Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File:                     3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier:          7S/q/7+PvJF1yZSyA0JN2pw6qB5iAGPaPgeatSR0noE=
Subject key identifier:   D3:00:14:E5:E9:44:CE:ED:3F:A6:1C:4E:EB:B0:00:3D:45:43:E3:B0
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer:       /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial:       019652DB5A6441E9BC82CA1D94BEAE2F46AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number:          044E
Signing time:             Sun 20 Apr 2025 11:00:29 +0000
Manifest this update:     Sun 20 Apr 2025 11:00:29 +0000
Manifest next update:     Mon 21 Apr 2025 11:00:29 +0000
Files and hashes:         1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: Zv0YW+nY6OXW96zNCtCi6E4SNzxX3vHysiZjDoo8VSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 11:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:db:5a:64:41:e9:bc:82:ca:1d:94:be:ae:2f:46:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
        Validity
            Not Before: Apr 20 11:00:29 2025 GMT
            Not After : Apr 21 11:00:29 2025 GMT
        Subject: CN=d30014e5e944ceed3fa61c4eebb0003d4543e3b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:15:d9:ba:a3:b1:6c:35:79:95:ec:ef:e0:7e:
                    6c:a5:a7:dc:6e:a5:c8:ed:16:ba:49:7f:16:9b:2c:
                    fe:4b:54:8a:94:0e:5c:99:69:ad:8d:bd:b9:fd:f9:
                    a1:95:4d:63:46:77:65:ca:45:67:25:f6:ab:dd:0b:
                    d3:55:49:fd:87:57:f6:6b:96:e5:4a:f9:60:e4:5d:
                    f2:6a:0f:46:7d:e3:b2:df:9a:f6:88:50:90:88:d1:
                    fb:dc:e7:73:df:8d:14:98:af:37:47:0a:9d:7e:d7:
                    73:bc:45:f3:1d:c5:8f:ef:6d:fd:e1:55:ae:48:51:
                    db:96:bb:ea:3b:a0:bf:19:ad:21:3f:c2:cf:07:4b:
                    8a:c6:e7:93:bd:4c:5d:a9:da:7a:13:79:c5:54:da:
                    9e:be:68:99:91:a5:77:62:a4:64:d5:46:32:12:24:
                    e8:84:5d:e5:bb:47:ab:90:d4:5a:be:49:04:f8:ec:
                    4e:dc:10:7b:6b:11:16:a7:64:03:50:49:3f:3a:64:
                    e1:88:fe:4d:ce:91:c9:ae:1b:b7:4d:76:02:25:ef:
                    fa:8a:77:83:0f:eb:12:70:60:7f:d9:df:00:6e:42:
                    7c:71:37:86:ca:74:ba:1e:c1:0e:29:73:2f:95:fc:
                    5a:1a:b2:de:0c:01:c7:de:f0:3f:ec:82:9b:f9:f7:
                    d3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:00:14:E5:E9:44:CE:ED:3F:A6:1C:4E:EB:B0:00:3D:45:43:E3:B0
            X509v3 Authority Key Identifier:
                keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:27:70:21:29:bd:4d:ca:92:af:60:9d:82:3c:75:e5:f9:aa:
         f9:0c:d2:a5:ac:37:72:92:75:85:33:30:ac:81:18:1c:90:01:
         a9:24:61:ae:18:e7:50:1c:e9:11:b0:fd:3d:7f:8c:94:cf:ad:
         be:2a:ae:d6:58:9d:bb:b3:3d:84:b0:b1:17:17:61:f3:b9:e3:
         3c:e1:71:b8:f9:ea:df:ac:f0:95:de:f3:0e:a8:bf:c4:2a:5b:
         70:4c:72:4d:ba:62:9e:7d:c9:2c:04:cf:a1:06:3c:6c:1c:7b:
         e7:e7:f4:41:81:da:cf:0f:c8:ff:e4:ad:05:94:7c:cf:d4:a9:
         78:f6:bd:79:82:d8:74:33:d2:97:94:40:6c:b6:1f:0c:74:50:
         94:3a:8a:57:78:9a:72:9b:d4:2c:50:b5:3c:aa:ff:3e:89:a8:
         e1:02:b3:e3:03:58:87:e7:07:0e:d3:9e:dd:e7:f1:cb:cc:a6:
         f3:64:47:a7:49:d9:69:4d:94:b7:dd:85:6a:7c:a1:69:93:87:
         56:9f:a1:76:14:00:29:f8:9a:5a:ed:b2:9f:4b:9d:87:ae:ca:
         e2:f1:f5:a6:da:63:2e:0f:c2:c6:ab:6a:06:c7:a2:6a:94:e8:
         d9:03:fc:86:ec:a9:9b:c7:f1:0b:98:cf:35:05:d9:03:e5:48:
         03:55:dc:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZS21pkQem8gsodlL6uL0atMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjUwNDIwMTEwMDI5WhcNMjUwNDIxMTEwMDI5WjAzMTEwLwYDVQQD
EyhkMzAwMTRlNWU5NDRjZWVkM2ZhNjFjNGVlYmIwMDAzZDQ1NDNlM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhXZuqOxbDV5lezv4H5spafcbqXI
7Ra6SX8Wmyz+S1SKlA5cmWmtjb25/fmhlU1jRndlykVnJfar3QvTVUn9h1f2a5bl
Svlg5F3yag9GfeOy35r2iFCQiNH73Odz340UmK83RwqdftdzvEXzHcWP72394VWu
SFHblrvqO6C/Ga0hP8LPB0uKxueTvUxdqdp6E3nFVNqevmiZkaV3YqRk1UYyEiTo
hF3lu0erkNRavkkE+OxO3BB7axEWp2QDUEk/OmThiP5NzpHJrhu3TXYCJe/6ineD
D+sScGB/2d8AbkJ8cTeGynS6HsEOKXMvlfxaGrLeDAHH3vA/7IKb+ffTTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMAFOXpRM7tP6YcTuuwAD1FQ+OwMB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANydwISm9
TcqSr2Cdgjx15fmq+QzSpaw3cpJ1hTMwrIEYHJABqSRhrhjnUBzpEbD9PX+MlM+t
viqu1lidu7M9hLCxFxdh87njPOFxuPnq36zwld7zDqi/xCpbcExyTbpinn3JLATP
oQY8bBx75+f0QYHazw/I/+StBZR8z9SpePa9eYLYdDPSl5RAbLYfDHRQlDqKV3ia
cpvULFC1PKr/Pomo4QKz4wNYh+cHDtOe3efxy8ym82RHp0nZaU2Ut92FanyhaZOH
Vp+hdhQAKfiaWu2yn0udh67K4vH1ptpjLg/CxqtqBseiapTo2QP8huypm8fxC5jP
NQXZA+VIA1XcSw==
-----END CERTIFICATE-----