Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          CAUPj47v5zwm8PuDcI3hQGQX3299H6hkOpSTZhKj8qg=
Subject key identifier:   C3:8E:72:37:C0:FC:C2:E6:33:02:1C:59:76:5B:93:04:71:79:B5:9C
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       019873E3166711DB29943602E98F754C86AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          1615
Signing time:             Mon 04 Aug 2025 07:01:58 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:58 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:58 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: amkJdSQVpC1H76dLQA6KMWXnmk8DJq8zvVwRhHD8cXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:16:67:11:db:29:94:36:02:e9:8f:75:4c:86:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Aug  4 07:01:58 2025 GMT
            Not After : Aug  5 07:01:58 2025 GMT
        Subject: CN=c38e7237c0fcc2e633021c59765b93047179b59c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:bb:1c:dc:20:51:cd:dd:b7:70:3b:81:8e:5a:
                    9c:d0:fb:5f:05:cd:0a:df:7b:61:c7:5e:d7:41:ad:
                    64:09:23:ec:d4:69:28:ad:3b:6d:f3:62:e4:2a:e8:
                    38:fb:57:78:12:dd:50:d6:bd:a3:a5:49:82:aa:3d:
                    45:74:3c:04:78:1e:d3:37:c9:8b:3a:ca:c0:51:bb:
                    15:33:91:3a:a9:56:48:7f:b6:04:35:01:62:16:26:
                    1a:d3:97:33:a0:a5:0f:77:5b:ca:0e:c6:15:61:7e:
                    8a:b0:11:c6:9a:f7:fc:d9:4d:d0:62:2e:2f:d0:f6:
                    29:91:20:f9:d5:7c:29:cd:fc:06:e7:c3:61:30:71:
                    f7:26:57:c6:9b:7f:34:8e:f0:92:43:74:1e:6d:f5:
                    56:4c:f5:26:14:ea:e4:26:1d:b2:fe:b0:2a:2d:2e:
                    e7:b1:7b:eb:b7:c8:97:f6:7c:8a:4d:6e:e2:06:a1:
                    5f:fa:31:97:ce:fd:cb:f3:40:8a:6c:fa:84:88:8d:
                    50:eb:2e:0e:44:be:33:6a:6c:3d:31:1e:9a:1c:3a:
                    59:0a:9f:23:01:49:c5:7b:39:9c:af:35:6c:b9:91:
                    a5:86:9b:2b:d1:1c:c8:dd:77:18:db:76:4a:af:c1:
                    e6:3f:fc:59:9a:b1:6d:6b:3c:72:9f:df:aa:ac:14:
                    05:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8E:72:37:C0:FC:C2:E6:33:02:1C:59:76:5B:93:04:71:79:B5:9C
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b4:2d:b5:42:1e:b6:b8:74:df:e8:7b:c0:54:dd:3b:5d:ba:
         2b:c8:43:1c:86:e5:28:a9:88:c5:10:4e:bb:d1:f7:ab:a1:ed:
         bf:21:7b:df:d0:e5:51:e0:e7:3e:64:73:28:81:cd:06:c6:ed:
         dd:36:33:03:d0:d7:28:62:7f:a4:4b:46:2f:96:7d:f3:e1:2b:
         58:a3:19:cb:3e:24:1f:d3:95:44:66:1b:df:56:0e:d1:f3:ce:
         63:63:ef:07:5d:66:4f:10:34:39:fc:b3:db:a9:ac:d0:e9:a1:
         3d:7a:22:41:5e:e1:68:92:82:38:19:49:e1:2b:c8:15:77:3f:
         e2:91:ed:cd:ab:25:fd:af:d3:01:b0:b7:cb:d2:f7:8d:ab:14:
         8a:c4:8a:91:13:22:eb:28:3d:0f:ac:6b:59:b2:59:9a:4f:88:
         d3:08:d7:20:ab:aa:15:23:7f:53:34:fa:ef:96:af:a0:11:df:
         84:7a:81:42:f5:71:23:13:aa:85:21:ef:66:61:58:30:72:5b:
         0c:f8:ab:84:4c:6f:b2:12:ec:18:51:57:97:de:8d:66:e5:68:
         75:58:87:2a:25:a1:57:76:95:f1:91:06:16:e1:47:4a:96:03:
         d2:1e:f4:27:ee:1a:67:e1:15:ad:6a:8b:dc:2d:27:3d:9f:19:
         49:4c:a7:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4xZnEdsplDYC6Y91TIasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUwODA0MDcwMTU4WhcNMjUwODA1MDcwMTU4WjAzMTEwLwYDVQQD
EyhjMzhlNzIzN2MwZmNjMmU2MzMwMjFjNTk3NjViOTMwNDcxNzliNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbsc3CBRzd23cDuBjlqc0PtfBc0K
33thx17XQa1kCSPs1GkorTtt82LkKug4+1d4Et1Q1r2jpUmCqj1FdDwEeB7TN8mL
OsrAUbsVM5E6qVZIf7YENQFiFiYa05czoKUPd1vKDsYVYX6KsBHGmvf82U3QYi4v
0PYpkSD51XwpzfwG58NhMHH3JlfGm380jvCSQ3QebfVWTPUmFOrkJh2y/rAqLS7n
sXvrt8iX9nyKTW7iBqFf+jGXzv3L80CKbPqEiI1Q6y4ORL4zamw9MR6aHDpZCp8j
AUnFezmcrzVsuZGlhpsr0RzI3XcY23ZKr8HmP/xZmrFtazxyn9+qrBQFFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOOcjfA/MLmMwIcWXZbkwRxebWcMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7QttUIe
trh03+h7wFTdO126K8hDHIblKKmIxRBOu9H3q6HtvyF739DlUeDnPmRzKIHNBsbt
3TYzA9DXKGJ/pEtGL5Z98+ErWKMZyz4kH9OVRGYb31YO0fPOY2PvB11mTxA0Ofyz
26ms0OmhPXoiQV7haJKCOBlJ4SvIFXc/4pHtzasl/a/TAbC3y9L3jasUisSKkRMi
6yg9D6xrWbJZmk+I0wjXIKuqFSN/UzT675avoBHfhHqBQvVxIxOqhSHvZmFYMHJb
DPirhExvshLsGFFXl96NZuVodViHKiWhV3aV8ZEGFuFHSpYD0h70J+4aZ+EVrWqL
3C0nPZ8ZSUynVA==
-----END CERTIFICATE-----