Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          jZhLfsfwSyIJ1SJaIgyxhy6FqoU4DtLPbKTc1YdCrZ8=
Subject key identifier:   7B:5D:B5:A4:B7:4E:C5:E5:7D:E7:BB:41:93:77:95:EE:07:EE:1C:59
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       018F874AA993F397C64F62F95DCE3FAEB7B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          0CEE
Signing time:             Fri 17 May 2024 16:02:48 +0000
Manifest this update:     Fri 17 May 2024 16:02:48 +0000
Manifest next update:     Sat 18 May 2024 16:02:48 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: PDhu1csx9mBVrei94+VT75V2ALP5qLpIbYGVuiI8p/o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:a9:93:f3:97:c6:4f:62:f9:5d:ce:3f:ae:b7:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: May 17 16:02:48 2024 GMT
            Not After : May 18 16:02:48 2024 GMT
        Subject: CN=7b5db5a4b74ec5e57de7bb41937795ee07ee1c59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7e:4b:11:e6:e5:c0:cf:c6:de:ff:7f:1d:d8:
                    d1:27:74:cc:6a:5e:3c:f4:51:f2:46:35:b5:dc:74:
                    8e:a8:83:8b:3e:6f:15:ef:e0:f8:4b:b2:48:06:83:
                    54:f0:52:01:d1:65:bd:48:b5:66:9b:4f:e1:fd:f6:
                    da:07:ca:19:7b:7a:45:08:b9:55:66:43:e3:25:a0:
                    cd:b3:b4:c8:bf:d6:cb:74:9c:d4:57:1f:2e:d8:5b:
                    4b:d1:c1:81:70:15:3c:99:60:a3:51:56:8c:b6:07:
                    ec:f8:83:58:bb:b4:bc:86:af:ba:31:00:8e:c4:f8:
                    68:6d:06:a8:75:cd:4a:65:e8:35:e5:93:a4:0a:59:
                    dd:f7:9d:5d:59:11:8d:d5:23:88:57:83:db:cd:7d:
                    77:64:86:5c:24:b4:c8:db:4b:6e:9c:08:36:5b:e0:
                    10:b4:ca:98:e1:2f:12:0f:0c:1f:89:aa:c4:a6:19:
                    39:1a:06:10:fe:19:36:17:a4:48:28:d4:03:bc:34:
                    5f:09:ab:04:42:2a:51:5e:9b:90:46:c4:18:1f:02:
                    96:a4:80:86:c8:41:c7:07:70:d6:f4:9b:af:93:d2:
                    f7:f9:ea:bd:1d:85:57:82:67:72:63:78:da:17:bd:
                    6c:2a:80:08:4d:f0:e2:0e:55:5e:4c:77:b1:81:db:
                    5b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:5D:B5:A4:B7:4E:C5:E5:7D:E7:BB:41:93:77:95:EE:07:EE:1C:59
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:1c:3e:92:3e:88:54:00:6c:4d:36:af:c9:cf:e8:f5:70:79:
         68:ac:e7:99:59:90:d4:58:42:35:b0:0f:9f:f2:ef:13:a3:69:
         1a:c4:f6:64:82:4e:da:47:04:61:ce:49:a6:87:03:5b:bc:1d:
         4e:5c:b2:d0:57:1a:fd:f0:7f:7a:36:9c:fa:c7:ad:df:17:d1:
         98:55:2d:c3:29:09:f5:8c:cb:26:ca:64:f9:46:66:c4:3a:7e:
         b8:ff:0c:fb:2c:c1:c6:a7:30:09:ee:8b:2a:4a:97:66:b1:0c:
         97:3c:0e:cf:8b:27:25:4b:ba:2d:c8:34:1d:cb:80:74:90:3f:
         31:1c:64:f4:70:f1:8f:0d:6d:fd:ae:8b:bc:60:b7:f7:80:6a:
         8f:68:c3:e5:fe:05:17:d5:ef:1a:80:1e:4d:97:72:95:36:a7:
         12:6c:13:be:9e:ce:b6:0f:7f:a4:1e:e5:52:df:a8:b6:c4:0c:
         a0:fb:ce:60:72:20:d4:19:5f:00:01:05:10:67:41:01:e8:d1:
         61:b9:6f:63:a6:31:2c:cb:c6:48:64:88:b3:18:fa:1c:de:c4:
         51:66:7f:7c:5e:1a:f3:f8:26:d6:77:f8:7d:4d:f7:ef:03:30:
         cb:5d:90:ba:12:95:2e:20:c6:7b:5e:ae:24:82:08:45:4c:31:
         95:1c:af:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSqmT85fGT2L5Xc4/rre4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjQwNTE3MTYwMjQ4WhcNMjQwNTE4MTYwMjQ4WjAzMTEwLwYDVQQD
Eyg3YjVkYjVhNGI3NGVjNWU1N2RlN2JiNDE5Mzc3OTVlZTA3ZWUxYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX5LEeblwM/G3v9/HdjRJ3TMal48
9FHyRjW13HSOqIOLPm8V7+D4S7JIBoNU8FIB0WW9SLVmm0/h/fbaB8oZe3pFCLlV
ZkPjJaDNs7TIv9bLdJzUVx8u2FtL0cGBcBU8mWCjUVaMtgfs+INYu7S8hq+6MQCO
xPhobQaodc1KZeg15ZOkClnd951dWRGN1SOIV4PbzX13ZIZcJLTI20tunAg2W+AQ
tMqY4S8SDwwfiarEphk5GgYQ/hk2F6RIKNQDvDRfCasEQipRXpuQRsQYHwKWpICG
yEHHB3DW9Juvk9L3+eq9HYVXgmdyY3jaF71sKoAITfDiDlVeTHexgdtb2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtdtaS3TsXlfee7QZN3le4H7hxZMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGBw+kj6I
VABsTTavyc/o9XB5aKznmVmQ1FhCNbAPn/LvE6NpGsT2ZIJO2kcEYc5JpocDW7wd
Tlyy0Fca/fB/ejac+set3xfRmFUtwykJ9YzLJspk+UZmxDp+uP8M+yzBxqcwCe6L
KkqXZrEMlzwOz4snJUu6Lcg0HcuAdJA/MRxk9HDxjw1t/a6LvGC394Bqj2jD5f4F
F9XvGoAeTZdylTanEmwTvp7Otg9/pB7lUt+otsQMoPvOYHIg1BlfAAEFEGdBAejR
YblvY6YxLMvGSGSIsxj6HN7EUWZ/fF4a8/gm1nf4fU337wMwy12QuhKVLiDGe16u
JIIIRUwxlRyvZw==
-----END CERTIFICATE-----