Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/570d55e9-040b-4eb0-9055-4b1e63a88a66/2/76423146648CF6AC626CCD0654C5B50EBEA94787.mft
File:                     76423146648CF6AC626CCD0654C5B50EBEA94787.mft (raw, json)
Hash identifier:          okMKcxjsX+JhAUxH8cJ3jbdrw+/KdPoNk1dxjs8f25M=
Subject key identifier:   D4:B7:7D:3C:4E:D3:04:A0:7A:B5:5E:06:65:BC:F9:C5:03:82:C1:79
Authority key identifier: 76:42:31:46:64:8C:F6:AC:62:6C:CD:06:54:C5:B5:0E:BE:A9:47:87
Certificate issuer:       /CN=76423146648CF6AC626CCD0654C5B50EBEA94787
Certificate serial:       292DAA32806396FF2782CB258E88102F54E8156B
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/76423146648CF6AC626CCD0654C5B50EBEA94787.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/570d55e9-040b-4eb0-9055-4b1e63a88a66/2/76423146648CF6AC626CCD0654C5B50EBEA94787.mft
Manifest number:          29
Signing time:             Fri 15 Mar 2024 00:07:52 +0000
Manifest this update:     Fri 15 Mar 2024 00:02:52 +0000
Manifest next update:     Sat 16 Mar 2024 01:20:52 +0000
Files and hashes:         1: 76423146648CF6AC626CCD0654C5B50EBEA94787.crl (hash: uYbXq2yDrMTGUIA6/R32saihfmx/DHE5BAYtZfLC6k8=)
                          2: 326130663a383563313a3336313a3a2f34382d3438203d3e20323135363035.roa (hash: 6vZXQuJuT00/MBVMFdZvlxILF2MZNANLam86lfliy/E=)

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:2d:aa:32:80:63:96:ff:27:82:cb:25:8e:88:10:2f:54:e8:15:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76423146648CF6AC626CCD0654C5B50EBEA94787
        Validity
            Not Before: Mar 15 00:02:52 2024 GMT
            Not After : Mar 16 01:20:52 2024 GMT
        Subject: CN=D4B77D3C4ED304A07AB55E0665BCF9C50382C179
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a5:87:88:7a:2a:20:2b:48:57:ce:cf:5e:da:
                    c3:63:29:05:f7:c8:ca:92:2f:c2:83:13:c7:ae:cc:
                    b0:58:5a:08:f7:df:15:4c:ea:75:0b:ba:fa:44:b8:
                    ec:80:3c:e1:59:a6:e4:5f:44:84:3f:77:30:35:46:
                    bf:8c:86:df:38:62:ec:25:97:a9:8e:db:a7:01:4a:
                    6f:e7:f7:4c:da:6a:1e:a2:89:1d:13:10:d5:f9:db:
                    7c:16:94:d4:d5:da:15:f9:26:b0:76:f9:ec:d6:9d:
                    03:d6:29:cd:bb:9a:ba:d8:0c:45:20:22:41:1f:81:
                    a8:58:94:e9:32:d7:88:56:9e:94:18:16:fc:f3:6a:
                    27:fb:6e:24:b8:15:05:0e:8d:a0:46:57:96:70:59:
                    ae:6d:46:da:0c:83:a2:c9:c8:2f:25:61:92:b3:cf:
                    ee:e0:7c:aa:c2:97:b5:ce:88:7f:cf:a7:9f:6b:c3:
                    af:f4:b7:bc:1b:f5:96:e5:1d:2d:87:90:18:5e:3b:
                    c1:c7:99:0c:e4:5d:77:17:fa:a6:da:cb:b0:69:64:
                    f0:16:8e:f5:ae:ac:24:b6:31:d7:a9:95:53:f4:cd:
                    4d:52:20:27:96:0b:bf:52:45:c1:b9:c9:56:65:ee:
                    49:97:a6:50:84:d2:25:0d:e6:21:07:36:c5:3f:b3:
                    5f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B7:7D:3C:4E:D3:04:A0:7A:B5:5E:06:65:BC:F9:C5:03:82:C1:79
            X509v3 Authority Key Identifier:
