Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          LlOnw4PdhIQtApixb3YjvBCchp20lFJQ2PBv7Kwa8hg=
Subject key identifier:   74:C3:95:50:6C:FD:F2:3E:27:1F:AC:11:87:7B:9B:8F:85:66:78:27
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       01936A7DC4BF9F069D63345E05E3E70570FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          042A
Signing time:             Tue 26 Nov 2024 22:00:47 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:47 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:47 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: Ik4UgwKeOuZ0gGmCih1MQA3l5bGt3DdC7aJOXrc7V0E=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:c4:bf:9f:06:9d:63:34:5e:05:e3:e7:05:70:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Nov 26 22:00:47 2024 GMT
            Not After : Nov 27 22:00:47 2024 GMT
        Subject: CN=74c395506cfdf23e271fac11877b9b8f85667827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:9a:79:2a:60:22:33:64:01:79:07:6c:ec:3a:
                    65:99:b4:69:2d:c6:a8:aa:d9:d2:37:4e:77:d8:4d:
                    34:a7:97:22:33:41:d5:da:f6:26:8f:ef:b7:60:a1:
                    aa:54:09:9d:51:9b:8b:f6:43:71:c4:0e:05:82:f8:
                    e1:9c:8a:11:0e:75:4c:d2:1a:b9:04:14:8d:da:26:
                    b3:17:b6:dc:39:b9:55:12:ea:a2:e5:6e:6d:58:34:
                    3a:ef:2f:4a:dd:e8:d0:9d:ad:ee:67:c8:6f:a0:77:
                    54:f2:38:cf:14:00:fe:8a:89:84:6a:cb:99:db:54:
                    47:2d:3d:9f:64:b5:0a:81:f8:d3:28:d4:cf:af:41:
                    31:f6:1f:37:fa:ec:3d:85:88:ae:b0:0e:2a:ef:c4:
                    01:dc:e1:ae:73:73:f0:a5:ce:ed:99:d3:22:51:cc:
                    0f:1f:bf:56:e6:6e:ae:0f:94:d1:8f:01:5a:a7:9e:
                    59:c5:69:a0:9f:94:a8:5a:d4:34:4f:d4:59:b6:1c:
                    e2:dc:65:c5:a9:1d:e2:36:0e:99:c1:2d:83:06:0a:
                    89:96:eb:0f:1b:98:14:8c:01:d1:39:a3:e9:48:8a:
                    ba:c1:3a:e0:6a:f4:1d:39:7f:f2:01:9d:7c:d0:9b:
                    f6:28:c3:a6:89:0d:71:ba:9f:bd:04:ce:24:6f:c0:
                    bd:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C3:95:50:6C:FD:F2:3E:27:1F:AC:11:87:7B:9B:8F:85:66:78:27
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:85:4c:af:b3:51:8d:c2:77:83:7c:08:27:d6:99:9a:8b:75:
         68:4b:ef:e4:9e:ba:38:3d:37:aa:8d:01:d0:56:e3:17:bc:b0:
         30:3e:5b:7e:75:25:41:1b:62:29:ee:ee:70:ac:43:50:78:c5:
         42:f6:06:11:b8:cb:1b:53:26:cc:30:2d:18:9a:2f:52:13:5d:
         41:e8:8a:0d:e9:53:98:de:7d:ac:c1:63:7a:67:33:bc:cd:84:
         27:ad:63:70:77:8b:9d:1e:49:79:33:84:2c:72:00:51:c3:d3:
         21:8b:97:ea:a9:61:f3:cb:e0:06:fc:f9:37:8b:2b:9f:70:9d:
         f0:16:95:ce:88:16:45:34:a0:55:cc:d2:bb:5f:c1:60:04:5f:
         12:a2:ab:73:35:ca:bd:af:83:56:40:a8:07:33:b4:45:e0:26:
         b3:74:c3:00:1e:b9:7c:65:56:e1:47:af:44:1d:88:31:b6:75:
         b9:ed:cb:e4:f2:20:09:1c:44:dc:2f:43:9d:0a:0e:c2:27:60:
         37:58:dc:4f:ba:f1:ae:a9:9c:65:ab:c8:7e:6e:e0:b7:7c:0b:
         2e:01:ae:d1:05:c8:35:07:23:a1:85:ab:07:53:67:08:0a:86:
         30:4e:0b:c1:c9:24:2a:da:b1:7c:fc:a1:70:2e:7a:3f:3d:ed:
         bb:85:00:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfcS/nwadYzReBePnBXD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjQxMTI2MjIwMDQ3WhcNMjQxMTI3MjIwMDQ3WjAzMTEwLwYDVQQD
Eyg3NGMzOTU1MDZjZmRmMjNlMjcxZmFjMTE4NzdiOWI4Zjg1NjY3ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Jp5KmAiM2QBeQds7DplmbRpLcao
qtnSN0532E00p5ciM0HV2vYmj++3YKGqVAmdUZuL9kNxxA4FgvjhnIoRDnVM0hq5
BBSN2iazF7bcOblVEuqi5W5tWDQ67y9K3ejQna3uZ8hvoHdU8jjPFAD+iomEasuZ
21RHLT2fZLUKgfjTKNTPr0Ex9h83+uw9hYiusA4q78QB3OGuc3Pwpc7tmdMiUcwP
H79W5m6uD5TRjwFap55ZxWmgn5SoWtQ0T9RZthzi3GXFqR3iNg6ZwS2DBgqJlusP
G5gUjAHROaPpSIq6wTrgavQdOX/yAZ180Jv2KMOmiQ1xup+9BM4kb8C9WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTDlVBs/fI+Jx+sEYd7m4+FZngnMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4VMr7NR
jcJ3g3wIJ9aZmot1aEvv5J66OD03qo0B0FbjF7ywMD5bfnUlQRtiKe7ucKxDUHjF
QvYGEbjLG1MmzDAtGJovUhNdQeiKDelTmN59rMFjemczvM2EJ61jcHeLnR5JeTOE
LHIAUcPTIYuX6qlh88vgBvz5N4srn3Cd8BaVzogWRTSgVczSu1/BYARfEqKrczXK
va+DVkCoBzO0ReAms3TDAB65fGVW4UevRB2IMbZ1ue3L5PIgCRxE3C9DnQoOwidg
N1jcT7rxrqmcZavIfm7gt3wLLgGu0QXINQcjoYWrB1NnCAqGME4LwckkKtqxfPyh
cC56Pz3tu4UAFg==
-----END CERTIFICATE-----