Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.mft
File:                     DDhjtJj2VXzhy9MpRUu5YRaG9gM.mft (raw, json)
Hash identifier:          3nPDbOWQWMAWJ7qfhNlsdM3dtpe7NCh7EET+9YTNoDk=
Subject key identifier:   A6:F1:F9:A3:ED:5D:C9:2E:47:A0:5E:4A:CC:21:A4:08:03:B9:2E:C0
Authority key identifier: 0C:38:63:B4:98:F6:55:7C:E1:CB:D3:29:45:4B:B9:61:16:86:F6:03
Certificate issuer:       /CN=0c3863b498f6557ce1cbd329454bb9611686f603
Certificate serial:       01906B29CB363491E0B77A0FE0838C6CB543
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DDhjtJj2VXzhy9MpRUu5YRaG9gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.mft
Manifest number:          03AA
Signing time:             Sun 30 Jun 2024 22:00:19 +0000
Manifest this update:     Sun 30 Jun 2024 22:00:19 +0000
Manifest next update:     Mon 01 Jul 2024 22:00:19 +0000
Files and hashes:         1: DDhjtJj2VXzhy9MpRUu5YRaG9gM.crl (hash: QK+lo6HwhuGLMjkoG0wN1Elw5cuQcB0ONf7tFE20EmQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DDhjtJj2VXzhy9MpRUu5YRaG9gM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 01 Jul 2024 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6b:29:cb:36:34:91:e0:b7:7a:0f:e0:83:8c:6c:b5:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c3863b498f6557ce1cbd329454bb9611686f603
        Validity
            Not Before: Jun 30 22:00:19 2024 GMT
            Not After : Jul  1 22:00:19 2024 GMT
        Subject: CN=a6f1f9a3ed5dc92e47a05e4acc21a40803b92ec0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7b:5b:ba:cd:ae:ab:2c:7e:ff:cb:ad:8e:87:
                    6a:d5:c9:76:52:ea:f9:38:00:4e:45:83:16:f2:dd:
                    b4:8e:e0:3e:a2:27:de:10:54:a7:bf:5c:b5:5a:af:
                    2d:41:57:5c:16:8f:d8:77:81:01:ed:b1:0b:ca:4e:
                    ce:e7:34:79:b3:f5:32:87:9e:3b:1a:58:53:8a:49:
                    66:17:fb:62:e4:75:34:ea:52:b5:28:2c:e2:86:59:
                    f7:59:57:d1:07:13:21:22:73:56:72:02:40:e9:28:
                    7e:c6:db:2f:a6:f5:de:fb:ec:f0:52:65:da:60:2d:
                    9c:27:43:bc:fa:3f:82:c1:e1:00:25:b4:ab:a1:2b:
                    8b:28:65:9c:78:3f:3e:87:e1:dd:63:9e:e7:70:60:
                    7c:30:83:e1:5a:60:6e:5f:46:73:ca:93:f5:7a:c1:
                    1e:49:36:1a:dd:30:7a:78:fe:e4:5f:1b:11:90:02:
                    49:7a:07:fe:6f:2a:d9:87:0b:65:6f:1e:c9:93:04:
                    9f:18:d1:bd:57:a8:2c:b8:d9:a5:62:bb:8f:19:78:
                    51:77:39:01:a1:06:3c:24:a0:2c:ae:fd:13:2d:a7:
                    de:20:45:0d:72:c0:9a:c3:c7:43:c2:0d:25:e6:8d:
                    96:76:95:91:3b:d2:33:42:35:90:21:5e:39:de:16:
                    5b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F1:F9:A3:ED:5D:C9:2E:47:A0:5E:4A:CC:21:A4:08:03:B9:2E:C0
            X509v3 Authority Key Identifier:
