Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          hrAPSooFhN1Mxbt0VxKA+viCtdLxrMYyXZesi3zbnHs=
Subject key identifier:   87:2E:E9:92:71:01:88:ED:83:97:2A:97:13:BE:30:50:25:05:51:8A
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       0194C3BE9052F17BF345912CDDBEEC7B1856
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          06BB
Signing time:             Sat 01 Feb 2025 23:00:33 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:33 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:33 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: QwkIyVcxPeAItQmyx/RKpUEFFpN4K4I/zIwVArcwEJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:90:52:f1:7b:f3:45:91:2c:dd:be:ec:7b:18:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Feb  1 23:00:33 2025 GMT
            Not After : Feb  2 23:00:33 2025 GMT
        Subject: CN=872ee992710188ed83972a9713be30502505518a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2f:e4:6b:bf:20:82:dc:b2:0a:8e:58:29:95:
                    a1:4a:ec:67:34:56:4c:6c:cb:c2:12:0b:76:8b:4e:
                    b3:41:9d:70:16:89:74:f9:a8:f1:b2:58:33:96:45:
                    8f:05:46:7e:65:75:da:14:ad:f4:94:a7:d1:82:df:
                    b2:2f:e4:bf:0d:c0:4d:62:72:0d:77:ab:54:6d:4a:
                    de:2a:0d:23:ed:e0:0a:b1:66:15:4c:fd:52:01:56:
                    c8:a1:be:e1:e5:b9:a1:90:c6:79:50:09:67:bf:b8:
                    92:3d:49:92:5a:d6:eb:e7:bd:1c:31:3c:97:54:8a:
                    93:61:8c:fa:94:65:2a:09:98:68:9c:3b:b6:db:b0:
                    ed:86:ad:bb:74:39:32:dc:ad:8b:23:cd:6c:6f:84:
                    22:a4:9a:9f:0b:e8:18:e7:fa:6f:b1:d2:fd:fc:cc:
                    05:a3:af:ce:9b:5b:b5:60:74:4b:67:d4:59:13:3b:
                    36:41:78:02:f4:b6:9a:da:fb:f8:7e:1a:3c:2c:1f:
                    11:7f:2d:fb:ba:7e:9f:a9:84:23:b4:ca:44:59:22:
                    fb:21:af:a7:b9:64:26:cc:56:b4:06:e4:b2:47:a6:
                    ab:51:d7:2b:84:be:86:b7:65:aa:d9:46:89:19:42:
                    cf:77:ba:b1:00:cc:3c:46:88:e0:d3:18:60:d0:c5:
                    49:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:2E:E9:92:71:01:88:ED:83:97:2A:97:13:BE:30:50:25:05:51:8A
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:05:71:a3:3c:b6:2b:71:f8:b9:c9:41:86:c2:c5:24:2f:71:
         64:db:e5:a3:37:e6:58:20:b4:d9:80:28:14:8d:65:33:23:03:
         48:7f:98:6d:ef:a2:b8:b8:99:ee:9c:89:34:cc:01:48:d0:38:
         09:dc:0e:24:07:b4:92:89:02:6f:15:65:fb:77:7d:6b:3a:22:
         12:b3:fe:91:1d:0e:ae:9b:68:e0:a2:71:6f:28:80:90:ec:e3:
         6a:5b:32:87:04:89:53:8d:81:c6:0b:c2:4e:37:c5:1b:a4:2a:
         75:2b:cc:43:94:ba:38:5e:d0:ec:d2:e8:5a:ca:53:f5:3c:7e:
         71:1e:bd:92:46:ac:9e:bd:d9:6e:dd:ad:75:67:c8:76:1e:d9:
         17:14:cb:83:c2:e1:69:62:c6:56:96:f3:0f:67:64:67:5d:d0:
         d4:67:ce:93:30:74:b5:df:7f:77:62:39:d7:15:04:a1:df:d8:
         07:30:25:bd:11:d4:80:e4:ed:ab:2e:4e:42:ef:a0:42:62:9c:
         74:71:b9:5e:d7:46:77:cd:0a:4e:dc:fb:29:74:8e:08:11:2e:
         41:e8:c5:a8:a2:7b:50:63:69:97:74:8d:7b:57:1c:d3:32:98:
         8a:bb:56:e0:0c:c1:2e:5e:46:42:1c:5e:e9:b3:86:2b:c2:ff:
         1b:05:10:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvpBS8XvzRZEs3b7sexhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwMjAxMjMwMDMzWhcNMjUwMjAyMjMwMDMzWjAzMTEwLwYDVQQD
Eyg4NzJlZTk5MjcxMDE4OGVkODM5NzJhOTcxM2JlMzA1MDI1MDU1MThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy/ka78ggtyyCo5YKZWhSuxnNFZM
bMvCEgt2i06zQZ1wFol0+ajxslgzlkWPBUZ+ZXXaFK30lKfRgt+yL+S/DcBNYnIN
d6tUbUreKg0j7eAKsWYVTP1SAVbIob7h5bmhkMZ5UAlnv7iSPUmSWtbr570cMTyX
VIqTYYz6lGUqCZhonDu227Dthq27dDky3K2LI81sb4QipJqfC+gY5/pvsdL9/MwF
o6/Om1u1YHRLZ9RZEzs2QXgC9Laa2vv4fho8LB8Rfy37un6fqYQjtMpEWSL7Ia+n
uWQmzFa0BuSyR6arUdcrhL6Gt2Wq2UaJGULPd7qxAMw8Rojg0xhg0MVJUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcu6ZJxAYjtg5cqlxO+MFAlBVGKMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbgVxozy2
K3H4uclBhsLFJC9xZNvlozfmWCC02YAoFI1lMyMDSH+Ybe+iuLiZ7pyJNMwBSNA4
CdwOJAe0kokCbxVl+3d9azoiErP+kR0Orpto4KJxbyiAkOzjalsyhwSJU42BxgvC
TjfFG6QqdSvMQ5S6OF7Q7NLoWspT9Tx+cR69kkasnr3Zbt2tdWfIdh7ZFxTLg8Lh
aWLGVpbzD2dkZ13Q1GfOkzB0td9/d2I51xUEod/YBzAlvRHUgOTtqy5OQu+gQmKc
dHG5XtdGd80KTtz7KXSOCBEuQejFqKJ7UGNpl3SNe1cc0zKYirtW4AzBLl5GQhxe
6bOGK8L/GwUQrA==
-----END CERTIFICATE-----