Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          J9Li578Bd0GZ2JuhBndh2wSET/8KBfSYhFh+SPU65uU=
Subject key identifier:   DD:0C:C0:E8:69:92:69:7B:89:E0:E2:C7:C3:70:2C:30:CA:46:4D:D0
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       01903518B340D7AD4953CAD0244C693B1991
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          0DB5
Signing time:             Thu 20 Jun 2024 10:02:09 +0000
Manifest this update:     Thu 20 Jun 2024 10:02:09 +0000
Manifest next update:     Fri 21 Jun 2024 10:02:09 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: nP94HBPMXy17ddKhZd3iCh11rQokkJhaoc/a6fMIfqM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 10:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:35:18:b3:40:d7:ad:49:53:ca:d0:24:4c:69:3b:19:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Jun 20 10:02:09 2024 GMT
            Not After : Jun 21 10:02:09 2024 GMT
        Subject: CN=dd0cc0e86992697b89e0e2c7c3702c30ca464dd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:38:fd:54:58:15:0a:c2:2a:70:1a:4b:24:f5:
                    81:91:16:86:7a:62:b2:63:57:91:03:2c:30:e2:17:
                    48:ba:23:e6:57:f5:21:8b:0c:75:e4:00:71:1c:c1:
                    fa:80:07:00:ab:54:92:30:4b:5c:c6:61:9f:b6:98:
                    b7:83:85:21:1f:78:5b:bf:73:d2:8c:bd:3d:78:58:
                    91:2b:0e:41:b0:04:86:01:c6:06:a7:e1:16:4d:99:
                    ad:67:6e:12:17:b7:b3:fa:ed:2d:b6:f5:7c:19:3c:
                    fc:82:55:da:4a:4c:72:4e:37:e5:ec:6c:88:84:e4:
                    25:38:32:52:e4:44:d9:35:96:0d:5b:5c:f9:ef:43:
                    76:6a:6b:5f:85:28:f4:6e:8a:b5:ea:05:68:f0:a8:
                    a8:63:46:31:09:bc:1f:7f:2f:ff:1d:ec:63:ae:91:
                    26:17:42:4b:2e:1b:50:73:75:eb:4b:46:dc:68:41:
                    90:90:04:92:b2:d9:45:e6:f8:b8:61:78:47:41:2e:
                    4c:08:73:f5:2b:96:ec:37:72:80:9f:a6:4e:0b:a5:
                    3c:7a:2b:e9:13:ac:71:e0:37:31:f4:d5:47:42:6a:
                    dc:0a:e4:8f:a4:d7:0c:30:5f:ce:71:d0:24:1a:ae:
                    e6:a7:7c:6c:95:a7:02:3e:cb:e6:cb:f5:1d:a5:4f:
                    2a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:0C:C0:E8:69:92:69:7B:89:E0:E2:C7:C3:70:2C:30:CA:46:4D:D0
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f8:b7:43:58:76:32:ca:42:2d:1a:31:36:7c:99:87:c0:76:
         80:7c:9d:e9:69:b7:be:ac:ff:9e:bf:a6:4b:79:69:92:cf:4f:
         69:5c:29:c9:0f:87:88:ef:f4:ff:0d:0c:0e:22:af:e6:6d:6b:
         97:ee:01:35:33:8d:fe:33:c7:37:f0:9b:48:45:8d:a0:89:ae:
         75:d7:7e:f1:59:2d:00:3e:46:31:ae:9b:58:51:df:63:df:fc:
         fe:85:73:c9:45:b8:bf:28:1c:17:09:89:b1:05:41:a5:94:dc:
         cb:35:27:39:e3:49:24:79:98:1d:17:f4:b4:95:6a:58:cf:e7:
         b4:27:f2:0d:cd:cc:05:bc:c0:d4:22:95:67:94:0c:d2:9c:fc:
         f6:f8:43:88:bc:80:26:47:51:a6:bf:7e:2b:4b:72:9c:72:f4:
         8b:33:a7:2e:9a:07:30:26:a9:17:a9:d2:3e:1b:ad:dc:d9:ed:
         2c:f8:2d:fa:6d:95:19:78:7d:2b:52:99:5c:e7:9a:74:76:85:
         c4:27:da:50:77:94:b7:95:92:ff:d3:5a:df:95:d1:87:a9:57:
         41:38:9c:1c:c6:d4:fa:f4:e9:d4:fd:d1:10:88:e3:57:34:5f:
         39:64:a9:0c:8c:1f:b4:5f:48:88:b4:da:0c:75:ac:6e:40:ca:
         5c:ca:f0:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA1GLNA161JU8rQJExpOxmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjQwNjIwMTAwMjA5WhcNMjQwNjIxMTAwMjA5WjAzMTEwLwYDVQQD
EyhkZDBjYzBlODY5OTI2OTdiODllMGUyYzdjMzcwMmMzMGNhNDY0ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzj9VFgVCsIqcBpLJPWBkRaGemKy
Y1eRAyww4hdIuiPmV/Uhiwx15ABxHMH6gAcAq1SSMEtcxmGftpi3g4UhH3hbv3PS
jL09eFiRKw5BsASGAcYGp+EWTZmtZ24SF7ez+u0ttvV8GTz8glXaSkxyTjfl7GyI
hOQlODJS5ETZNZYNW1z570N2amtfhSj0boq16gVo8KioY0YxCbwffy//HexjrpEm
F0JLLhtQc3XrS0bcaEGQkASSstlF5vi4YXhHQS5MCHP1K5bsN3KAn6ZOC6U8eivp
E6xx4Dcx9NVHQmrcCuSPpNcMMF/OcdAkGq7mp3xslacCPsvmy/UdpU8qpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0MwOhpkml7ieDix8NwLDDKRk3QMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfi3Q1h2
MspCLRoxNnyZh8B2gHyd6Wm3vqz/nr+mS3lpks9PaVwpyQ+HiO/0/w0MDiKv5m1r
l+4BNTON/jPHN/CbSEWNoImuddd+8VktAD5GMa6bWFHfY9/8/oVzyUW4vygcFwmJ
sQVBpZTcyzUnOeNJJHmYHRf0tJVqWM/ntCfyDc3MBbzA1CKVZ5QM0pz89vhDiLyA
JkdRpr9+K0tynHL0izOnLpoHMCapF6nSPhut3NntLPgt+m2VGXh9K1KZXOeadHaF
xCfaUHeUt5WS/9Na35XRh6lXQTicHMbU+vTp1P3REIjjVzRfOWSpDIwftF9IiLTa
DHWsbkDKXMrwyg==
-----END CERTIFICATE-----