                keyid:76:42:31:46:64:8C:F6:AC:62:6C:CD:06:54:C5:B5:0E:BE:A9:47:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/570d55e9-040b-4eb0-9055-4b1e63a88a66/2/76423146648CF6AC626CCD0654C5B50EBEA94787.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/76423146648CF6AC626CCD0654C5B50EBEA94787.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/570d55e9-040b-4eb0-9055-4b1e63a88a66/2/76423146648CF6AC626CCD0654C5B50EBEA94787.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:36:52:59:cd:93:31:f9:86:68:fa:26:ec:7f:c9:55:5a:88:
         bb:b8:d1:dc:9a:1f:6e:38:66:76:cf:62:fd:4b:66:aa:9f:36:
         ca:bf:19:db:c5:e0:52:e5:8d:bf:bb:79:47:4d:32:6a:2b:8a:
         66:bf:15:6c:aa:2f:e3:ea:8d:c4:12:bd:f7:6a:d1:2d:7c:2f:
         55:50:38:b3:23:f9:f4:e2:c3:02:a1:92:33:97:5e:ec:06:77:
         9d:28:63:e5:d5:59:d6:be:22:58:b0:02:06:0c:6e:4e:1d:c7:
         7d:3f:68:fc:ec:e4:b6:99:85:36:f5:e8:ec:0d:c5:2e:8b:39:
         51:fe:28:78:8b:d7:58:cf:02:bd:af:3d:f6:51:ab:5d:4b:6d:
         a2:b9:1a:4d:49:3d:1c:18:01:fc:b8:49:79:8e:53:1e:df:09:
         27:b4:40:8a:14:20:e2:bd:ee:20:66:3e:cf:50:4e:59:62:12:
         c0:16:d2:12:7a:e0:3f:07:7d:31:88:cb:c4:23:2a:32:c7:e6:
         3c:4b:71:6e:32:d6:84:80:94:a1:e9:93:88:35:01:4e:1c:c4:
         64:0b:f1:1c:e9:1e:d3:80:cb:fb:4a:22:f4:87:53:9b:42:a8:
         fc:7f:bc:7c:6e:19:41:13:01:56:3c:55:ec:07:94:9a:12:41:
         d9:d1:8e:72
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUKS2qMoBjlv8ngssljogQL1ToFWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzY0MjMxNDY2NDhDRjZBQzYyNkNDRDA2NTRDNUI1MEVC
RUE5NDc4NzAeFw0yNDAzMTUwMDAyNTJaFw0yNDAzMTYwMTIwNTJaMDMxMTAvBgNV
BAMTKEQ0Qjc3RDNDNEVEMzA0QTA3QUI1NUUwNjY1QkNGOUM1MDM4MkMxNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9pYeIeiogK0hXzs9e2sNjKQX3
yMqSL8KDE8euzLBYWgj33xVM6nULuvpEuOyAPOFZpuRfRIQ/dzA1Rr+Mht84Yuwl
l6mO26cBSm/n90zaah6iiR0TENX523wWlNTV2hX5JrB2+ezWnQPWKc27mrrYDEUg
IkEfgahYlOky14hWnpQYFvzzaif7biS4FQUOjaBGV5ZwWa5tRtoMg6LJyC8lYZKz
z+7gfKrCl7XOiH/Pp59rw6/0t7wb9ZblHS2HkBheO8HHmQzkXXcX+qbay7BpZPAW
jvWurCS2MdeplVP0zU1SICeWC79SRcG5yVZl7kmXplCE0iUN5iEHNsU/s1+TAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQU1Ld9PE7TBKB6tV4GZbz5xQOCwXkwHwYDVR0j
BBgwFoAUdkIxRmSM9qxibM0GVMW1Dr6pR4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTcwZDU1ZTktMDQwYi00ZWIwLTkwNTUtNGIxZTYzYTg4
YTY2LzIvNzY0MjMxNDY2NDhDRjZBQzYyNkNDRDA2NTRDNUI1MEVCRUE5NDc4Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC83NjQyMzE0NjY0OENGNkFDNjI2Q0NEMDY1
NEM1QjUwRUJFQTk0Nzg3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzU3MGQ1NWU5LTA0MGItNGViMC05MDU1LTRiMWU2M2E4OGE2Ni8yLzc2NDIzMTQ2
NjQ4Q0Y2QUM2MjZDQ0QwNjU0QzVCNTBFQkVBOTQ3ODcubWZ0MBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIF
ADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCHNlJZ
zZMx+YZo+ibsf8lVWoi7uNHcmh9uOGZ2z2L9S2aqnzbKvxnbxeBS5Y2/u3lHTTJq
K4pmvxVsqi/j6o3EEr33atEtfC9VUDizI/n04sMCoZIzl17sBnedKGPl1VnWviJY
sAIGDG5OHcd9P2j87OS2mYU29ejsDcUuizlR/ih4i9dYzwK9rz32UatdS22iuRpN
ST0cGAH8uEl5jlMe3wkntECKFCDive4gZj7PUE5ZYhLAFtISeuA/B30xiMvEIyoy
x+Y8S3FuMtaEgJSh6ZOINQFOHMRkC/Ec6R7TgMv7SiL0h1ObQqj8f7x8bhlBEwFW
PFXsB5SaEkHZ0Y5y
-----END CERTIFICATE-----