Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          5x0LKACWGJo9WfdIKblliYlVVPrpb2TWtorUrtXOD6s=
Subject key identifier:   B7:D9:2C:6D:F8:34:6A:8A:9C:B9:6E:C7:11:02:E6:BA:7D:52:25:70
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       01935689C2CE08BD905C515E177C4EB91972
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          136E
Signing time:             Sat 23 Nov 2024 01:01:28 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:28 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:28 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: 6P6tMPJi1WRNZyBnPK6fr6OvbzJvulTYteExjiT1x50=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:c2:ce:08:bd:90:5c:51:5e:17:7c:4e:b9:19:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Nov 23 01:01:28 2024 GMT
            Not After : Nov 24 01:01:28 2024 GMT
        Subject: CN=b7d92c6df8346a8a9cb96ec71102e6ba7d522570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:02:8a:16:40:37:e3:41:ea:ad:e3:f5:0a:ea:
                    8c:33:ee:b8:02:9b:39:f9:77:95:8d:80:83:21:9b:
                    de:b5:3e:73:e6:8c:94:f7:d7:60:34:21:11:79:66:
                    84:35:a1:0a:ec:e2:e4:fa:fd:bf:5b:53:b4:97:9e:
                    b9:68:12:f1:f0:fa:f0:bf:50:d2:3b:b4:e1:e2:41:
                    5e:77:26:f5:1f:80:18:64:fb:6b:7c:dc:e2:46:8f:
                    d8:a8:f9:cb:6d:9f:88:65:99:34:f0:5f:11:6b:27:
                    df:58:f0:2e:6d:94:26:f6:52:4a:87:e8:98:ee:4b:
                    48:91:bf:e3:27:6f:1b:d6:df:83:21:68:15:0e:d8:
                    59:df:8f:69:e8:51:0a:35:56:75:f5:d5:e9:67:a0:
                    74:80:9e:f8:90:a4:2e:6c:c1:ca:9c:c1:84:e2:fb:
                    76:d6:45:15:85:53:5b:74:2a:71:29:ce:d4:bd:29:
                    10:0a:25:d1:88:e2:a4:01:ae:b7:41:99:7f:5a:a3:
                    ab:90:d9:9b:d3:71:39:b3:4b:64:fc:01:21:58:b4:
                    16:9c:26:98:6d:c5:f4:33:12:ff:54:db:6c:c9:5c:
                    4b:57:f1:40:b3:fc:16:21:f2:45:57:43:47:d6:28:
                    c8:1d:d8:8d:53:97:40:46:f2:49:f1:74:98:ed:4a:
                    62:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D9:2C:6D:F8:34:6A:8A:9C:B9:6E:C7:11:02:E6:BA:7D:52:25:70
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:2a:8f:c6:82:4d:57:d3:18:95:69:8a:3d:f8:a8:d8:8a:10:
         f5:fb:a5:9c:38:ac:43:47:73:5f:9e:75:33:f2:7b:71:e2:15:
         56:06:42:39:4b:04:3c:29:e5:4b:92:28:f1:f6:56:a4:5d:f2:
         0c:92:54:1e:f3:fc:02:c8:9c:1c:88:4f:fb:86:a0:c7:c4:ed:
         58:75:40:95:95:fe:36:04:c6:ff:37:5e:be:89:ac:6a:45:9b:
         a8:b2:53:47:21:e1:a9:f9:f2:e7:cb:72:f7:58:c0:7c:66:db:
         14:e0:37:00:f4:19:ac:d8:d7:54:ff:9a:2a:e1:a8:71:50:98:
         10:04:64:bb:8a:e2:40:21:96:72:95:ca:d1:02:9b:c0:5e:dc:
         7d:7c:bb:d4:81:3c:10:da:87:f8:30:b7:eb:4d:8e:65:6a:28:
         d1:41:0a:89:b6:19:9e:2c:4d:58:c6:90:5b:5d:f0:09:b7:dd:
         fd:cf:b3:b3:db:df:dc:f1:4c:ff:34:1c:1f:94:b1:7a:22:1b:
         8a:ef:06:af:00:e0:d2:7d:8a:b6:ff:67:d9:49:50:cb:7a:46:
         03:36:4b:5b:8c:42:f2:5e:20:aa:1a:4f:29:8f:76:68:ed:b7:
         4f:ea:0f:74:22:5b:df:e6:2b:c8:81:78:8e:42:7b:6b:51:b0:
         c5:9d:1d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWicLOCL2QXFFeF3xOuRlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjQxMTIzMDEwMTI4WhcNMjQxMTI0MDEwMTI4WjAzMTEwLwYDVQQD
EyhiN2Q5MmM2ZGY4MzQ2YThhOWNiOTZlYzcxMTAyZTZiYTdkNTIyNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQKKFkA340HqreP1CuqMM+64Aps5
+XeVjYCDIZvetT5z5oyU99dgNCEReWaENaEK7OLk+v2/W1O0l565aBLx8Prwv1DS
O7Th4kFedyb1H4AYZPtrfNziRo/YqPnLbZ+IZZk08F8RayffWPAubZQm9lJKh+iY
7ktIkb/jJ28b1t+DIWgVDthZ349p6FEKNVZ19dXpZ6B0gJ74kKQubMHKnMGE4vt2
1kUVhVNbdCpxKc7UvSkQCiXRiOKkAa63QZl/WqOrkNmb03E5s0tk/AEhWLQWnCaY
bcX0MxL/VNtsyVxLV/FAs/wWIfJFV0NH1ijIHdiNU5dARvJJ8XSY7UpipQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfZLG34NGqKnLluxxEC5rp9UiVwMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyqPxoJN
V9MYlWmKPfio2IoQ9fulnDisQ0dzX551M/J7ceIVVgZCOUsEPCnlS5Io8fZWpF3y
DJJUHvP8AsicHIhP+4agx8TtWHVAlZX+NgTG/zdevomsakWbqLJTRyHhqfny58ty
91jAfGbbFOA3APQZrNjXVP+aKuGocVCYEARku4riQCGWcpXK0QKbwF7cfXy71IE8
ENqH+DC3602OZWoo0UEKibYZnixNWMaQW13wCbfd/c+zs9vf3PFM/zQcH5SxeiIb
iu8GrwDg0n2Ktv9n2UlQy3pGAzZLW4xC8l4gqhpPKY92aO23T+oPdCJb3+YryIF4
jkJ7a1GwxZ0dpQ==
-----END CERTIFICATE-----