Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
File:                     cZSy_8iUT-E1eWAoERzOc0cew38.mft (raw, json)
Hash identifier:          Tlrh1ZZCVrC1ZZ1nbWD4mB1StyJi+XKjw7d8eT10G4k=
Subject key identifier:   AD:23:B6:0A:58:BF:54:64:C1:C4:5C:FB:C2:82:B7:44:5E:58:95:7D
Authority key identifier: 71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F
Certificate issuer:       /CN=7194b2ffc8944fe135796028111cce73471ec37f
Certificate serial:       019683FF7D48E648FF7B8EED89BB8BC9409E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
Manifest number:          0410
Signing time:             Wed 30 Apr 2025 00:01:21 +0000
Manifest this update:     Wed 30 Apr 2025 00:01:21 +0000
Manifest next update:     Thu 01 May 2025 00:01:21 +0000
Files and hashes:         1: cZSy_8iUT-E1eWAoERzOc0cew38.crl (hash: pVjcBnaGl55s72twENgfJAuBeH7MahtRwlJv4x+NnyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:7d:48:e6:48:ff:7b:8e:ed:89:bb:8b:c9:40:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7194b2ffc8944fe135796028111cce73471ec37f
        Validity
            Not Before: Apr 30 00:01:21 2025 GMT
            Not After : May  1 00:01:21 2025 GMT
        Subject: CN=ad23b60a58bf5464c1c45cfbc282b7445e58957d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f0:d6:aa:6e:58:50:42:c9:4e:bc:d1:86:93:
                    62:b1:69:6e:cc:a5:05:e3:39:d2:b3:12:98:25:ce:
                    b5:a4:77:ad:79:91:00:5f:98:8b:7f:4f:03:aa:36:
                    62:5a:e9:a7:08:03:ea:9e:16:96:e4:4e:a3:c8:f2:
                    69:cf:2a:91:4c:6a:be:b2:22:36:48:99:92:5d:48:
                    d9:81:60:99:5f:4d:a2:54:f0:b9:1d:93:21:3c:40:
                    93:cc:e1:26:10:60:a9:23:dd:44:4c:9f:c6:b9:4c:
                    c2:9a:95:eb:98:8e:57:1b:53:8e:9d:23:af:60:8b:
                    b4:c1:eb:82:04:88:a3:04:7d:9e:f0:71:54:82:b6:
                    cc:61:b0:c0:2c:81:d2:8d:9a:2e:70:a0:e5:3d:92:
                    81:10:78:7f:82:39:c4:bd:fe:7a:f5:64:da:5f:2f:
                    7d:40:5f:89:8a:6d:a0:3b:cb:c4:47:87:28:3c:0b:
                    b8:79:b7:12:5f:92:7a:1f:9a:e9:31:ad:c8:3c:f4:
                    a5:da:51:23:b3:61:1e:8e:7d:8f:c6:f7:6f:14:2a:
                    c6:7d:4f:e2:9a:4a:21:a5:fd:b5:e8:85:34:a6:06:
                    03:18:2b:ce:c2:b0:2b:06:4a:3d:48:73:35:9f:f7:
                    45:07:7a:de:2b:6c:2d:db:fb:c4:75:e1:8c:a9:9f:
                    1a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:23:B6:0A:58:BF:54:64:C1:C4:5C:FB:C2:82:B7:44:5E:58:95:7D
            X509v3 Authority Key Identifier:
