Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          b3+WeuE/QAmoEmLO/d56bl5avq2PfCWcUFf7t52LNHU=
Subject key identifier:   F9:9E:B3:77:18:2A:3F:12:9C:1E:FD:6B:AE:08:66:01:F0:4C:26:9A
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0193572E133458EFC692B246CAA66B3DA09A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0743
Signing time:             Sat 23 Nov 2024 04:00:57 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:57 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:57 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: ukhL9z2lfcUoVSis2X3f+BFm3YMB6ZK8lll6gOrd2b4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2e:13:34:58:ef:c6:92:b2:46:ca:a6:6b:3d:a0:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Nov 23 04:00:57 2024 GMT
            Not After : Nov 24 04:00:57 2024 GMT
        Subject: CN=f99eb377182a3f129c1efd6bae086601f04c269a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:13:63:d6:f1:93:a2:60:e0:b2:58:1b:13:6f:
                    7d:26:08:a1:fd:87:5d:dd:4d:04:d8:cd:e8:95:c0:
                    03:35:e7:95:1f:db:e1:b0:6c:7d:c5:f9:75:d9:b6:
                    b6:1a:55:45:1b:6c:85:1b:8f:b2:9d:fa:14:f6:f4:
                    8b:34:78:40:4c:c0:bd:73:0e:29:9b:47:5e:a1:71:
                    fe:86:9f:b6:e9:e2:0a:1d:63:c1:d6:d8:b2:33:6e:
                    2b:02:87:6b:e3:55:03:70:0c:9a:ff:a6:d9:9e:8a:
                    3f:00:8a:fa:0d:44:04:b4:45:6b:19:3f:b4:d2:09:
                    85:a1:c2:72:ce:b4:24:3f:37:ea:3b:da:84:8f:d9:
                    94:dc:2e:2d:de:a2:3e:80:7c:e5:fc:b6:d1:28:44:
                    d1:30:f1:c6:fd:ac:66:56:88:d9:61:1e:48:aa:81:
                    bb:a4:59:94:d6:c3:b9:ca:a4:22:61:cf:d4:71:e4:
                    85:2b:e5:44:6a:b3:28:59:96:48:b7:80:82:8f:de:
                    07:e0:1b:a7:74:b2:f7:35:5a:65:75:c9:ab:cc:3b:
                    09:80:6e:9a:e0:2f:47:eb:71:bb:61:82:b6:af:c2:
                    db:61:33:24:c7:f0:55:03:77:36:f5:47:cf:b8:03:
                    7c:e5:cd:a0:66:26:1c:1a:c1:cc:0e:b4:e1:8a:b5:
                    6f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:9E:B3:77:18:2A:3F:12:9C:1E:FD:6B:AE:08:66:01:F0:4C:26:9A
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:6c:a3:da:80:d6:a7:0c:13:7d:b1:a2:96:1d:f0:a3:b0:5c:
         51:74:cc:d7:51:25:3b:dc:01:c3:a3:60:3d:22:41:f6:00:23:
         f8:82:28:d2:94:72:2b:18:43:27:77:9f:3e:69:3c:f9:5a:9c:
         95:8c:f1:4d:1e:a6:56:cf:bb:da:dc:96:01:9b:89:32:bb:f6:
         15:12:d2:60:e6:79:91:98:ae:19:89:31:3f:8b:fa:22:bd:e9:
         ff:9c:18:18:4f:d8:22:70:dc:e0:f4:9d:b9:eb:1e:84:d7:50:
         e2:a7:94:1d:55:26:7f:d6:d9:f8:a6:d6:15:f9:65:ac:67:0f:
         27:76:ed:05:61:ff:0e:77:a0:39:03:17:f5:ae:23:57:7a:20:
         bb:8f:86:d5:e8:11:c2:d2:5f:c5:92:48:00:7d:71:04:71:f9:
         71:06:ce:62:24:60:a8:35:c4:ff:fd:ee:c1:c3:f8:f7:df:92:
         e7:34:f5:68:c5:0e:f3:55:80:6a:1d:7d:0f:06:13:53:ac:c4:
         49:45:86:8b:a9:78:4a:43:1d:03:e4:79:95:05:f5:fd:b5:96:
         1c:19:f9:cb:aa:73:ac:91:02:83:6b:5c:93:5c:9f:74:de:9b:
         af:23:d8:b6:71:ba:fb:a3:e3:a4:22:16:aa:ef:51:4d:a3:86:
         74:0b:4f:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLhM0WO/GkrJGyqZrPaCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjQxMTIzMDQwMDU3WhcNMjQxMTI0MDQwMDU3WjAzMTEwLwYDVQQD
EyhmOTllYjM3NzE4MmEzZjEyOWMxZWZkNmJhZTA4NjYwMWYwNGMyNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxNj1vGTomDgslgbE299Jgih/Ydd
3U0E2M3olcADNeeVH9vhsGx9xfl12ba2GlVFG2yFG4+ynfoU9vSLNHhATMC9cw4p
m0deoXH+hp+26eIKHWPB1tiyM24rAodr41UDcAya/6bZnoo/AIr6DUQEtEVrGT+0
0gmFocJyzrQkPzfqO9qEj9mU3C4t3qI+gHzl/LbRKETRMPHG/axmVojZYR5IqoG7
pFmU1sO5yqQiYc/UceSFK+VEarMoWZZIt4CCj94H4BundLL3NVpldcmrzDsJgG6a
4C9H63G7YYK2r8LbYTMkx/BVA3c29UfPuAN85c2gZiYcGsHMDrThirVv+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmes3cYKj8SnB79a64IZgHwTCaaMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEmyj2oDW
pwwTfbGilh3wo7BcUXTM11ElO9wBw6NgPSJB9gAj+IIo0pRyKxhDJ3efPmk8+Vqc
lYzxTR6mVs+72tyWAZuJMrv2FRLSYOZ5kZiuGYkxP4v6Ir3p/5wYGE/YInDc4PSd
uesehNdQ4qeUHVUmf9bZ+KbWFfllrGcPJ3btBWH/DnegOQMX9a4jV3ogu4+G1egR
wtJfxZJIAH1xBHH5cQbOYiRgqDXE//3uwcP499+S5zT1aMUO81WAah19DwYTU6zE
SUWGi6l4SkMdA+R5lQX1/bWWHBn5y6pzrJECg2tck1yfdN6bryPYtnG6+6PjpCIW
qu9RTaOGdAtPdA==
-----END CERTIFICATE-----