Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          4/dsd4g3TIEGqC9tn2CenwcAHnhtgj5TYrqe3Uipt5I=
Subject key identifier:   43:C4:C0:53:B1:0C:1F:95:FB:01:CC:51:96:A8:DF:1D:92:74:58:08
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       018F4B6E8E4CC2E0945B8468FE23EA913352
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          10E7
Signing time:             Mon 06 May 2024 01:04:47 +0000
Manifest this update:     Mon 06 May 2024 01:04:47 +0000
Manifest next update:     Tue 07 May 2024 01:04:47 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: R0CP9o4uAs0971q9YNPM55/xEcJy48rwxRqN1XtusZU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 01:04:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4b:6e:8e:4c:c2:e0:94:5b:84:68:fe:23:ea:91:33:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: May  6 01:04:47 2024 GMT
            Not After : May  7 01:04:47 2024 GMT
        Subject: CN=43c4c053b10c1f95fb01cc5196a8df1d92745808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cd:d6:3d:5b:57:bd:5e:fc:4c:35:dd:d5:00:
                    29:9a:68:51:c4:65:5d:3b:fd:da:f6:15:73:34:0b:
                    81:09:35:8c:2a:49:ab:4e:39:5b:8c:24:3f:a9:21:
                    09:42:09:7a:b4:91:97:70:56:a2:be:0a:cc:56:13:
                    90:00:5c:8d:eb:ff:bb:a6:fd:d0:e9:58:22:c0:9a:
                    96:93:13:33:8d:7f:1e:25:ff:42:bf:2d:0e:1b:20:
                    a4:d8:92:06:85:8d:6f:f2:ef:aa:1a:bc:88:4d:d2:
                    4d:a4:61:c2:88:d9:46:d5:ab:98:2b:30:c7:59:39:
                    c4:16:69:19:20:4a:d5:27:d8:8c:0b:69:50:65:99:
                    e3:ce:f0:01:dd:51:e2:e2:3c:bd:94:90:38:c9:eb:
                    b1:32:7e:57:b4:05:77:3d:2e:b9:79:4c:64:b9:79:
                    56:15:c1:1c:25:8b:cc:ad:51:d8:b4:0e:e2:4b:32:
                    0b:38:90:e4:f8:9d:e3:d4:a8:9d:c2:34:b4:df:77:
                    4b:99:cf:91:19:3e:9a:be:86:6f:55:2b:4b:92:40:
                    9e:57:ae:3a:fc:09:48:59:a0:65:7f:87:1a:2f:11:
                    92:e5:a8:83:80:5f:f9:47:1a:51:aa:ca:4a:85:25:
                    ea:01:80:4e:2c:5f:33:8e:60:c1:83:56:f7:0b:47:
                    26:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:C4:C0:53:B1:0C:1F:95:FB:01:CC:51:96:A8:DF:1D:92:74:58:08
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:68:b9:b3:7a:db:68:f8:9b:4e:ef:55:8c:38:3a:58:c1:b6:
         0d:11:a8:c2:1c:23:b0:9e:5d:b3:36:7b:2a:2d:a5:a4:5f:b7:
         b8:df:02:11:5c:82:d7:4d:8b:9a:8c:c9:27:f0:f6:39:89:2f:
         a7:e8:be:56:54:f0:ec:9d:1a:c6:5b:57:e6:b0:e2:2e:9f:59:
         4b:01:59:5a:fa:f5:31:3a:3e:53:a2:75:8c:aa:40:5a:d9:25:
         3d:b4:55:22:f7:fe:24:78:35:17:a5:83:81:9b:84:49:33:90:
         24:ee:89:75:81:6a:fe:fd:02:56:7d:55:d5:5f:7e:95:97:49:
         b2:87:06:cc:95:4f:2a:4c:98:46:d9:af:29:87:f3:9f:72:f4:
         9f:5e:09:b3:ee:19:28:ce:33:cb:16:30:c6:d3:22:13:8a:71:
         62:67:c8:2a:1a:b9:1b:ab:ff:1c:ab:7d:da:a6:b5:1d:b7:63:
         0e:9c:a7:16:33:2d:95:af:2d:27:ba:b7:31:62:0f:d9:ff:43:
         2f:7e:81:f9:7c:26:28:af:39:20:7c:ef:f5:54:0e:9e:6b:81:
         b4:3a:49:53:19:97:f7:7c:c7:2b:ce:fc:2c:d0:45:4b:de:dc:
         46:ba:61:51:5e:29:b7:8f:a0:a4:65:df:fc:b8:80:aa:10:e4:
         00:1a:67:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Lbo5MwuCUW4Ro/iPqkTNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjQwNTA2MDEwNDQ3WhcNMjQwNTA3MDEwNDQ3WjAzMTEwLwYDVQQD
Eyg0M2M0YzA1M2IxMGMxZjk1ZmIwMWNjNTE5NmE4ZGYxZDkyNzQ1ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps3WPVtXvV78TDXd1QApmmhRxGVd
O/3a9hVzNAuBCTWMKkmrTjlbjCQ/qSEJQgl6tJGXcFaivgrMVhOQAFyN6/+7pv3Q
6VgiwJqWkxMzjX8eJf9Cvy0OGyCk2JIGhY1v8u+qGryITdJNpGHCiNlG1auYKzDH
WTnEFmkZIErVJ9iMC2lQZZnjzvAB3VHi4jy9lJA4yeuxMn5XtAV3PS65eUxkuXlW
FcEcJYvMrVHYtA7iSzILOJDk+J3j1KidwjS033dLmc+RGT6avoZvVStLkkCeV646
/AlIWaBlf4caLxGS5aiDgF/5RxpRqspKhSXqAYBOLF8zjmDBg1b3C0cmFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPEwFOxDB+V+wHMUZao3x2SdFgIMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2i5s3rb
aPibTu9VjDg6WMG2DRGowhwjsJ5dszZ7Ki2lpF+3uN8CEVyC102LmozJJ/D2OYkv
p+i+VlTw7J0axltX5rDiLp9ZSwFZWvr1MTo+U6J1jKpAWtklPbRVIvf+JHg1F6WD
gZuESTOQJO6JdYFq/v0CVn1V1V9+lZdJsocGzJVPKkyYRtmvKYfzn3L0n14Js+4Z
KM4zyxYwxtMiE4pxYmfIKhq5G6v/HKt92qa1HbdjDpynFjMtla8tJ7q3MWIP2f9D
L36B+XwmKK85IHzv9VQOnmuBtDpJUxmX93zHK878LNBFS97cRrphUV4pt4+gpGXf
/LiAqhDkABpnVQ==
-----END CERTIFICATE-----