Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
File:                     AOezY1s9V4VgNwpYMDz81c2SkQU.mft (raw, json)
Hash identifier:          SBvjdzdhvrPfvNYMuWWB7NK2F/Epj9Gu+F9OHXYMFkk=
Subject key identifier:   9B:90:21:F0:59:34:37:DA:F0:07:E2:07:36:AC:A7:42:D3:F1:7E:79
Authority key identifier: 00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05
Certificate issuer:       /CN=00e7b3635b3d578560370a58303cfcd5cd929105
Certificate serial:       018F3BF89891952C354B0CCC531E2F682A20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
Manifest number:          0863
Signing time:             Fri 03 May 2024 01:01:38 +0000
Manifest this update:     Fri 03 May 2024 01:01:38 +0000
Manifest next update:     Sat 04 May 2024 01:01:38 +0000
Files and hashes:         1: AOezY1s9V4VgNwpYMDz81c2SkQU.crl (hash: +WXl/pKD5dGvzPaCG/FaECakPuITzbLi6V+76WdoHjk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 00:09:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3b:f8:98:91:95:2c:35:4b:0c:cc:53:1e:2f:68:2a:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e7b3635b3d578560370a58303cfcd5cd929105
        Validity
            Not Before: May  3 01:01:38 2024 GMT
            Not After : May  4 01:01:38 2024 GMT
        Subject: CN=9b9021f0593437daf007e20736aca742d3f17e79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0a:68:43:44:f6:a1:19:60:af:c3:78:87:f1:
                    2f:b2:29:0e:45:6a:cc:23:db:ed:33:88:7b:81:ff:
                    02:13:bc:4b:02:53:e2:69:28:d2:10:72:0a:17:33:
                    66:70:8d:52:bd:ed:29:6c:4c:f0:40:01:fc:e5:4b:
                    b0:68:e9:c1:9f:83:82:3c:f3:53:ef:02:24:4a:33:
                    e3:fd:3d:68:3d:f6:11:70:52:a2:a9:b3:5a:ac:1a:
                    18:2e:fc:de:d8:44:df:b4:d9:0e:27:cd:72:25:33:
                    28:4f:6e:81:c3:b2:38:f4:1d:e7:b3:09:ea:78:b4:
                    8a:d5:e6:4c:a5:5b:6f:42:c6:18:09:53:d2:ea:bf:
                    b4:f9:ad:f0:77:b3:f9:00:bb:87:5c:32:aa:2b:a4:
                    e6:ef:2f:d8:61:1e:23:ff:a3:4b:0f:50:11:95:e7:
                    d4:8b:43:53:17:d5:1f:5f:30:1e:79:59:6e:fe:26:
                    ab:8b:6b:5e:91:05:69:52:e8:0c:8c:0b:45:99:4f:
                    17:80:f1:11:c7:1f:38:60:4f:db:f4:a3:58:48:6d:
                    04:dd:95:78:c8:a5:6e:be:15:24:57:ad:c5:49:bc:
                    69:f8:88:1e:f7:48:b8:11:1d:ff:b9:47:df:7a:33:
                    76:63:f1:32:03:9d:ad:bd:d1:01:6f:20:f0:c0:d2:
                    53:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:90:21:F0:59:34:37:DA:F0:07:E2:07:36:AC:A7:42:D3:F1:7E:79
            X509v3 Authority Key Identifier:
                keyid:00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:f7:06:43:57:96:1a:af:3d:0a:ff:ba:59:a9:20:7e:4d:67:
         f9:78:7b:a1:98:ba:3d:40:83:48:ea:58:fb:6b:7f:92:84:d9:
         c2:58:97:3e:5c:e9:6d:43:25:85:83:56:6e:9b:03:f0:31:4e:
         83:04:81:cf:a8:9f:59:d9:1f:13:86:e2:14:1d:6c:e2:44:d7:
         76:86:46:47:dc:76:8b:e7:44:7d:bb:90:5a:4c:81:9a:71:70:
         34:88:cd:b3:e4:de:f1:9d:3b:b2:ee:29:03:aa:10:fa:0e:69:
         d2:28:5e:ca:83:4b:a9:4f:7c:ca:58:45:36:99:fc:79:e3:e9:
         58:dd:6f:df:dd:82:b2:fc:5f:6e:54:80:b2:b7:9b:bb:58:6c:
         28:8d:ac:e0:70:de:e1:0d:d2:01:c7:b1:ba:1f:93:ff:1a:ae:
         d0:cf:3a:c0:1e:f9:fa:8a:7b:7d:97:41:54:37:fb:8e:a4:90:
         2a:a1:43:d8:c5:fd:29:39:fe:b9:9f:cb:d6:17:43:d8:d7:ac:
         f8:97:e6:54:7f:e8:44:33:ed:2b:27:49:82:32:49:5a:64:15:
         cc:06:c7:c9:7d:fd:a5:0b:97:bc:e7:ec:71:49:db:6b:af:97:
         4e:fb:fc:01:f8:1a:1a:94:29:b4:bd:b4:99:4c:eb:e6:ee:ed:
         bc:00:99:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY87+JiRlSw1SwzMUx4vaCogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTdiMzYzNWIzZDU3ODU2MDM3MGE1ODMwM2NmY2Q1Y2Q5
MjkxMDUwHhcNMjQwNTAzMDEwMTM4WhcNMjQwNTA0MDEwMTM4WjAzMTEwLwYDVQQD
Eyg5YjkwMjFmMDU5MzQzN2RhZjAwN2UyMDczNmFjYTc0MmQzZjE3ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqApoQ0T2oRlgr8N4h/EvsikORWrM
I9vtM4h7gf8CE7xLAlPiaSjSEHIKFzNmcI1Sve0pbEzwQAH85UuwaOnBn4OCPPNT
7wIkSjPj/T1oPfYRcFKiqbNarBoYLvze2ETftNkOJ81yJTMoT26Bw7I49B3nswnq
eLSK1eZMpVtvQsYYCVPS6r+0+a3wd7P5ALuHXDKqK6Tm7y/YYR4j/6NLD1ARlefU
i0NTF9UfXzAeeVlu/iari2tekQVpUugMjAtFmU8XgPERxx84YE/b9KNYSG0E3ZV4
yKVuvhUkV63FSbxp+Ige90i4ER3/uUffejN2Y/EyA52tvdEBbyDwwNJTbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuQIfBZNDfa8AfiBzasp0LT8X55MB8GA1UdIwQY
MBaAFADns2NbPVeFYDcKWDA8/NXNkpEFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDct
YTBjZDE0MTUxM2NiLzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDctYTBjZDE0MTUxM2Ni
LzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa/cGQ1eW
Gq89Cv+6Wakgfk1n+Xh7oZi6PUCDSOpY+2t/koTZwliXPlzpbUMlhYNWbpsD8DFO
gwSBz6ifWdkfE4biFB1s4kTXdoZGR9x2i+dEfbuQWkyBmnFwNIjNs+Te8Z07su4p
A6oQ+g5p0iheyoNLqU98ylhFNpn8eePpWN1v392CsvxfblSAsrebu1hsKI2s4HDe
4Q3SAcexuh+T/xqu0M86wB75+op7fZdBVDf7jqSQKqFD2MX9KTn+uZ/L1hdD2Nes
+JfmVH/oRDPtKydJgjJJWmQVzAbHyX39pQuXvOfscUnba6+XTvv8AfgaGpQptL20
mUzr5u7tvACZKw==
-----END CERTIFICATE-----