Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
File:                     PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json)
Hash identifier:          GaJ53/32eGZzEcd3le5jqXahLjia/2nv+dC9jClt4uI=
Subject key identifier:   7E:2A:77:04:8D:63:DA:02:A1:3A:71:B5:E0:52:07:17:CF:84:A5:DB
Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
Certificate issuer:       /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Certificate serial:       01936A46440BFDB5972648906C27B050DF77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
Manifest number:          C3
Signing time:             Tue 26 Nov 2024 21:00:09 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:09 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:09 +0000
Files and hashes:         1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: tXv5MrGQgnKIY9pbpY+0cEaIFPq4223RdwhScBOrJUA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:44:0b:fd:b5:97:26:48:90:6c:27:b0:50:df:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
        Validity
            Not Before: Nov 26 21:00:09 2024 GMT
            Not After : Nov 27 21:00:09 2024 GMT
        Subject: CN=7e2a77048d63da02a13a71b5e0520717cf84a5db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:28:50:37:61:07:86:c5:80:ea:8a:f8:84:1a:
                    4f:c5:ba:68:c1:29:ae:fa:e8:fe:86:26:90:4d:63:
                    25:e4:c1:ee:2a:6f:61:12:d3:a4:87:62:20:19:c3:
                    05:ed:bc:a7:8b:28:d6:17:ee:55:38:f5:7c:2e:47:
                    c1:9c:ed:56:47:5b:ff:8e:f5:75:14:14:c5:2b:96:
                    a8:31:86:e8:4a:ff:99:ff:b9:a1:9e:87:c1:bd:23:
                    3b:58:a2:59:5b:ce:f9:15:dd:a9:cc:82:b1:d4:fc:
                    51:72:6e:13:0a:79:be:70:5b:41:73:9d:df:d3:02:
                    bf:35:57:22:ab:32:6e:f1:50:c8:22:34:ce:12:56:
                    3c:d1:c7:5c:37:c6:73:15:e0:94:c5:80:f6:2a:b4:
                    a3:9c:c2:83:2b:4d:18:8c:18:9e:f9:3a:c6:e6:f9:
                    f7:5d:bd:33:b5:61:f4:e2:31:c7:80:32:86:b3:f2:
                    36:2d:d7:ba:cd:f9:83:f9:07:ae:38:7f:8c:0e:ef:
                    ea:47:0c:96:35:54:47:7b:10:b5:36:3b:2a:b0:8b:
                    ec:13:fa:c2:b0:fe:40:c6:88:f4:9e:10:dd:bd:ed:
                    62:48:dc:1e:95:2a:90:4e:d6:f3:f7:8f:27:b6:c8:
                    77:7e:d0:27:d6:37:33:ad:2e:19:15:2e:cb:7c:91:
                    b6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:2A:77:04:8D:63:DA:02:A1:3A:71:B5:E0:52:07:17:CF:84:A5:DB
            X509v3 Authority Key Identifier:
                keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:ad:b3:4f:57:52:ac:ce:1c:cd:4e:b4:a9:a1:98:1f:b9:00:
         3c:8f:be:a7:16:6b:21:de:d3:49:cd:ba:04:85:52:e1:2e:82:
         02:00:c9:e0:5c:70:32:6e:61:f3:fa:40:b7:8b:0b:96:c3:7f:
         c4:12:7e:3e:e4:33:8e:33:39:b3:0d:61:a5:60:a6:a4:21:94:
         81:e4:56:0b:8a:c6:ce:3e:0f:82:85:fb:00:01:72:9c:6e:b5:
         68:c6:7b:d7:17:5d:f4:2a:3e:17:83:0c:f0:22:28:7a:1b:5f:
         23:bc:7d:42:d3:70:83:e8:c6:b2:53:fa:51:78:bf:6c:50:f8:
         d3:ac:e8:56:35:15:dc:d9:08:80:88:00:42:74:5b:60:b9:78:
         39:50:92:fd:29:94:19:17:ee:ea:24:e8:d7:f0:48:af:ff:1e:
         df:bc:8b:a6:a1:e4:a8:48:7a:b8:ee:0f:b6:f6:ce:11:35:c6:
         0f:c6:98:22:f3:46:2e:c3:95:39:82:f1:2c:3f:2d:89:02:e6:
         7f:9b:de:c8:d0:2f:66:7e:b1:04:1f:22:1d:66:cd:a8:51:78:
         e9:a6:8a:df:a1:d6:f6:de:8e:8a:02:a6:ca:e5:87:d2:36:3e:
         c5:ce:91:c6:33:33:9c:36:a8:06:fb:e0:32:c4:e5:b2:29:18:
         86:cf:2e:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRkQL/bWXJkiQbCewUN93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0
YzUwODcwHhcNMjQxMTI2MjEwMDA5WhcNMjQxMTI3MjEwMDA5WjAzMTEwLwYDVQQD
Eyg3ZTJhNzcwNDhkNjNkYTAyYTEzYTcxYjVlMDUyMDcxN2NmODRhNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiChQN2EHhsWA6or4hBpPxbpowSmu
+uj+hiaQTWMl5MHuKm9hEtOkh2IgGcMF7byniyjWF+5VOPV8LkfBnO1WR1v/jvV1
FBTFK5aoMYboSv+Z/7mhnofBvSM7WKJZW875Fd2pzIKx1PxRcm4TCnm+cFtBc53f
0wK/NVciqzJu8VDIIjTOElY80cdcN8ZzFeCUxYD2KrSjnMKDK00YjBie+TrG5vn3
Xb0ztWH04jHHgDKGs/I2Lde6zfmD+QeuOH+MDu/qRwyWNVRHexC1NjsqsIvsE/rC
sP5Axoj0nhDdve1iSNwelSqQTtbz948ntsh3ftAn1jczrS4ZFS7LfJG2pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4qdwSNY9oCoTpxteBSBxfPhKXbMB8GA1UdIwQY
MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt
Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0
LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAma2zT1dS
rM4czU60qaGYH7kAPI++pxZrId7TSc26BIVS4S6CAgDJ4FxwMm5h8/pAt4sLlsN/
xBJ+PuQzjjM5sw1hpWCmpCGUgeRWC4rGzj4PgoX7AAFynG61aMZ71xdd9Co+F4MM
8CIoehtfI7x9QtNwg+jGslP6UXi/bFD406zoVjUV3NkIgIgAQnRbYLl4OVCS/SmU
GRfu6iTo1/BIr/8e37yLpqHkqEh6uO4PtvbOETXGD8aYIvNGLsOVOYLxLD8tiQLm
f5veyNAvZn6xBB8iHWbNqFF46aaK36HW9t6OigKmyuWH0jY+xc6RxjMznDaoBvvg
MsTlsikYhs8uKA==
-----END CERTIFICATE-----