Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
File:                     cZSy_8iUT-E1eWAoERzOc0cew38.mft (raw, json)
Hash identifier:          P0uu7N6kXnghuuydO30qITLKyIolf2FjkmMkyEPSfD0=
Subject key identifier:   19:B5:F7:C8:99:1C:6E:AA:A9:CD:7B:83:C4:74:73:BE:8B:7D:3E:F0
Authority key identifier: 71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F
Certificate issuer:       /CN=7194b2ffc8944fe135796028111cce73471ec37f
Certificate serial:       019881D4763ECE26F00D95D98388DD326589
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
Manifest number:          0518
Signing time:             Thu 07 Aug 2025 00:00:41 +0000
Manifest this update:     Thu 07 Aug 2025 00:00:41 +0000
Manifest next update:     Fri 08 Aug 2025 00:00:41 +0000
Files and hashes:         1: cZSy_8iUT-E1eWAoERzOc0cew38.crl (hash: tRgratEmz+bR5AWw7LOGpB+qrJuicklRCKp8wWH2iGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d4:76:3e:ce:26:f0:0d:95:d9:83:88:dd:32:65:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7194b2ffc8944fe135796028111cce73471ec37f
        Validity
            Not Before: Aug  7 00:00:41 2025 GMT
            Not After : Aug  8 00:00:41 2025 GMT
        Subject: CN=19b5f7c8991c6eaaa9cd7b83c47473be8b7d3ef0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ee:6f:5f:c3:76:c1:d1:d6:80:92:88:55:d5:
                    a1:3e:b1:1c:ea:b7:45:bb:02:e8:23:74:c7:83:26:
                    a5:6c:22:aa:f0:0f:92:cd:49:e6:8d:7a:58:03:9f:
                    3e:32:4f:73:81:31:d1:bd:12:64:9b:88:db:d4:d2:
                    69:55:9b:43:38:fc:38:39:5f:4f:f5:38:7b:41:90:
                    ee:58:44:d5:43:5b:c2:e4:ea:85:ac:b9:44:2f:3f:
                    8d:08:a3:06:9c:c1:1a:b2:41:33:27:f7:2d:fd:30:
                    10:95:d0:b1:19:f0:d2:2e:9d:65:83:d3:2c:5a:73:
                    f0:23:94:23:c8:3f:00:2e:6c:b3:7c:9d:37:93:10:
                    5b:d1:14:38:ff:fe:2b:1e:9c:d4:88:73:47:a6:99:
                    c6:6a:60:65:a1:81:a1:d3:36:0b:10:d0:64:74:1a:
                    de:80:8d:f8:78:e7:9d:b4:0e:b3:2b:5a:94:76:62:
                    8d:3d:f5:5d:af:68:12:b0:11:73:c9:c2:91:de:27:
                    2c:9f:0a:3b:90:2f:69:2c:a2:d3:73:04:25:ee:13:
                    eb:b0:6c:cc:34:6c:56:6b:24:f1:00:02:ec:6f:9d:
                    93:93:71:00:8d:2d:c5:89:72:c0:05:1b:6e:48:8e:
                    10:fc:55:28:a8:97:45:d3:e1:81:d1:7b:94:06:ad:
                    18:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:B5:F7:C8:99:1C:6E:AA:A9:CD:7B:83:C4:74:73:BE:8B:7D:3E:F0
            X509v3 Authority Key Identifier:
                keyid:71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:09:b5:cd:cf:60:bc:b9:9c:99:14:76:ab:88:36:ae:a0:7f:
         2e:2f:51:e3:fc:f7:76:cd:7b:3d:e5:8a:e9:bf:c0:f3:5d:1e:
         b2:54:af:2b:f1:3e:ca:e6:21:ed:15:a4:15:a9:a7:8b:93:03:
         59:9b:0d:00:69:01:e2:e7:ac:e0:99:18:b1:62:30:bb:a1:59:
         16:59:68:ae:72:08:34:1a:64:dd:43:01:17:87:bd:1b:c9:8a:
         9e:f4:db:d5:df:4d:a3:e1:5a:0b:44:72:c1:db:96:73:c6:d0:
         f1:2c:db:2a:88:51:01:df:3a:1b:1c:62:f7:23:96:fa:c1:d2:
         c7:73:5b:80:cd:fb:9d:71:cb:e8:d1:e4:10:12:cb:50:6d:9e:
         46:97:38:64:e9:e1:38:1c:a4:c6:8e:a5:9b:ad:19:57:66:38:
         e3:3d:26:bb:d1:74:3a:59:54:ec:53:96:2b:c1:a2:b1:33:14:
         3c:a8:d7:1b:55:bd:2a:42:cd:21:06:df:b7:30:2e:e0:51:ec:
         f5:9c:db:95:21:6d:ae:3a:e5:2d:20:37:5b:e5:b3:73:3b:62:
         ca:a7:c5:fe:b0:d7:a7:a4:d1:fd:83:09:88:7e:94:83:ce:b3:
         41:a8:6d:e6:ea:31:04:1b:66:36:90:ee:c4:7e:80:30:c3:88:
         ef:30:b0:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1HY+zibwDZXZg4jdMmWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTRiMmZmYzg5NDRmZTEzNTc5NjAyODExMWNjZTczNDcx
ZWMzN2YwHhcNMjUwODA3MDAwMDQxWhcNMjUwODA4MDAwMDQxWjAzMTEwLwYDVQQD
EygxOWI1ZjdjODk5MWM2ZWFhYTljZDdiODNjNDc0NzNiZThiN2QzZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhe5vX8N2wdHWgJKIVdWhPrEc6rdF
uwLoI3THgyalbCKq8A+SzUnmjXpYA58+Mk9zgTHRvRJkm4jb1NJpVZtDOPw4OV9P
9Th7QZDuWETVQ1vC5OqFrLlELz+NCKMGnMEaskEzJ/ct/TAQldCxGfDSLp1lg9Ms
WnPwI5QjyD8ALmyzfJ03kxBb0RQ4//4rHpzUiHNHppnGamBloYGh0zYLENBkdBre
gI34eOedtA6zK1qUdmKNPfVdr2gSsBFzycKR3icsnwo7kC9pLKLTcwQl7hPrsGzM
NGxWayTxAALsb52Tk3EAjS3FiXLABRtuSI4Q/FUoqJdF0+GB0XuUBq0YCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBm198iZHG6qqc17g8R0c76LfT7wMB8GA1UdIwQY
MBaAFHGUsv/IlE/hNXlgKBEcznNHHsN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYt
MGVhYjgxMzliMjNhLzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYtMGVhYjgxMzliMjNh
LzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQm1zc9g
vLmcmRR2q4g2rqB/Li9R4/z3ds17PeWK6b/A810eslSvK/E+yuYh7RWkFamni5MD
WZsNAGkB4ues4JkYsWIwu6FZFllornIINBpk3UMBF4e9G8mKnvTb1d9No+FaC0Ry
wduWc8bQ8SzbKohRAd86Gxxi9yOW+sHSx3NbgM37nXHL6NHkEBLLUG2eRpc4ZOnh
OBykxo6lm60ZV2Y44z0mu9F0OllU7FOWK8GisTMUPKjXG1W9KkLNIQbftzAu4FHs
9ZzblSFtrjrlLSA3W+WzcztiyqfF/rDXp6TR/YMJiH6Ug86zQaht5uoxBBtmNpDu
xH6AMMOI7zCwaA==
-----END CERTIFICATE-----