1:12:d8:4f:5e:
                    89:5c:7f:4c:ea:c3:77:f1:17:8f:92:da:2d:34:23:
                    c7:0f:d3:4d:d1:b0:b8:57:93:8a:af:b8:99:4e:01:
                    db:20:b1:49:29:1f:79:b9:18:46:c8:d3:64:8b:be:
                    9a:d6:b7:d1:c6:de:e3:a1:5e:dc:e8:44:e0:99:91:
                    45:74:ca:e6:b5:d2:fa:ac:2d:52:0a:18:8a:e2:fd:
                    70:b0:a7:95:25:0d:fa:e0:27:97:7e:a7:de:dc:1b:
                    d2:a8:2c:54:05:62:e8:0d:2c:14:ce:f0:06:70:9a:
                    f5:65:eb:0b:df:51:b9:86:d4:ff:36:a8:fd:a9:53:
                    3c:48:e1:12:15:15:11:6f:9d:51:8b:68:93:46:b9:
                    23:b9:bf:ef:62:c1:0c:0a:86:0b:64:35:c0:79:fa:
                    a1:5b:75:2a:ce:63:90:61:1e:d9:a7:73:6a:ab:7b:
                    33:07:a4:bb:55:89:9e:56:75:42:0c:6e:89:60:a9:
                    e3:f3:0f:4f:04:cd:a8:ea:97:c2:0c:0f:5e:a9:cd:
                    5c:99:f8:da:f2:63:4a:11:0c:24:9d:ff:ba:90:50:
                    d4:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:62:C7:81:E5:80:E1:0B:D0:7F:D4:C9:C4:3C:B8:07:CD:76:9F:AF
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:5e:72:05:7a:20:37:1a:4e:72:b9:be:ec:ca:a3:ca:3a:c7:
         c1:59:55:2a:03:88:67:b9:3b:96:c2:08:77:4c:08:00:69:55:
         90:18:61:90:3b:e2:fb:00:ca:8a:7b:05:9b:9e:71:fa:5c:43:
         2b:74:fa:3a:99:69:25:6b:95:45:9a:17:04:1d:9d:1b:96:b7:
         ce:e9:ef:d8:6e:a9:d6:31:cf:58:4f:ee:4e:5e:bb:95:0e:d1:
         9c:23:04:36:99:d0:37:1d:43:c8:78:05:c2:c3:ec:a8:bd:f6:
         d9:f2:0a:d5:09:ce:41:b0:8c:f9:fa:51:0d:dc:3a:5e:63:86:
         69:0c:94:7f:28:be:77:c5:19:bb:cb:24:14:59:0c:1a:a4:66:
         2c:fe:a4:49:7c:81:75:ad:e8:2e:c7:76:9e:b0:ff:5e:1b:d4:
         c9:6e:56:8f:73:14:7f:38:90:d7:99:c2:67:02:3f:2c:ed:86:
         7a:fd:9d:4c:4e:88:4c:59:70:b8:71:1d:f6:4e:2e:c2:3f:cb:
         97:41:a2:93:3e:cb:cb:06:a6:0e:fb:df:6e:7d:e0:42:0e:60:
         0b:84:5a:6c:d4:7e:24:d5:d0:6a:89:8c:bf:22:82:81:26:14:
         7e:35:d7:1f:12:e7:b1:ad:70:b5:f5:25:ec:51:8b:1c:4e:c0:
         00:d3:e7:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0oz4e5q33j9sP/vEPU6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjQxMTIzMDcwMDM2WhcNMjQxMTI0MDcwMDM2WjAzMTEwLwYDVQQD
Eyg1NDYyYzc4MWU1ODBlMTBiZDA3ZmQ0YzljNDNjYjgwN2NkNzY5ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOCTqK04125Jom0gTxO8wlS3u+b1
xMh8lLRuyytLFCMp3JVytFIXsRLYT16JXH9M6sN38RePktotNCPHD9NN0bC4V5OK
r7iZTgHbILFJKR95uRhGyNNki76a1rfRxt7joV7c6ETgmZFFdMrmtdL6rC1SChiK
4v1wsKeVJQ364CeXfqfe3BvSqCxUBWLoDSwUzvAGcJr1ZesL31G5htT/Nqj9qVM8
SOESFRURb51Ri2iTRrkjub/vYsEMCoYLZDXAefqhW3UqzmOQYR7Zp3Nqq3szB6S7
VYmeVnVCDG6JYKnj8w9PBM2o6pfCDA9eqc1cmfja8mNKEQwknf+6kFDUbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRix4HlgOEL0H/UycQ8uAfNdp+vMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALl5yBXog
NxpOcrm+7MqjyjrHwVlVKgOIZ7k7lsIId0wIAGlVkBhhkDvi+wDKinsFm55x+lxD
K3T6OplpJWuVRZoXBB2dG5a3zunv2G6p1jHPWE/uTl67lQ7RnCMENpnQNx1DyHgF
wsPsqL322fIK1QnOQbCM+fpRDdw6XmOGaQyUfyi+d8UZu8skFFkMGqRmLP6kSXyB
da3oLsd2nrD/XhvUyW5Wj3MUfziQ15nCZwI/LO2Gev2dTE6ITFlwuHEd9k4uwj/L
l0Gikz7LywamDvvfbn3gQg5gC4RabNR+JNXQaomMvyKCgSYUfjXXHxLnsa1wtfUl
7FGLHE7AANPn7w==
-----END CERTIFICATE-----