Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
File:                     3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json)
Hash identifier:          a2ZoOWH27AlKUmOhHFA+CyxqC967PvqyAKoVyisChQM=
Subject key identifier:   30:00:7D:26:9B:FC:52:6E:10:C4:20:09:A8:61:D3:94:EC:C8:8C:5C
Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
Certificate issuer:       /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Certificate serial:       0194BB5FFE14ECDE123F6159261CB05B08F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
Manifest number:          03
Signing time:             Fri 31 Jan 2025 08:00:17 +0000
Manifest this update:     Fri 31 Jan 2025 08:00:17 +0000
Manifest next update:     Sat 01 Feb 2025 08:00:17 +0000
Files and hashes:         1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: gQMWd0jg+HxCFfvTFMYNK2HsNai9xb2+Qx+5gJliXqM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:5f:fe:14:ec:de:12:3f:61:59:26:1c:b0:5b:08:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
        Validity
            Not Before: Jan 31 08:00:17 2025 GMT
            Not After : Feb  1 08:00:17 2025 GMT
        Subject: CN=30007d269bfc526e10c42009a861d394ecc88c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4f:64:61:df:31:2e:6c:10:2c:9d:a1:03:e2:
                    68:80:f1:a7:0e:34:cb:06:43:1e:84:d8:30:f1:2f:
                    87:54:ff:da:93:ba:0e:96:31:3e:69:c9:99:30:ed:
                    19:35:54:2d:f2:ff:71:e5:30:05:44:99:0a:27:80:
                    83:77:be:33:48:b6:61:53:9b:ec:1e:ac:00:8c:74:
                    58:5b:a3:7d:1b:93:38:c8:e3:35:65:15:32:6d:79:
                    63:8f:b4:c9:9a:41:a4:f7:ad:89:63:03:06:7b:a3:
                    34:a9:06:a0:89:91:7e:81:5e:f7:c1:ab:a2:4f:4f:
                    db:98:52:f5:a4:cd:9e:ba:ed:2d:0c:da:52:4f:54:
                    bf:6e:4c:7d:d5:ff:c9:97:61:9c:fc:5a:fa:fe:be:
                    fd:1b:18:70:e9:73:6e:da:9b:50:73:67:72:c5:c0:
                    4e:19:79:e3:7a:4b:57:b3:8b:74:df:16:3f:ee:f0:
                    ce:fa:4e:ed:d4:52:84:fd:9c:7a:2e:37:64:56:a0:
                    42:a4:81:ff:f8:e1:e6:f5:47:91:03:12:18:23:c6:
                    ce:5e:1e:48:38:bf:08:82:5b:05:c6:38:59:f6:6e:
                    e2:ca:d2:93:28:4d:16:ba:6a:e3:ef:e2:72:7f:5b:
                    50:fd:f0:71:7e:c4:8a:e3:7d:cb:23:d0:91:2d:ba:
                    34:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:00:7D:26:9B:FC:52:6E:10:C4:20:09:A8:61:D3:94:EC:C8:8C:5C
            X509v3 Authority Key Identifier:
                keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ba:6e:4e:74:2e:dd:c8:2b:bd:fb:e0:b0:e1:25:17:8c:e0:
         3b:9f:7d:12:fe:71:e4:c2:85:d3:6d:2e:a5:69:49:83:54:9c:
         a0:4c:f6:fd:a0:ba:09:a4:c1:ec:37:19:57:7f:58:7c:80:b5:
         c0:2c:73:b7:c8:63:7a:e8:e3:60:60:d4:76:ea:c9:9d:cb:e6:
         f7:47:50:e2:b5:fe:e7:76:39:8c:b8:29:99:7a:c8:5f:64:4c:
         9a:a7:ae:f9:60:3a:45:f1:f4:83:db:8e:d0:47:96:25:9e:97:
         cd:74:da:14:25:92:fe:60:d3:4f:07:7c:d0:58:28:cb:d9:fe:
         25:67:4c:b4:5e:6c:f9:5f:2f:93:70:08:66:d6:59:29:1e:7f:
         e7:e0:42:87:70:91:7f:76:5b:f6:7a:e0:ac:27:a9:c1:88:77:
         d3:60:9c:5a:c5:1c:69:b3:ba:c9:c9:40:0b:b2:b8:51:0d:9d:
         13:67:de:a0:01:cd:2e:95:d0:25:3d:40:e6:a5:72:bd:26:62:
         9b:a4:79:24:35:4d:61:f9:ba:e5:0c:de:cc:88:df:43:b9:0d:
         2b:7e:32:14:f1:28:77:21:f5:73:45:27:cf:38:59:01:2f:6b:
         3a:d7:cd:fb:43:17:1a:7e:fa:57:95:90:3e:cb:b2:31:5d:7e:
         4f:56:38:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7X/4U7N4SP2FZJhywWwj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh
NjM4MDIwHhcNMjUwMTMxMDgwMDE3WhcNMjUwMjAxMDgwMDE3WjAzMTEwLwYDVQQD
EygzMDAwN2QyNjliZmM1MjZlMTBjNDIwMDlhODYxZDM5NGVjYzg4YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk9kYd8xLmwQLJ2hA+JogPGnDjTL
BkMehNgw8S+HVP/ak7oOljE+acmZMO0ZNVQt8v9x5TAFRJkKJ4CDd74zSLZhU5vs
HqwAjHRYW6N9G5M4yOM1ZRUybXljj7TJmkGk962JYwMGe6M0qQagiZF+gV73waui
T0/bmFL1pM2euu0tDNpST1S/bkx91f/Jl2Gc/Fr6/r79Gxhw6XNu2ptQc2dyxcBO
GXnjektXs4t03xY/7vDO+k7t1FKE/Zx6LjdkVqBCpIH/+OHm9UeRAxIYI8bOXh5I
OL8IglsFxjhZ9m7iytKTKE0Wumrj7+Jyf1tQ/fBxfsSK433LI9CRLbo0UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAAfSab/FJuEMQgCahh05TsyIxcMB8GA1UdIwQY
MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt
NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm
LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLpuTnQu
3cgrvfvgsOElF4zgO599Ev5x5MKF020upWlJg1ScoEz2/aC6CaTB7DcZV39YfIC1
wCxzt8hjeujjYGDUdurJncvm90dQ4rX+53Y5jLgpmXrIX2RMmqeu+WA6RfH0g9uO
0EeWJZ6XzXTaFCWS/mDTTwd80Fgoy9n+JWdMtF5s+V8vk3AIZtZZKR5/5+BCh3CR
f3Zb9nrgrCepwYh302CcWsUcabO6yclAC7K4UQ2dE2feoAHNLpXQJT1A5qVyvSZi
m6R5JDVNYfm65QzezIjfQ7kNK34yFPEodyH1c0UnzzhZAS9rOtfN+0MXGn76V5WQ
PsuyMV1+T1Y4LA==
-----END CERTIFICATE-----