Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          ae3VjgF3/QN5fkNA08ffDDxDn5tBn7xYUy8obdKlVh8=
Subject key identifier:   1B:45:B3:84:2D:64:D9:21:E4:8B:2A:96:44:D5:80:07:FE:09:3A:E8
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       01976961945AAAA227AB757A47BEC8F61EA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:01:31 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:31 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:31 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: KGKwZyumfGrnGqs8rIMY3vFmuHMEO6aVzn+6Vzea+Qo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:94:5a:aa:a2:27:ab:75:7a:47:be:c8:f6:1e:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Jun 13 13:01:31 2025 GMT
            Not After : Jun 14 13:01:31 2025 GMT
        Subject: CN=1b45b3842d64d921e48b2a9644d58007fe093ae8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:19:82:3c:48:aa:bf:67:60:b5:d6:27:d1:be:
                    fc:62:6c:e1:a4:e8:27:43:5a:4e:1d:31:12:2b:ac:
                    2e:db:c5:1d:1d:bf:85:b6:4c:0f:79:90:7d:68:d0:
                    7e:f5:1e:38:5f:f0:65:07:31:6d:19:0c:51:84:cd:
                    bd:0f:7f:c1:07:5c:a7:31:bc:1e:f7:fe:0d:3c:fa:
                    94:10:bd:a6:74:a6:87:1e:d5:44:c2:0e:5f:e9:ea:
                    a9:4f:f3:64:aa:4c:b0:2f:32:f5:da:2d:05:73:61:
                    5e:7a:62:12:98:db:fc:bc:8d:28:cc:4e:27:1f:e0:
                    1f:a5:e1:13:2b:35:23:f3:85:48:6e:0c:9f:b0:9b:
                    c7:40:77:bf:aa:87:97:c4:d0:ea:9f:16:66:d4:a0:
                    07:20:48:ab:cc:84:ab:e2:50:68:ce:86:c8:45:a8:
                    e6:23:45:a5:47:f7:24:12:b9:29:fb:aa:3e:9d:af:
                    c1:5b:99:e4:25:4a:18:71:1b:40:c9:1e:ff:b3:62:
                    92:56:55:40:46:c4:49:ce:43:72:a8:fd:6c:b6:45:
                    a5:1f:53:dc:42:e4:b7:d7:00:b9:1f:3e:47:68:6d:
                    e2:68:68:73:38:b2:56:7d:90:b0:c7:80:6d:3d:64:
                    a1:f6:a9:af:bc:c0:d4:65:56:bb:d3:ac:6e:e5:dd:
                    a4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:45:B3:84:2D:64:D9:21:E4:8B:2A:96:44:D5:80:07:FE:09:3A:E8
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:a2:e8:6c:2a:b5:a1:a6:0f:9d:c6:f5:9b:b9:16:b1:c5:b3:
         2b:de:51:82:1b:74:41:c1:65:72:82:f9:64:fa:8c:28:18:72:
         e7:66:fa:9b:fa:18:29:71:d8:be:95:01:58:2a:f8:98:27:6c:
         ed:dc:64:28:ca:7b:45:31:5a:af:7c:c3:80:25:cb:4a:41:eb:
         49:ba:6d:80:d1:b3:f5:9e:8e:5e:51:3e:da:f3:f3:45:17:af:
         ab:28:b4:54:6f:57:ee:5e:f9:bd:4f:71:12:87:7a:4f:a4:19:
         e7:7a:c5:f2:91:d8:d0:9f:64:6a:1a:47:d5:d9:ba:63:29:cc:
         63:22:0f:3a:71:68:73:93:88:5e:6f:53:ff:45:b8:26:10:7b:
         fe:a9:64:8e:68:f9:d0:2a:27:c3:cf:91:b7:01:35:a4:b5:e3:
         6c:53:07:00:2f:1e:15:2c:57:c1:52:12:e0:31:da:83:66:1e:
         ab:70:e7:e9:ed:c9:db:1a:90:2a:90:df:d0:51:e0:a6:fc:a9:
         6f:b5:17:ff:41:9f:cd:8a:17:ef:f1:90:ca:96:52:06:a5:78:
         c9:05:a4:04:5f:78:4b:5e:cd:83:b6:21:50:f8:2f:be:5b:d3:
         0f:30:06:44:82:1f:07:be:95:04:b4:60:4b:c1:79:b1:f6:58:
         7f:e5:72:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYZRaqqInq3V6R77I9h6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwNjEzMTMwMTMxWhcNMjUwNjE0MTMwMTMxWjAzMTEwLwYDVQQD
EygxYjQ1YjM4NDJkNjRkOTIxZTQ4YjJhOTY0NGQ1ODAwN2ZlMDkzYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xmCPEiqv2dgtdYn0b78YmzhpOgn
Q1pOHTESK6wu28UdHb+FtkwPeZB9aNB+9R44X/BlBzFtGQxRhM29D3/BB1ynMbwe
9/4NPPqUEL2mdKaHHtVEwg5f6eqpT/NkqkywLzL12i0Fc2FeemISmNv8vI0ozE4n
H+AfpeETKzUj84VIbgyfsJvHQHe/qoeXxNDqnxZm1KAHIEirzISr4lBozobIRajm
I0WlR/ckErkp+6o+na/BW5nkJUoYcRtAyR7/s2KSVlVARsRJzkNyqP1stkWlH1Pc
QuS31wC5Hz5HaG3iaGhzOLJWfZCwx4BtPWSh9qmvvMDUZVa706xu5d2kKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtFs4QtZNkh5IsqlkTVgAf+CTroMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKLobCq1
oaYPncb1m7kWscWzK95Rght0QcFlcoL5ZPqMKBhy52b6m/oYKXHYvpUBWCr4mCds
7dxkKMp7RTFar3zDgCXLSkHrSbptgNGz9Z6OXlE+2vPzRRevqyi0VG9X7l75vU9x
Eod6T6QZ53rF8pHY0J9kahpH1dm6YynMYyIPOnFoc5OIXm9T/0W4JhB7/qlkjmj5
0Conw8+RtwE1pLXjbFMHAC8eFSxXwVIS4DHag2Yeq3Dn6e3J2xqQKpDf0FHgpvyp
b7UX/0GfzYoX7/GQypZSBqV4yQWkBF94S17Ng7YhUPgvvlvTDzAGRIIfB76VBLRg
S8F5sfZYf+Vytg==
-----END CERTIFICATE-----