Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          k/ye4z7Mly37I0InSVB1m5321KPjP5D65FAnQM9GdPY=
Subject key identifier:   03:3B:AB:E5:C4:9A:59:2A:1B:FE:F1:23:44:64:FB:8B:13:E3:6A:A8
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       018F4DC7DBDFC6BA08A54335198245AFC0F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          10EB
Signing time:             Mon 06 May 2024 12:01:34 +0000
Manifest this update:     Mon 06 May 2024 12:01:34 +0000
Manifest next update:     Tue 07 May 2024 12:01:34 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: Fo2VKyi/ZvKbcGHaEyC1FuNfaH2vjSTqavb2zl/15V4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4d:c7:db:df:c6:ba:08:a5:43:35:19:82:45:af:c0:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: May  6 12:01:34 2024 GMT
            Not After : May  7 12:01:34 2024 GMT
        Subject: CN=033babe5c49a592a1bfef1234464fb8b13e36aa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8a:c3:f3:4e:33:75:bc:77:47:97:53:b6:da:
                    a2:c4:14:b9:23:16:34:5b:32:50:9d:32:12:25:5c:
                    76:b8:be:80:dd:db:18:9c:5f:98:22:d8:0e:be:37:
                    be:ca:8d:b4:92:92:a4:59:16:d8:64:46:a8:af:64:
                    ae:a5:1d:c4:f9:ed:cb:f2:b5:55:48:83:da:d9:1a:
                    89:24:99:93:03:d8:1b:60:17:5d:28:94:d3:a6:cf:
                    f8:79:c5:b1:0b:8c:5c:5d:28:93:3f:d0:db:59:f2:
                    43:7a:ff:79:49:75:99:f7:e7:2c:fc:34:2d:1b:ca:
                    be:4a:ee:fe:32:02:d5:d9:24:bb:5b:9a:2a:66:e6:
                    5f:97:00:4b:01:f8:ae:f9:91:e2:f4:e9:3e:2f:23:
                    51:e0:71:0e:3c:1e:6b:e1:f3:df:05:c4:c4:39:15:
                    1b:df:8b:31:d9:23:e5:e8:d8:f7:56:73:fb:a6:21:
                    2a:f7:a5:81:22:d7:52:83:48:7e:58:4e:53:38:f9:
                    fb:33:bd:ac:5f:b0:0d:ee:af:77:53:2e:62:5e:06:
                    4c:6e:ef:a9:d0:e0:44:6d:40:7f:ca:4c:21:98:e7:
                    43:92:a1:4e:9a:9c:ac:85:28:d8:73:9d:3e:08:f7:
                    90:92:75:4d:08:0a:bc:d3:03:f1:9d:a5:ff:93:2a:
                    9c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:3B:AB:E5:C4:9A:59:2A:1B:FE:F1:23:44:64:FB:8B:13:E3:6A:A8
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:f6:89:4f:94:2f:dd:8b:f7:b7:90:42:b5:ba:a3:0e:4c:1d:
         e3:19:1c:3f:49:10:30:31:00:9c:01:84:60:1f:4e:68:91:76:
         19:32:6a:2e:0d:b3:0d:09:41:55:98:6a:66:e6:98:b0:af:dd:
         8b:83:e5:d7:e6:7b:cf:31:9b:18:f2:64:b5:a0:30:90:90:af:
         de:a5:87:6f:98:fb:80:ec:76:dd:ba:89:67:2e:dc:61:b3:b7:
         06:a6:39:9a:1c:a8:e8:78:c5:2e:ab:95:a1:0f:41:70:e3:c5:
         7b:45:17:1a:6f:58:11:c0:e4:6a:83:80:6a:fd:ac:2e:55:ab:
         52:86:39:fe:9e:07:7e:d8:ef:59:57:df:1f:97:ec:65:b8:88:
         2e:ee:04:d8:1e:d8:af:a9:04:94:4f:f9:62:d0:00:c1:74:68:
         09:2c:eb:29:5e:c0:86:b8:6e:3d:c6:96:70:cf:ed:67:84:1e:
         16:07:0b:0c:a9:77:80:b5:80:10:0d:80:88:ee:1b:f7:83:de:
         02:69:20:8c:12:92:b9:29:6c:b1:70:3e:24:b1:be:2a:50:7d:
         db:de:05:e5:2f:2f:8a:5b:a1:23:79:a9:55:af:51:53:24:6c:
         3c:b9:22:4e:a1:07:f8:6c:c1:3b:54:02:58:cf:07:3e:32:fb:
         c4:33:2b:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Nx9vfxroIpUM1GYJFr8DzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjQwNTA2MTIwMTM0WhcNMjQwNTA3MTIwMTM0WjAzMTEwLwYDVQQD
EygwMzNiYWJlNWM0OWE1OTJhMWJmZWYxMjM0NDY0ZmI4YjEzZTM2YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4rD804zdbx3R5dTttqixBS5IxY0
WzJQnTISJVx2uL6A3dsYnF+YItgOvje+yo20kpKkWRbYZEaor2SupR3E+e3L8rVV
SIPa2RqJJJmTA9gbYBddKJTTps/4ecWxC4xcXSiTP9DbWfJDev95SXWZ9+cs/DQt
G8q+Su7+MgLV2SS7W5oqZuZflwBLAfiu+ZHi9Ok+LyNR4HEOPB5r4fPfBcTEORUb
34sx2SPl6Nj3VnP7piEq96WBItdSg0h+WE5TOPn7M72sX7AN7q93Uy5iXgZMbu+p
0OBEbUB/ykwhmOdDkqFOmpyshSjYc50+CPeQknVNCAq80wPxnaX/kyqcUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAM7q+XEmlkqG/7xI0Rk+4sT42qoMB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXfaJT5Qv
3Yv3t5BCtbqjDkwd4xkcP0kQMDEAnAGEYB9OaJF2GTJqLg2zDQlBVZhqZuaYsK/d
i4Pl1+Z7zzGbGPJktaAwkJCv3qWHb5j7gOx23bqJZy7cYbO3BqY5mhyo6HjFLquV
oQ9BcOPFe0UXGm9YEcDkaoOAav2sLlWrUoY5/p4HftjvWVffH5fsZbiILu4E2B7Y
r6kElE/5YtAAwXRoCSzrKV7AhrhuPcaWcM/tZ4QeFgcLDKl3gLWAEA2AiO4b94Pe
AmkgjBKSuSlssXA+JLG+KlB9294F5S8viluhI3mpVa9RUyRsPLkiTqEH+GzBO1QC
WM8HPjL7xDMrRw==
-----END CERTIFICATE-----