Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          42MuWMB+TDRuCQSK2bpl4/bZCVgJOTck7kzZbalPNfg=
Subject key identifier:   B2:C2:A9:71:85:7E:D4:F4:8A:A2:BC:95:95:90:6B:10:62:BE:25:65
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       01964D7E769313D9D5F7D279E345B3C00019
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0620
Signing time:             Sat 19 Apr 2025 10:00:55 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:55 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:55 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: v06e00dKJ0YTDyIk+aSUBtfPWcBRoJ/qCvmnIKcPH3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:76:93:13:d9:d5:f7:d2:79:e3:45:b3:c0:00:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Apr 19 10:00:55 2025 GMT
            Not After : Apr 20 10:00:55 2025 GMT
        Subject: CN=b2c2a971857ed4f48aa2bc9595906b1062be2565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:da:aa:fb:e9:4f:95:39:cf:d0:cb:ea:ca:2f:
                    5a:39:71:2a:4b:b8:12:1a:30:1b:18:a6:7e:74:08:
                    34:be:ff:f1:f3:b7:b3:db:d6:2b:67:8d:92:b7:32:
                    94:90:a2:ff:e6:32:81:37:a6:3d:fc:ef:96:b0:7e:
                    19:cc:c5:aa:1d:58:66:a9:11:53:49:cd:4b:19:34:
                    84:04:09:c5:cf:e7:72:3d:78:b8:6d:4a:ff:f9:3a:
                    64:3f:90:63:bb:13:dd:d5:c3:63:87:e1:1d:30:68:
                    ee:2c:d8:a3:32:f1:7e:b2:2a:66:a8:59:6b:85:36:
                    45:c9:4b:65:3d:4d:0d:5f:b9:30:ba:a2:43:e8:de:
                    3e:51:2c:e4:34:a4:5a:99:3e:08:a6:2e:41:4e:f6:
                    cb:16:29:0e:05:64:74:16:f4:fa:a7:16:7a:dc:5f:
                    a7:60:07:f0:ec:02:ed:7c:ac:b5:0b:f1:85:6e:7d:
                    26:9e:18:e2:a8:d4:c7:3c:f2:b9:39:01:f2:6a:9a:
                    f3:6d:7b:ef:c4:ed:75:92:7c:34:5d:77:88:04:75:
                    22:8d:ec:97:c6:30:0b:9f:9a:45:87:19:f6:7e:79:
                    74:cf:43:c7:d5:c2:17:29:00:4a:72:3f:d5:20:30:
                    ca:46:85:b9:ae:6b:d0:67:26:a4:b3:7f:8d:88:32:
                    a5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:C2:A9:71:85:7E:D4:F4:8A:A2:BC:95:95:90:6B:10:62:BE:25:65
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:7c:0c:4b:4b:cc:e5:60:63:b1:cc:88:45:d0:46:74:ef:bc:
         65:29:90:19:0a:b4:65:86:e7:74:1d:be:3e:43:7b:7b:73:8d:
         4b:b3:38:8e:ca:2a:bf:cc:23:24:5f:1f:36:02:57:51:1c:dd:
         9d:48:5c:b5:32:fb:62:1a:33:17:ea:8c:3a:ef:7f:15:b1:52:
         8f:08:f6:54:1a:d1:ac:08:b0:c0:23:24:a8:a8:6b:21:be:b4:
         6c:dd:e9:78:44:7d:aa:2a:09:0c:65:b6:76:c0:27:18:bd:1a:
         81:1f:a2:7b:98:b2:23:fe:fe:c2:96:08:f1:f9:8c:1f:e3:60:
         d4:ab:58:11:0b:90:ef:14:86:6e:66:08:8e:02:1b:7a:dd:38:
         b7:30:0a:58:bf:3f:da:70:4e:08:d6:0e:be:4c:16:86:cf:07:
         67:7e:44:ce:21:b8:d5:71:d5:98:3c:c5:9c:a8:0f:e2:b7:6f:
         da:70:4f:47:79:e2:29:e0:4e:ff:e4:18:54:d7:88:87:06:ec:
         50:7b:70:fe:e5:2e:57:70:02:25:53:7b:40:03:b6:d1:d9:cd:
         29:af:e6:ea:f4:7c:39:b2:85:27:8c:e1:9e:eb:8b:c9:57:3f:
         1c:b8:db:3f:e4:97:f4:d8:48:a2:09:8f:d1:b3:34:28:60:f1:
         ef:89:63:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfnaTE9nV99J540WzwAAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUwNDE5MTAwMDU1WhcNMjUwNDIwMTAwMDU1WjAzMTEwLwYDVQQD
EyhiMmMyYTk3MTg1N2VkNGY0OGFhMmJjOTU5NTkwNmIxMDYyYmUyNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotqq++lPlTnP0Mvqyi9aOXEqS7gS
GjAbGKZ+dAg0vv/x87ez29YrZ42StzKUkKL/5jKBN6Y9/O+WsH4ZzMWqHVhmqRFT
Sc1LGTSEBAnFz+dyPXi4bUr/+TpkP5BjuxPd1cNjh+EdMGjuLNijMvF+sipmqFlr
hTZFyUtlPU0NX7kwuqJD6N4+USzkNKRamT4Ipi5BTvbLFikOBWR0FvT6pxZ63F+n
YAfw7ALtfKy1C/GFbn0mnhjiqNTHPPK5OQHyaprzbXvvxO11knw0XXeIBHUijeyX
xjALn5pFhxn2fnl0z0PH1cIXKQBKcj/VIDDKRoW5rmvQZyaks3+NiDKlLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLCqXGFftT0iqK8lZWQaxBiviVlMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm3wMS0vM
5WBjscyIRdBGdO+8ZSmQGQq0ZYbndB2+PkN7e3ONS7M4jsoqv8wjJF8fNgJXURzd
nUhctTL7YhozF+qMOu9/FbFSjwj2VBrRrAiwwCMkqKhrIb60bN3peER9qioJDGW2
dsAnGL0agR+ie5iyI/7+wpYI8fmMH+Ng1KtYEQuQ7xSGbmYIjgIbet04tzAKWL8/
2nBOCNYOvkwWhs8HZ35EziG41XHVmDzFnKgP4rdv2nBPR3niKeBO/+QYVNeIhwbs
UHtw/uUuV3ACJVN7QAO20dnNKa/m6vR8ObKFJ4zhnuuLyVc/HLjbP+SX9NhIogmP
0bM0KGDx74lj2A==
-----END CERTIFICATE-----