Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
File:                     ZQXsmbwMbKl7--a9UkTeywKGbis.mft (raw, json)
Hash identifier:          EWY2vuWP3G2Tm05CXE5k8qiYmYF8Bvd4YRI1nTvD3Ts=
Subject key identifier:   5D:A1:22:E4:3A:33:79:86:FE:61:A4:CD:1F:7B:12:73:32:ED:E1:40
Authority key identifier: 65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B
Certificate issuer:       /CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
Certificate serial:       01988166C138D482F8E1E89E13DFE65BC2B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
Manifest number:          0B12
Signing time:             Wed 06 Aug 2025 22:00:51 +0000
Manifest this update:     Wed 06 Aug 2025 22:00:51 +0000
Manifest next update:     Thu 07 Aug 2025 22:00:51 +0000
Files and hashes:         1: ZQXsmbwMbKl7--a9UkTeywKGbis.crl (hash: 50Q8+R9DXrG1bVVhXJxf9rRAUzRNtBl/ALYW49pzCkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:66:c1:38:d4:82:f8:e1:e8:9e:13:df:e6:5b:c2:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
        Validity
            Not Before: Aug  6 22:00:51 2025 GMT
            Not After : Aug  7 22:00:51 2025 GMT
        Subject: CN=5da122e43a337986fe61a4cd1f7b127332ede140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:89:58:98:57:8c:d9:1e:4d:66:ba:a7:26:ec:
                    09:d9:73:14:92:7b:f8:29:2b:29:3a:86:39:47:36:
                    ec:dd:d3:2c:65:0e:c6:0d:e6:62:d5:cc:12:32:75:
                    5c:2d:3c:96:4c:6b:43:bc:36:29:06:6e:9a:f4:8d:
                    70:8a:c9:e7:cd:fd:c0:26:9f:9a:f3:a7:73:bb:c4:
                    1d:c2:30:2e:67:fc:a0:cf:cf:6c:c9:da:ff:37:72:
                    65:1b:26:83:c7:af:9b:ab:a0:dd:94:f2:5d:fc:52:
                    2b:07:65:5c:d5:db:f4:40:81:ec:9b:29:6d:53:7c:
                    c7:fe:76:44:37:2f:71:ec:d7:e5:02:f9:38:09:b7:
                    23:a7:c4:c0:e2:4d:0d:98:44:2e:75:f7:ae:04:8f:
                    a1:50:c7:ba:df:20:56:83:f4:cb:33:6a:65:e2:c8:
                    42:f6:5c:22:d6:78:69:62:ad:b5:78:16:fd:b2:a4:
                    c4:b7:db:79:43:84:67:50:04:1e:3e:e4:27:8f:f8:
                    2c:af:dc:fc:52:45:e5:8e:58:6a:94:5b:0d:07:f5:
                    04:d2:4c:3d:54:af:9d:5e:7f:80:c7:58:94:9d:2b:
                    48:31:a0:17:e1:21:50:b9:c4:3e:ef:0f:2d:3e:fc:
                    c4:36:66:aa:02:8d:1c:b5:88:f3:bc:f1:1b:22:c0:
                    e8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:A1:22:E4:3A:33:79:86:FE:61:A4:CD:1F:7B:12:73:32:ED:E1:40
            X509v3 Authority Key Identifier:
                keyid:65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:85:b8:85:d7:d4:ad:f8:3b:89:83:47:04:e1:1e:d0:1f:19:
         0a:1a:07:10:44:08:80:ca:b3:57:9d:a3:f7:14:4e:65:5b:d5:
         1f:40:65:e1:5d:6a:f4:a6:a2:e8:2a:d0:93:b4:c0:f0:fe:37:
         1a:a9:3b:ac:c2:8d:7c:44:0d:e5:8c:a1:69:b7:37:0f:32:ff:
         58:f0:2e:cc:e3:29:6c:29:ae:11:6c:78:39:6a:e4:50:83:5c:
         1c:82:84:80:11:aa:33:78:32:0f:8c:41:6b:37:f7:ec:ec:38:
         4b:c5:d4:88:25:12:e5:65:e5:89:c8:b0:44:13:b4:e4:27:52:
         64:36:69:8a:12:96:33:95:73:e1:8a:14:b2:bd:df:a6:7c:10:
         3b:a7:fe:86:c9:6a:f4:89:e9:df:48:81:68:d3:cb:46:2e:c7:
         eb:a0:3a:ac:86:11:25:b8:b3:10:68:6e:6a:90:47:b4:53:53:
         aa:42:d8:d4:f7:3a:49:b2:c9:fa:3c:0e:bf:f0:1a:56:2d:90:
         96:f2:52:ea:90:69:e0:16:f6:c3:2c:75:06:0b:5a:eb:59:8f:
         26:3a:4d:0f:b7:a5:c5:07:28:39:7a:8e:63:b8:e9:b5:77:3b:
         0c:9b:08:ad:0c:31:24:b7:db:10:af:c4:4b:0c:b2:6c:56:82:
         27:84:5d:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZsE41IL44eieE9/mW8KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDVlYzk5YmMwYzZjYTk3YmZiZTZiZDUyNDRkZWNiMDI4
NjZlMmIwHhcNMjUwODA2MjIwMDUxWhcNMjUwODA3MjIwMDUxWjAzMTEwLwYDVQQD
Eyg1ZGExMjJlNDNhMzM3OTg2ZmU2MWE0Y2QxZjdiMTI3MzMyZWRlMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4lYmFeM2R5NZrqnJuwJ2XMUknv4
KSspOoY5Rzbs3dMsZQ7GDeZi1cwSMnVcLTyWTGtDvDYpBm6a9I1wisnnzf3AJp+a
86dzu8QdwjAuZ/ygz89sydr/N3JlGyaDx6+bq6DdlPJd/FIrB2Vc1dv0QIHsmylt
U3zH/nZENy9x7NflAvk4Cbcjp8TA4k0NmEQudfeuBI+hUMe63yBWg/TLM2pl4shC
9lwi1nhpYq21eBb9sqTEt9t5Q4RnUAQePuQnj/gsr9z8UkXljlhqlFsNB/UE0kw9
VK+dXn+Ax1iUnStIMaAX4SFQucQ+7w8tPvzENmaqAo0ctYjzvPEbIsDoOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2hIuQ6M3mG/mGkzR97EnMy7eFAMB8GA1UdIwQY
MBaAFGUF7Jm8DGype/vmvVJE3ssChm4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEt
ZmRhNWRkNTkwZjE2LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEtZmRhNWRkNTkwZjE2
LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN4W4hdfU
rfg7iYNHBOEe0B8ZChoHEEQIgMqzV52j9xROZVvVH0Bl4V1q9Kai6CrQk7TA8P43
Gqk7rMKNfEQN5Yyhabc3DzL/WPAuzOMpbCmuEWx4OWrkUINcHIKEgBGqM3gyD4xB
azf37Ow4S8XUiCUS5WXliciwRBO05CdSZDZpihKWM5Vz4YoUsr3fpnwQO6f+hslq
9Inp30iBaNPLRi7H66A6rIYRJbizEGhuapBHtFNTqkLY1Pc6SbLJ+jwOv/AaVi2Q
lvJS6pBp4Bb2wyx1Bgta61mPJjpND7elxQcoOXqOY7jptXc7DJsIrQwxJLfbEK/E
SwyybFaCJ4RdGw==
-----END CERTIFICATE-----