Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          SYJTT4Oj3B2SLKriYFEl6/K7ypvDK5L9vU0VOe0NvDY=
Subject key identifier:   47:31:46:86:78:C3:57:B3:FF:00:CA:8F:BB:7F:CA:9E:E5:FA:BC:57
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       0196C539B48512ACAA2107A0889A52F22E8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          07E3
Signing time:             Mon 12 May 2025 16:00:15 +0000
Manifest this update:     Mon 12 May 2025 16:00:15 +0000
Manifest next update:     Tue 13 May 2025 16:00:15 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: hb9xOTzpfvMSCRuvip/GNQ3iItzjs7cz5igcdR2QISE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 16:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:39:b4:85:12:ac:aa:21:07:a0:88:9a:52:f2:2e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: May 12 16:00:15 2025 GMT
            Not After : May 13 16:00:15 2025 GMT
        Subject: CN=4731468678c357b3ff00ca8fbb7fca9ee5fabc57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c5:c5:47:56:e3:dc:60:17:30:18:05:2b:9d:
                    86:ea:a1:14:66:1d:4e:4d:32:a8:b3:01:ba:d5:fc:
                    33:25:af:e1:e7:64:6c:32:cf:ed:a5:d9:3c:c6:6f:
                    f8:6b:e0:70:d0:5c:8b:de:cf:d0:4d:74:da:39:96:
                    62:bb:41:99:9f:7d:d4:69:e5:9f:4c:63:9b:06:3b:
                    13:b6:e8:7a:dd:bd:0a:04:e5:03:e6:6f:fa:d2:11:
                    5b:1f:9e:17:b4:ed:19:5b:86:b1:51:57:51:ef:e0:
                    68:08:95:67:92:2c:ae:1c:21:7e:1c:59:dc:6d:04:
                    0f:0a:ef:24:ce:2b:0c:4c:c9:f9:d9:e3:0c:8c:d8:
                    4e:40:cc:b3:0f:36:ea:8a:58:b3:5c:a9:df:de:75:
                    6a:94:cc:61:b4:25:d7:2e:9c:a2:ac:83:b1:5f:25:
                    c1:af:c3:4a:23:d1:90:63:1b:84:fa:ad:8d:18:5f:
                    77:a1:7e:aa:9d:39:db:33:c7:38:13:99:d8:98:e7:
                    f7:d9:66:ba:b4:b9:f7:98:e7:2b:40:67:da:7f:43:
                    63:37:be:64:89:8f:09:02:17:d1:85:f0:b8:7c:ab:
                    7f:6d:fc:33:00:9f:dd:00:cb:ae:0d:24:91:f4:48:
                    62:9a:cd:f8:26:46:bb:07:e2:9b:62:c2:2f:32:db:
                    b9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:31:46:86:78:C3:57:B3:FF:00:CA:8F:BB:7F:CA:9E:E5:FA:BC:57
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:c1:7b:f5:ef:a7:51:80:51:93:80:5e:61:9b:69:1c:58:3f:
         a1:22:e9:ee:f3:a1:c7:01:16:29:a3:5a:67:f1:9f:a6:06:18:
         17:77:67:3b:0d:78:12:61:ce:77:dc:60:3e:4d:c3:46:f8:f5:
         fa:0e:57:90:71:4e:87:07:ff:fb:97:99:84:0f:b7:a9:29:48:
         a7:af:b5:5f:04:77:aa:4f:86:4d:b8:26:1a:4a:75:51:e8:47:
         8d:83:1e:c7:19:de:63:69:7d:7c:01:db:b9:36:c5:66:2d:e7:
         73:3b:61:d1:9d:54:62:3f:ce:f5:4c:d4:f9:92:19:ed:cb:2b:
         f4:41:83:4f:d1:84:ef:99:c0:1b:59:04:5f:6a:4e:40:6f:24:
         e6:b0:71:c5:9d:c9:00:76:89:86:b5:21:ba:94:2c:fe:86:22:
         39:14:61:ce:85:c2:0a:80:cf:d5:0d:5a:f7:0b:21:b8:7d:34:
         d7:47:9d:2d:d3:8e:17:6e:e1:82:f8:12:9a:73:45:6a:52:a9:
         15:67:8b:f2:43:2c:6d:90:a0:fe:a7:60:14:2b:8c:4f:d1:8a:
         cf:26:c3:a0:bc:f6:9a:68:4b:8c:7d:b3:64:39:0b:01:48:27:
         68:ed:fb:70:fa:88:a2:54:0c:24:2e:4c:96:e2:df:b1:0d:94:
         b6:fc:76:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFObSFEqyqIQegiJpS8i6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjUwNTEyMTYwMDE1WhcNMjUwNTEzMTYwMDE1WjAzMTEwLwYDVQQD
Eyg0NzMxNDY4Njc4YzM1N2IzZmYwMGNhOGZiYjdmY2E5ZWU1ZmFiYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8XFR1bj3GAXMBgFK52G6qEUZh1O
TTKoswG61fwzJa/h52RsMs/tpdk8xm/4a+Bw0FyL3s/QTXTaOZZiu0GZn33UaeWf
TGObBjsTtuh63b0KBOUD5m/60hFbH54XtO0ZW4axUVdR7+BoCJVnkiyuHCF+HFnc
bQQPCu8kzisMTMn52eMMjNhOQMyzDzbqilizXKnf3nVqlMxhtCXXLpyirIOxXyXB
r8NKI9GQYxuE+q2NGF93oX6qnTnbM8c4E5nYmOf32Wa6tLn3mOcrQGfaf0NjN75k
iY8JAhfRhfC4fKt/bfwzAJ/dAMuuDSSR9Ehims34Jka7B+KbYsIvMtu5oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcxRoZ4w1ez/wDKj7t/yp7l+rxXMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhMF79e+n
UYBRk4BeYZtpHFg/oSLp7vOhxwEWKaNaZ/GfpgYYF3dnOw14EmHOd9xgPk3DRvj1
+g5XkHFOhwf/+5eZhA+3qSlIp6+1XwR3qk+GTbgmGkp1UehHjYMexxneY2l9fAHb
uTbFZi3nczth0Z1UYj/O9UzU+ZIZ7csr9EGDT9GE75nAG1kEX2pOQG8k5rBxxZ3J
AHaJhrUhupQs/oYiORRhzoXCCoDP1Q1a9wshuH0010edLdOOF27hgvgSmnNFalKp
FWeL8kMsbZCg/qdgFCuMT9GKzybDoLz2mmhLjH2zZDkLAUgnaO37cPqIolQMJC5M
luLfsQ2Utvx2Yg==
-----END CERTIFICATE-----