Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          O0v1+porDwFenVxTJSsr2RJcz8hvJNlCF/KIceWZGHQ=
Subject key identifier:   7B:52:FA:95:C4:E4:08:5B:8D:20:49:68:CE:7F:AD:B4:59:54:38:97
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       018F87B677492866BBE5F3F881BBF1719ABC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          74
Signing time:             Fri 17 May 2024 18:00:33 +0000
Manifest this update:     Fri 17 May 2024 18:00:33 +0000
Manifest next update:     Sat 18 May 2024 18:00:33 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: Gir8RMF81ETrPAh9NYxLsctfw5s0uM6YDA6uT0Lwcec=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:77:49:28:66:bb:e5:f3:f8:81:bb:f1:71:9a:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: May 17 18:00:33 2024 GMT
            Not After : May 18 18:00:33 2024 GMT
        Subject: CN=7b52fa95c4e4085b8d204968ce7fadb459543897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5e:08:05:9c:e5:54:8a:b8:44:f6:df:f6:fc:
                    b1:ac:3f:fa:dd:da:45:f2:60:e4:0b:c3:aa:fa:10:
                    3d:ca:07:24:20:e3:d8:42:46:66:15:27:ff:a0:8d:
                    de:fc:9b:da:7d:6f:eb:7c:d8:0f:d7:50:f4:ac:48:
                    8b:89:54:ed:90:38:50:e8:69:04:47:d0:c9:db:7f:
                    b0:26:0f:02:49:68:e2:ef:b1:44:5b:9a:4a:1b:98:
                    b1:c7:d3:05:9f:0f:95:bd:be:3e:50:dd:6d:6a:11:
                    4d:57:19:45:33:89:dc:d3:d6:b6:2f:44:2c:9d:4a:
                    0e:dc:5a:14:5e:fe:4f:17:55:4f:d0:e2:78:09:b9:
                    01:c9:03:51:97:b3:00:62:2b:5e:1d:85:5d:9d:2b:
                    6b:ec:ca:87:da:35:67:f2:c0:51:44:07:78:c1:91:
                    0a:99:71:61:c8:a2:cf:d9:6e:16:f7:eb:01:d9:23:
                    da:a7:4f:bd:07:86:08:c0:83:f9:4f:8b:59:98:f8:
                    0f:5a:21:cc:38:f2:f3:58:70:9a:40:1e:93:4a:67:
                    d9:00:5b:59:41:f8:23:6e:89:cb:97:1d:d5:21:25:
                    4d:0d:03:b6:04:9e:77:43:53:39:e6:17:f9:16:93:
                    39:d9:a1:ce:a1:4e:63:07:56:fb:90:25:33:1f:27:
                    4a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:52:FA:95:C4:E4:08:5B:8D:20:49:68:CE:7F:AD:B4:59:54:38:97
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:b6:8b:80:3d:c9:03:9c:04:0a:56:db:c8:db:52:39:59:ca:
         53:04:be:91:40:cd:14:c6:0e:f8:11:cf:8d:6e:af:16:83:b0:
         c6:c7:ae:20:8e:19:25:af:e9:7e:b1:e8:6a:01:fc:ca:71:6b:
         d5:8d:31:da:92:24:de:4f:4e:0c:b7:a9:01:c5:11:3b:c8:a8:
         95:b5:60:e8:a2:d2:1d:00:3c:ea:86:ed:b0:c6:bd:e7:94:14:
         28:cc:2c:4a:25:13:86:69:b9:2d:2b:f1:52:aa:31:ba:ec:1c:
         d1:19:36:d0:23:63:9f:29:a6:b9:aa:c2:4f:3f:f2:d8:72:c2:
         f1:c6:f4:9b:6a:d7:79:14:b2:0f:05:6d:83:28:3a:2f:1f:92:
         6d:e7:27:c1:0f:1a:fc:98:7f:3c:df:0e:e4:3a:69:38:db:ac:
         81:69:6a:72:0b:5d:fd:0e:04:2b:cd:b5:bc:b6:d1:5f:3e:fc:
         50:62:5b:37:9d:fb:6c:7e:57:0a:e6:a9:ae:ea:26:d2:5f:fe:
         07:fa:95:f0:e0:2c:1d:70:dc:a9:0f:ee:ca:b4:92:b5:a6:9d:
         9b:e7:a5:21:e8:8d:27:4c:6c:49:f4:21:cc:6e:56:cc:26:44:
         76:79:f4:b9:a3:40:29:d2:7e:44:ae:37:5e:24:66:86:eb:6f:
         17:86:8c:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtndJKGa75fP4gbvxcZq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjQwNTE3MTgwMDMzWhcNMjQwNTE4MTgwMDMzWjAzMTEwLwYDVQQD
Eyg3YjUyZmE5NWM0ZTQwODViOGQyMDQ5NjhjZTdmYWRiNDU5NTQzODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF4IBZzlVIq4RPbf9vyxrD/63dpF
8mDkC8Oq+hA9ygckIOPYQkZmFSf/oI3e/JvafW/rfNgP11D0rEiLiVTtkDhQ6GkE
R9DJ23+wJg8CSWji77FEW5pKG5ixx9MFnw+Vvb4+UN1tahFNVxlFM4nc09a2L0Qs
nUoO3FoUXv5PF1VP0OJ4CbkByQNRl7MAYiteHYVdnStr7MqH2jVn8sBRRAd4wZEK
mXFhyKLP2W4W9+sB2SPap0+9B4YIwIP5T4tZmPgPWiHMOPLzWHCaQB6TSmfZAFtZ
QfgjbonLlx3VISVNDQO2BJ53Q1M55hf5FpM52aHOoU5jB1b7kCUzHydKcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtS+pXE5AhbjSBJaM5/rbRZVDiXMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm7aLgD3J
A5wEClbbyNtSOVnKUwS+kUDNFMYO+BHPjW6vFoOwxseuII4ZJa/pfrHoagH8ynFr
1Y0x2pIk3k9ODLepAcURO8iolbVg6KLSHQA86obtsMa955QUKMwsSiUThmm5LSvx
Uqoxuuwc0Rk20CNjnymmuarCTz/y2HLC8cb0m2rXeRSyDwVtgyg6Lx+SbecnwQ8a
/Jh/PN8O5DppONusgWlqcgtd/Q4EK821vLbRXz78UGJbN537bH5XCuapruom0l/+
B/qV8OAsHXDcqQ/uyrSStaadm+elIeiNJ0xsSfQhzG5WzCZEdnn0uaNAKdJ+RK43
XiRmhutvF4aM9w==
-----END CERTIFICATE-----