Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          So5ZAKGWDo5gOCk7fEoe+iZr4daSIF4ht0AasC2enRI=
Subject key identifier:   13:30:30:0A:4E:E3:8D:5D:4A:BE:87:6D:AF:7E:03:7D:BB:DE:2D:B6
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       01935689DC897ABC16BF1501E66EC50B6199
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          136E
Signing time:             Sat 23 Nov 2024 01:01:35 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:35 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:35 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: p+csNdQDDEovpdWRiKiBkLwspqWtyp4p/7tGVhkfzOU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:dc:89:7a:bc:16:bf:15:01:e6:6e:c5:0b:61:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Nov 23 01:01:35 2024 GMT
            Not After : Nov 24 01:01:35 2024 GMT
        Subject: CN=1330300a4ee38d5d4abe876daf7e037dbbde2db6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:6b:0c:fc:b2:af:c3:b1:ee:1c:9c:77:59:42:
                    b6:67:27:78:38:6b:8a:b2:e1:f9:4e:d1:41:e6:ef:
                    16:75:94:1a:6a:b7:75:d8:9d:14:81:7b:21:6a:99:
                    72:1b:4b:fa:16:87:b9:f9:15:54:fb:ed:7b:60:db:
                    0d:07:b7:8b:fa:82:fb:be:cc:d9:f9:bc:9e:3a:7c:
                    a4:4e:6f:51:f4:e9:82:73:c8:de:74:1a:b3:7c:6e:
                    0b:0d:75:f0:23:31:d8:08:c5:49:ba:d9:13:0f:22:
                    ca:6c:ae:e9:3c:6b:03:b0:0d:c8:86:00:c9:7d:39:
                    d3:87:7c:82:0d:16:4c:97:be:d0:ef:e7:34:f8:3a:
                    5e:60:1f:06:bf:65:e0:2c:5f:ce:f7:95:1c:85:de:
                    38:8f:4f:18:15:33:2e:ba:92:8f:3b:99:ce:b7:93:
                    78:7c:7a:30:69:00:c5:b0:e6:d1:e4:d5:ee:f9:a6:
                    82:66:22:97:7c:17:e8:0c:9c:f6:44:a1:24:1e:aa:
                    83:3f:27:64:12:a5:b3:d6:c0:ad:e4:d2:7a:3e:71:
                    f0:cf:2c:f9:ef:42:c8:83:d0:d9:08:c3:a1:a6:5c:
                    7d:86:23:92:30:0c:bd:5a:e5:61:d1:66:23:86:86:
                    b8:70:af:68:0c:c7:c5:ad:73:77:ba:86:5f:e1:e2:
                    a3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:30:30:0A:4E:E3:8D:5D:4A:BE:87:6D:AF:7E:03:7D:BB:DE:2D:B6
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:2d:17:4f:83:a2:c6:78:9d:3e:b0:fc:6b:48:20:05:07:b8:
         8e:d9:92:cc:29:5a:37:68:cb:dc:79:2f:44:56:7d:42:af:47:
         b1:fe:a0:1f:0f:8f:a1:26:7a:ab:64:ae:ec:67:e2:c0:78:58:
         5c:18:e4:b3:07:55:28:0a:a7:1f:de:62:84:1f:04:bf:97:e0:
         58:9e:19:23:75:44:5f:58:0c:e7:49:0a:db:08:96:79:09:7a:
         1f:e9:51:ea:2d:6c:47:5d:39:59:b9:42:b3:95:61:24:29:3d:
         b3:70:da:25:cb:02:ff:a1:9b:88:7c:c2:96:68:31:7f:7f:bf:
         51:2d:7d:9f:8b:55:f2:6f:0d:c8:7c:4c:63:f2:64:6a:15:66:
         35:a8:3f:d8:37:0b:c6:7e:bc:dc:8e:e5:34:82:cd:42:7b:e6:
         4b:b3:58:98:b6:57:77:69:cd:fa:34:ed:57:6f:63:78:cc:a5:
         02:ef:c1:4c:c4:01:77:e9:23:d3:63:c8:a2:65:e4:4f:09:6e:
         96:16:3c:96:16:79:42:c9:93:ce:ae:f7:e6:64:d2:56:b7:64:
         a5:73:30:68:0e:fd:b2:22:25:62:38:60:0f:3c:65:c3:a1:b0:
         42:b9:0a:34:f3:2b:bc:bd:6e:b3:89:7f:9a:fb:35:8c:a7:83:
         4b:11:69:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWidyJerwWvxUB5m7FC2GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjQxMTIzMDEwMTM1WhcNMjQxMTI0MDEwMTM1WjAzMTEwLwYDVQQD
EygxMzMwMzAwYTRlZTM4ZDVkNGFiZTg3NmRhZjdlMDM3ZGJiZGUyZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimsM/LKvw7HuHJx3WUK2Zyd4OGuK
suH5TtFB5u8WdZQaard12J0UgXshaplyG0v6Foe5+RVU++17YNsNB7eL+oL7vszZ
+byeOnykTm9R9OmCc8jedBqzfG4LDXXwIzHYCMVJutkTDyLKbK7pPGsDsA3IhgDJ
fTnTh3yCDRZMl77Q7+c0+DpeYB8Gv2XgLF/O95Uchd44j08YFTMuupKPO5nOt5N4
fHowaQDFsObR5NXu+aaCZiKXfBfoDJz2RKEkHqqDPydkEqWz1sCt5NJ6PnHwzyz5
70LIg9DZCMOhplx9hiOSMAy9WuVh0WYjhoa4cK9oDMfFrXN3uoZf4eKjxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMwMApO441dSr6Hba9+A3273i22MB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADS0XT4Oi
xnidPrD8a0ggBQe4jtmSzClaN2jL3HkvRFZ9Qq9Hsf6gHw+PoSZ6q2Su7GfiwHhY
XBjkswdVKAqnH95ihB8Ev5fgWJ4ZI3VEX1gM50kK2wiWeQl6H+lR6i1sR105WblC
s5VhJCk9s3DaJcsC/6GbiHzClmgxf3+/US19n4tV8m8NyHxMY/JkahVmNag/2DcL
xn683I7lNILNQnvmS7NYmLZXd2nN+jTtV29jeMylAu/BTMQBd+kj02PIomXkTwlu
lhY8lhZ5QsmTzq735mTSVrdkpXMwaA79siIlYjhgDzxlw6GwQrkKNPMrvL1us4l/
mvs1jKeDSxFpow==
-----END CERTIFICATE-----