                keyid:71:94:B2:FF:C8:94:4F:E1:35:79:60:28:11:1C:CE:73:47:1E:C3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSy_8iUT-E1eWAoERzOc0cew38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1069ef-3dc1-444e-a7df-0eab8139b23a/1/cZSy_8iUT-E1eWAoERzOc0cew38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:7f:a9:02:0d:44:88:35:79:96:45:94:0d:5e:76:1c:98:40:
         49:47:ca:45:c8:b0:83:14:92:b9:21:81:68:2c:88:64:2e:2e:
         09:d3:4b:00:66:45:4f:ba:4d:48:9b:c1:70:fb:d0:8d:30:db:
         3d:1e:5c:0d:05:4c:d0:38:6a:30:65:1a:34:03:68:7f:67:24:
         63:e1:f5:2f:f0:ad:f9:56:b0:de:2d:66:76:4e:b3:07:64:17:
         06:60:8c:62:70:9b:60:9c:06:26:76:fc:ae:78:68:e8:25:77:
         59:ea:bd:1d:b0:fb:5b:1c:d2:40:68:c0:30:1e:73:43:7e:aa:
         f4:87:77:1c:0b:2c:27:c6:94:38:80:0c:aa:e6:1b:1c:81:f9:
         e6:a6:a3:fc:59:dc:e1:f3:d5:e8:90:e9:4c:18:02:63:23:e6:
         3a:95:f8:d9:8c:61:c4:03:2f:10:cd:51:7d:57:1c:42:90:1d:
         e9:79:ff:f9:3d:d3:19:90:e5:62:27:9e:23:eb:65:2b:8a:c4:
         8e:5a:7d:de:cb:ff:fd:c0:e9:d7:b8:0f:97:50:ff:7d:0c:42:
         2a:a9:79:f3:3a:e2:bf:7c:2d:4b:69:fa:e1:89:9c:0a:a5:a1:
         e7:4b:a2:e3:59:04:d5:ce:eb:9a:21:3d:fd:88:e2:05:13:42:
         9e:ea:27:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/31I5kj/e47tibuLyUCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTRiMmZmYzg5NDRmZTEzNTc5NjAyODExMWNjZTczNDcx
ZWMzN2YwHhcNMjUwNDMwMDAwMTIxWhcNMjUwNTAxMDAwMTIxWjAzMTEwLwYDVQQD
EyhhZDIzYjYwYTU4YmY1NDY0YzFjNDVjZmJjMjgyYjc0NDVlNTg5NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fDWqm5YUELJTrzRhpNisWluzKUF
4znSsxKYJc61pHeteZEAX5iLf08DqjZiWumnCAPqnhaW5E6jyPJpzyqRTGq+siI2
SJmSXUjZgWCZX02iVPC5HZMhPECTzOEmEGCpI91ETJ/GuUzCmpXrmI5XG1OOnSOv
YIu0weuCBIijBH2e8HFUgrbMYbDALIHSjZoucKDlPZKBEHh/gjnEvf569WTaXy99
QF+Jim2gO8vER4coPAu4ebcSX5J6H5rpMa3IPPSl2lEjs2Eejn2PxvdvFCrGfU/i
mkohpf216IU0pgYDGCvOwrArBko9SHM1n/dFB3reK2wt2/vEdeGMqZ8awwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0jtgpYv1RkwcRc+8KCt0ReWJV9MB8GA1UdIwQY
MBaAFHGUsv/IlE/hNXlgKBEcznNHHsN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYt
MGVhYjgxMzliMjNhLzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xMDY5ZWYtM2RjMS00NDRlLWE3ZGYtMGVhYjgxMzliMjNh
LzEvY1pTeV84aVVULUUxZVdBb0VSek9jMGNldzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAH+pAg1E
iDV5lkWUDV52HJhASUfKRciwgxSSuSGBaCyIZC4uCdNLAGZFT7pNSJvBcPvQjTDb
PR5cDQVM0DhqMGUaNANof2ckY+H1L/Ct+Vaw3i1mdk6zB2QXBmCMYnCbYJwGJnb8
rnho6CV3Weq9HbD7WxzSQGjAMB5zQ36q9Id3HAssJ8aUOIAMquYbHIH55qaj/Fnc
4fPV6JDpTBgCYyPmOpX42YxhxAMvEM1RfVccQpAd6Xn/+T3TGZDlYieeI+tlK4rE
jlp93sv//cDp17gPl1D/fQxCKql58zriv3wtS2n64YmcCqWh50ui41kE1c7rmiE9
/YjiBRNCnuoncw==
-----END CERTIFICATE-----