Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
File:                     zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json)
Hash identifier:          OSbvIU5WDvNnpjXRg+VX29wljPjhgQT4R81WKFcnwbc=
Subject key identifier:   4C:7B:D4:E5:6B:D9:05:23:6A:9A:A5:CE:DF:D2:6E:7C:57:D5:28:86
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Certificate issuer:       /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial:       01987C77BC9F7AE7774C51FE6A5AC7560DEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
Manifest number:          09BD
Signing time:             Tue 05 Aug 2025 23:01:18 +0000
Manifest this update:     Tue 05 Aug 2025 23:01:18 +0000
Manifest next update:     Wed 06 Aug 2025 23:01:18 +0000
Files and hashes:         1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: thURjRw56iyKw2GX035Fyslcx8MznUxsMhJ+9SgGRd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:77:bc:9f:7a:e7:77:4c:51:fe:6a:5a:c7:56:0d:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
        Validity
            Not Before: Aug  5 23:01:18 2025 GMT
            Not After : Aug  6 23:01:18 2025 GMT
        Subject: CN=4c7bd4e56bd905236a9aa5cedfd26e7c57d52886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2f:ec:e5:94:8e:db:89:e5:94:9a:77:e9:51:
                    01:dd:79:53:5d:75:70:e0:53:cb:bb:59:ce:bb:87:
                    f3:e3:d2:eb:d0:34:3d:41:d4:5f:e7:20:7f:04:04:
                    17:d8:80:85:8a:ef:91:2a:57:6a:4c:34:36:95:b3:
                    96:fb:c6:21:3c:e9:e1:ef:82:5b:cd:4a:51:97:39:
                    1d:ba:2f:d1:4c:60:e3:d5:0f:0a:cc:6a:bb:44:1f:
                    3b:90:81:85:c3:fe:f8:b0:85:02:d7:d3:a8:46:2d:
                    51:46:9a:39:d9:3e:05:15:b8:c8:24:39:10:05:ea:
                    41:0a:77:48:17:8d:31:76:be:9e:43:b9:28:51:20:
                    2c:0f:7b:36:9e:c5:06:e0:19:d9:af:41:6f:48:ef:
                    8b:ef:4d:39:60:38:92:1e:c4:8d:c1:bd:90:1d:e9:
                    9f:94:e2:de:2e:aa:47:72:1e:f0:bf:e2:ae:8d:b1:
                    65:41:a3:3d:61:2e:ca:d5:26:a6:c4:1d:41:cd:4b:
                    5f:df:e8:b5:d6:54:5e:10:27:d1:12:45:c0:64:7d:
                    dc:03:05:17:fb:48:8e:59:dc:31:c4:2d:f6:08:af:
                    64:15:d0:8a:22:fd:5c:cf:05:12:ed:32:ab:b4:38:
                    42:3f:39:64:52:66:04:d2:ca:38:a6:85:74:dc:c8:
                    b8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7B:D4:E5:6B:D9:05:23:6A:9A:A5:CE:DF:D2:6E:7C:57:D5:28:86
            X509v3 Authority Key Identifier:
                keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:7c:99:d3:c5:8c:58:c0:f5:f9:ee:5c:58:07:4f:1b:50:68:
         8b:cb:3e:50:c7:c0:14:be:65:aa:0e:2c:8c:10:76:80:af:a2:
         b8:16:c0:76:5a:1a:48:72:6c:10:e9:48:a2:42:aa:59:a1:5b:
         15:64:57:71:8b:13:3f:c3:87:58:d6:54:76:b9:ca:06:52:16:
         f2:e5:a6:f6:79:c6:ac:66:95:c9:9a:66:cb:7f:25:cc:0f:88:
         70:63:c3:a1:06:b1:c2:2b:a9:8d:a7:ad:55:ea:73:1c:30:92:
         5b:5d:ca:f0:77:55:14:7d:2f:54:eb:88:c0:3f:96:02:5c:49:
         cd:b7:d4:e9:5f:bf:db:29:d6:7e:9f:1b:fb:5b:04:ff:0f:44:
         0e:2f:ef:48:d0:f8:b0:fc:cb:eb:5f:cc:e0:85:2b:38:a0:49:
         88:c3:8a:56:90:ad:18:4b:52:d9:e5:81:50:5a:8a:d4:97:26:
         d9:eb:b2:ab:82:63:68:c9:00:83:af:ae:52:a0:62:11:39:dd:
         14:e4:ac:aa:7f:00:ec:4c:59:ca:1c:f9:4c:8b:53:d9:c3:2f:
         b6:35:72:ac:63:c7:74:68:2f:8b:1e:84:cd:fa:91:5e:dc:97:
         55:00:1b:8c:0f:2b:d1:a5:74:65:c5:a3:88:2a:0f:97:9d:51:
         2a:18:67:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8d7yfeud3TFH+alrHVg3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjUwODA1MjMwMTE4WhcNMjUwODA2MjMwMTE4WjAzMTEwLwYDVQQD
Eyg0YzdiZDRlNTZiZDkwNTIzNmE5YWE1Y2VkZmQyNmU3YzU3ZDUyODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi/s5ZSO24nllJp36VEB3XlTXXVw
4FPLu1nOu4fz49Lr0DQ9QdRf5yB/BAQX2ICFiu+RKldqTDQ2lbOW+8YhPOnh74Jb
zUpRlzkdui/RTGDj1Q8KzGq7RB87kIGFw/74sIUC19OoRi1RRpo52T4FFbjIJDkQ
BepBCndIF40xdr6eQ7koUSAsD3s2nsUG4BnZr0FvSO+L7005YDiSHsSNwb2QHemf
lOLeLqpHch7wv+KujbFlQaM9YS7K1SamxB1BzUtf3+i11lReECfREkXAZH3cAwUX
+0iOWdwxxC32CK9kFdCKIv1czwUS7TKrtDhCPzlkUmYE0so4poV03Mi47wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEx71OVr2QUjapqlzt/SbnxX1SiGMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3yZ08WM
WMD1+e5cWAdPG1Boi8s+UMfAFL5lqg4sjBB2gK+iuBbAdloaSHJsEOlIokKqWaFb
FWRXcYsTP8OHWNZUdrnKBlIW8uWm9nnGrGaVyZpmy38lzA+IcGPDoQaxwiupjaet
VepzHDCSW13K8HdVFH0vVOuIwD+WAlxJzbfU6V+/2ynWfp8b+1sE/w9EDi/vSND4
sPzL61/M4IUrOKBJiMOKVpCtGEtS2eWBUFqK1Jcm2euyq4JjaMkAg6+uUqBiETnd
FOSsqn8A7ExZyhz5TItT2cMvtjVyrGPHdGgvix6EzfqRXtyXVQAbjA8r0aV0ZcWj
iCoPl51RKhhnVA==
-----END CERTIFICATE-----