                keyid:0C:38:63:B4:98:F6:55:7C:E1:CB:D3:29:45:4B:B9:61:16:86:F6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDhjtJj2VXzhy9MpRUu5YRaG9gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2c97c4-922c-4170-bcd0-e747112c7c8e/1/DDhjtJj2VXzhy9MpRUu5YRaG9gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:06:96:79:d0:ee:76:4d:39:75:ef:44:a0:05:8d:dc:52:a9:
         4b:a1:95:38:a1:ec:b4:99:5e:8e:9b:c8:96:47:8d:85:92:b1:
         e4:e5:49:c8:de:49:f1:fa:2e:91:17:75:70:2d:77:a5:47:00:
         5c:8c:25:09:35:d9:3c:a8:89:08:49:11:fd:36:55:d7:7c:da:
         5f:f3:be:3e:af:0f:3d:ef:07:43:d1:f5:38:e0:f2:88:93:84:
         27:45:e5:a6:b1:ee:e6:ec:3b:d8:2d:13:28:30:87:ea:2c:d1:
         84:55:3f:7f:32:37:79:fe:01:ef:16:83:00:1b:48:8f:f7:57:
         e9:f5:46:de:27:2b:b3:05:00:43:fd:0a:22:73:b5:dc:2a:61:
         76:85:db:2b:56:70:8a:f7:bd:ad:1c:87:d9:64:18:d7:21:ea:
         9e:5f:ac:21:7d:88:c6:c4:82:f0:e3:f2:ec:ff:24:0c:11:f1:
         b9:79:45:99:0f:95:a7:9f:bf:bd:09:c0:9c:62:75:1b:2a:fe:
         0f:d2:0b:3b:19:30:8e:24:74:b8:44:92:86:41:4d:05:f7:11:
         da:66:85:02:9a:51:b5:ee:b9:80:99:cc:ff:06:fd:90:f5:ca:
         51:99:99:47:65:c4:bc:98:86:1b:cd:28:df:88:4a:fa:08:83:
         fa:ba:ee:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBrKcs2NJHgt3oP4IOMbLVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzg2M2I0OThmNjU1N2NlMWNiZDMyOTQ1NGJiOTYxMTY4
NmY2MDMwHhcNMjQwNjMwMjIwMDE5WhcNMjQwNzAxMjIwMDE5WjAzMTEwLwYDVQQD
EyhhNmYxZjlhM2VkNWRjOTJlNDdhMDVlNGFjYzIxYTQwODAzYjkyZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXtbus2uqyx+/8utjodq1cl2Uur5
OABORYMW8t20juA+oifeEFSnv1y1Wq8tQVdcFo/Yd4EB7bELyk7O5zR5s/Uyh547
GlhTiklmF/ti5HU06lK1KCzihln3WVfRBxMhInNWcgJA6Sh+xtsvpvXe++zwUmXa
YC2cJ0O8+j+CweEAJbSroSuLKGWceD8+h+HdY57ncGB8MIPhWmBuX0ZzypP1esEe
STYa3TB6eP7kXxsRkAJJegf+byrZhwtlbx7JkwSfGNG9V6gsuNmlYruPGXhRdzkB
oQY8JKAsrv0TLafeIEUNcsCaw8dDwg0l5o2WdpWRO9IzQjWQIV453hZblwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbx+aPtXckuR6BeSswhpAgDuS7AMB8GA1UdIwQY
MBaAFAw4Y7SY9lV84cvTKUVLuWEWhvYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERoanRKajJWWHpoeTlNcFJVdTVZUmFHOWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYzk3YzQtOTIyYy00MTcwLWJjZDAt
ZTc0NzExMmM3YzhlLzEvRERoanRKajJWWHpoeTlNcFJVdTVZUmFHOWdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYzk3YzQtOTIyYy00MTcwLWJjZDAtZTc0NzExMmM3Yzhl
LzEvRERoanRKajJWWHpoeTlNcFJVdTVZUmFHOWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtgaWedDu
dk05de9EoAWN3FKpS6GVOKHstJlejpvIlkeNhZKx5OVJyN5J8foukRd1cC13pUcA
XIwlCTXZPKiJCEkR/TZV13zaX/O+Pq8PPe8HQ9H1OODyiJOEJ0XlprHu5uw72C0T
KDCH6izRhFU/fzI3ef4B7xaDABtIj/dX6fVG3icrswUAQ/0KInO13CphdoXbK1Zw
ive9rRyH2WQY1yHqnl+sIX2IxsSC8OPy7P8kDBHxuXlFmQ+Vp5+/vQnAnGJ1Gyr+
D9ILOxkwjiR0uESShkFNBfcR2maFAppRte65gJnM/wb9kPXKUZmZR2XEvJiGG80o
34hK+giD+rrucA==
-----END CERTIFICATE-----