Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft
File:                     HH3TyBbYWWCARyBUNICV7SuFUeU.mft (raw, json)
Hash identifier:          N/asHmmjzpF7D+EsbU1Ppsl7P3A7mBTbW6SbWKccCbU=
Subject key identifier:   71:EE:D5:C9:FA:2F:67:54:9D:59:91:AE:00:81:7D:21:9C:59:2F:FA
Authority key identifier: 1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5
Certificate issuer:       /CN=1c7dd3c816d8596080472054348095ed2b8551e5
Certificate serial:       0193568A5FD7C9F03B1EEFAC407CE675CC58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft
Manifest number:          10E3
Signing time:             Sat 23 Nov 2024 01:02:09 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:09 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:09 +0000
Files and hashes:         1: HH3TyBbYWWCARyBUNICV7SuFUeU.crl (hash: rvB03zuezSHG8GuyaTmabyo5zX4JNVgWjGbiAe8cbJU=)
                          2: Y5wOizT5hrWA8Jz7MhWicsgd8qo.roa (hash: fSgLMWo+G+s3B7nkPPTCquA7ljBUTZvWVbSa74E5gZM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:5f:d7:c9:f0:3b:1e:ef:ac:40:7c:e6:75:cc:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c7dd3c816d8596080472054348095ed2b8551e5
        Validity
            Not Before: Nov 23 01:02:09 2024 GMT
            Not After : Nov 24 01:02:09 2024 GMT
        Subject: CN=71eed5c9fa2f67549d5991ae00817d219c592ffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c5:d4:c1:6d:fe:aa:5c:31:a5:bf:42:df:6c:
                    ff:b0:e4:0d:15:51:f7:3a:29:5d:16:36:29:a8:c0:
                    3a:e8:64:82:07:8d:5e:66:01:4b:fa:64:af:ac:88:
                    37:94:e1:17:24:00:6a:6b:22:90:d2:59:07:6b:9d:
                    f4:08:8b:2f:74:ac:8f:18:a3:6a:05:5c:23:51:d5:
                    3d:e2:70:84:4b:c8:ac:0b:8f:fe:a0:5a:3a:88:ab:
                    ad:32:fd:17:c4:1a:27:28:6a:cf:eb:46:b9:4c:6f:
                    1e:fa:88:db:0a:f2:3e:8a:c8:f3:90:1c:f3:dd:19:
                    de:3d:67:75:31:16:12:5d:8b:57:ac:b5:b9:88:77:
                    85:5a:0f:9a:10:64:1e:2a:ca:33:4e:00:c6:7d:8a:
                    a7:36:cc:41:c3:59:f9:18:2c:a0:2e:a0:79:af:17:
                    7b:7c:b4:59:86:8f:32:1f:64:82:67:66:ba:18:21:
                    50:66:58:73:a8:20:a8:78:95:85:e7:4b:ac:43:1c:
                    44:23:2d:cb:18:7d:ca:0e:3b:1e:17:3b:7d:ef:2b:
                    0d:ea:6d:d1:c4:73:6b:2f:d3:03:90:12:81:3a:a4:
                    77:6a:dd:d5:6c:9d:8b:0b:24:8d:db:2d:9b:2c:39:
                    7d:84:6b:62:74:af:47:41:0f:e0:c5:2d:7d:16:59:
                    81:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:EE:D5:C9:FA:2F:67:54:9D:59:91:AE:00:81:7D:21:9C:59:2F:FA
            X509v3 Authority Key Identifier:
                keyid:1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:51:58:cf:92:50:26:a3:c4:f6:fa:7f:0b:e3:2b:22:4e:b2:
         8e:dc:9a:96:86:a3:40:1c:a0:82:fe:b0:c1:6b:8c:60:ee:be:
         51:a8:ac:69:1e:f4:16:ff:50:e9:0d:e3:f8:cf:70:e2:04:69:
         f1:ca:58:20:48:3a:76:40:d1:08:b3:33:b2:07:6e:33:34:09:
         8c:88:7f:1f:d0:0b:85:2d:92:cf:d9:65:e6:16:5e:b6:b4:11:
         a0:f6:66:76:92:aa:b4:df:a4:dc:23:66:15:2a:f7:e7:7d:99:
         5a:25:23:5e:ab:58:cd:4d:82:8e:30:66:59:80:92:7a:2e:bb:
         8d:33:e0:74:44:b0:79:bd:88:02:37:5e:5b:be:02:ca:e6:03:
         b0:82:c8:dd:37:c0:3d:39:ec:0d:d0:52:4e:bd:f6:61:fe:4d:
         cd:f0:a5:32:2e:e2:14:7a:37:13:95:81:c6:74:a7:14:b2:40:
         11:62:5d:f0:81:7d:87:b0:90:9a:70:71:98:52:31:54:cc:f8:
         92:67:6c:d7:4c:b0:2a:cf:ec:6a:8c:33:5f:a5:f4:a4:be:d2:
         bb:76:ea:94:32:ab:59:93:61:86:69:78:50:f7:e4:49:45:8a:
         ae:57:cd:dd:e5:54:7e:b7:05:a5:78:68:55:79:3f:17:46:4b:
         4a:cc:bf:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWil/XyfA7Hu+sQHzmdcxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2RkM2M4MTZkODU5NjA4MDQ3MjA1NDM0ODA5NWVkMmI4
NTUxZTUwHhcNMjQxMTIzMDEwMjA5WhcNMjQxMTI0MDEwMjA5WjAzMTEwLwYDVQQD
Eyg3MWVlZDVjOWZhMmY2NzU0OWQ1OTkxYWUwMDgxN2QyMTljNTkyZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MXUwW3+qlwxpb9C32z/sOQNFVH3
OildFjYpqMA66GSCB41eZgFL+mSvrIg3lOEXJABqayKQ0lkHa530CIsvdKyPGKNq
BVwjUdU94nCES8isC4/+oFo6iKutMv0XxBonKGrP60a5TG8e+ojbCvI+isjzkBzz
3RnePWd1MRYSXYtXrLW5iHeFWg+aEGQeKsozTgDGfYqnNsxBw1n5GCygLqB5rxd7
fLRZho8yH2SCZ2a6GCFQZlhzqCCoeJWF50usQxxEIy3LGH3KDjseFzt97ysN6m3R
xHNrL9MDkBKBOqR3at3VbJ2LCySN2y2bLDl9hGtidK9HQQ/gxS19FlmB2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHu1cn6L2dUnVmRrgCBfSGcWS/6MB8GA1UdIwQY
MBaAFBx908gW2FlggEcgVDSAle0rhVHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzkt
Y2MyY2Q3ZDMxYTI2LzEvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzktY2MyY2Q3ZDMxYTI2
LzEvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVFYz5JQ
JqPE9vp/C+MrIk6yjtyaloajQByggv6wwWuMYO6+UaisaR70Fv9Q6Q3j+M9w4gRp
8cpYIEg6dkDRCLMzsgduMzQJjIh/H9ALhS2Sz9ll5hZetrQRoPZmdpKqtN+k3CNm
FSr3532ZWiUjXqtYzU2CjjBmWYCSei67jTPgdESweb2IAjdeW74CyuYDsILI3TfA
PTnsDdBSTr32Yf5NzfClMi7iFHo3E5WBxnSnFLJAEWJd8IF9h7CQmnBxmFIxVMz4
kmds10ywKs/saowzX6X0pL7Su3bqlDKrWZNhhml4UPfkSUWKrlfN3eVUfrcFpXho
VXk/F0ZLSsy/jQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:01 2024 by rpki-client on console-fra.rpki-client.org