Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
File:                     1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft (raw, json)
Hash identifier:          EE7/LSx/gVS+cjMR29Uc8K4AyQtEXaAYnBaDyCSkQ8A=
Subject key identifier:   9E:86:E6:69:CB:A6:E8:B5:2D:A5:C4:68:56:AF:0F:4F:0F:4F:84:BF
Authority key identifier: D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D
Certificate issuer:       /CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
Certificate serial:       019874507F1924B33466E29F7566A5129527
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
Manifest number:          032F
Signing time:             Mon 04 Aug 2025 09:01:29 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:29 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:29 +0000
Files and hashes:         1: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl (hash: vEtDi9DX8RgqrZi/NhBiEx2ejlgXcafZACH5J0jHPQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:7f:19:24:b3:34:66:e2:9f:75:66:a5:12:95:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
        Validity
            Not Before: Aug  4 09:01:29 2025 GMT
            Not After : Aug  5 09:01:29 2025 GMT
        Subject: CN=9e86e669cba6e8b52da5c46856af0f4f0f4f84bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:97:08:16:39:5d:0f:34:95:35:e0:d9:7f:c4:
                    16:a4:95:7b:53:69:8c:47:3f:9d:d3:95:18:eb:e8:
                    e1:44:85:1f:c1:c6:c0:f7:b3:7b:38:58:cd:f2:e6:
                    37:64:27:13:7c:f8:b9:53:a3:c7:b1:89:69:97:0c:
                    83:76:ac:ed:de:90:00:c5:c9:ac:1e:25:d5:51:d8:
                    ba:85:d5:50:a1:d5:90:27:fc:ef:fd:3f:3b:45:27:
                    7d:6c:85:d1:6e:64:63:11:1c:e2:f1:47:3b:02:0d:
                    e3:40:06:ac:8c:63:47:c1:33:59:65:97:9c:66:b6:
                    ca:49:64:f9:8e:94:57:b9:90:f3:95:ef:48:c6:91:
                    75:ee:05:22:96:44:75:50:95:8f:90:44:73:f9:bb:
                    b8:86:44:ba:bb:05:77:ab:c2:5b:69:37:1a:1a:77:
                    4d:3b:a7:33:a8:b9:57:24:ef:22:36:97:1b:00:f7:
                    7a:93:b7:50:a3:28:c9:99:11:05:3e:45:fd:a2:4f:
                    a8:2f:43:56:0b:e6:bb:29:e5:3d:ab:52:81:00:04:
                    65:75:78:11:08:4f:80:bd:e9:40:09:4f:13:fd:ac:
                    7c:be:ab:61:c1:0b:2a:2f:0a:4c:1c:f8:35:6c:3d:
                    e1:a5:07:a6:17:51:ad:6f:10:21:57:6d:f8:b5:11:
                    53:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:86:E6:69:CB:A6:E8:B5:2D:A5:C4:68:56:AF:0F:4F:0F:4F:84:BF
            X509v3 Authority Key Identifier:
                keyid:D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e6:20:8b:91:1a:44:ea:da:08:c4:58:97:39:d2:f9:55:94:d9:
         c2:62:87:2b:4f:63:df:b0:03:27:83:fc:d9:3e:98:63:86:d1:
         e6:ea:4c:1f:57:82:92:8e:d9:9e:3c:eb:54:8f:2f:36:b9:89:
         4f:ff:9e:a7:d4:e8:a9:ca:88:59:b3:44:96:d3:0d:51:79:b1:
         a0:de:43:ea:ee:cb:74:fc:11:af:93:d6:44:88:7e:c6:c0:67:
         67:3b:a3:62:b6:ef:96:85:86:8c:82:c4:f0:9c:21:57:10:c6:
         37:64:7e:ad:c3:80:18:09:59:a5:8c:53:13:47:6b:40:e8:1e:
         10:55:03:34:b5:ce:e0:11:0f:a0:2e:2c:26:e3:25:ba:4c:e3:
         00:8b:5d:b4:87:65:ef:6c:99:58:a4:94:2a:dc:13:1c:37:2c:
         7b:1f:03:38:83:f8:25:df:5d:32:14:ff:ad:31:83:e8:dc:8f:
         ce:97:0b:06:bf:66:1f:00:bb:b7:24:10:8e:78:51:3d:54:18:
         f9:49:eb:37:58:a2:ba:e1:96:ce:78:4b:ce:af:08:6a:17:db:
         e3:6d:cf:ad:64:e1:cc:ff:97:65:40:69:8e:0e:c5:5e:33:04:
         5b:55:2b:75:33:ef:11:c8:e3:36:80:0d:b7:33:c5:03:97:c3:
         16:54:dc:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UH8ZJLM0ZuKfdWalEpUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MmNjNDAyNjdlMzU5MmUxYjUyZjBmMDA5NmNiMWYyZjBh
ZjE2N2QwHhcNMjUwODA0MDkwMTI5WhcNMjUwODA1MDkwMTI5WjAzMTEwLwYDVQQD
Eyg5ZTg2ZTY2OWNiYTZlOGI1MmRhNWM0Njg1NmFmMGY0ZjBmNGY4NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pcIFjldDzSVNeDZf8QWpJV7U2mM
Rz+d05UY6+jhRIUfwcbA97N7OFjN8uY3ZCcTfPi5U6PHsYlplwyDdqzt3pAAxcms
HiXVUdi6hdVQodWQJ/zv/T87RSd9bIXRbmRjERzi8Uc7Ag3jQAasjGNHwTNZZZec
ZrbKSWT5jpRXuZDzle9IxpF17gUilkR1UJWPkERz+bu4hkS6uwV3q8JbaTcaGndN
O6czqLlXJO8iNpcbAPd6k7dQoyjJmREFPkX9ok+oL0NWC+a7KeU9q1KBAARldXgR
CE+AvelACU8T/ax8vqthwQsqLwpMHPg1bD3hpQemF1GtbxAhV234tRFTtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6G5mnLpui1LaXEaFavD08PT4S/MB8GA1UdIwQY
MBaAFNQsxAJn41kuG1Lw8AlssfLwrxZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjct
MTZlMTMwODczN2IwLzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjctMTZlMTMwODczN2Iw
LzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5iCLkRpE
6toIxFiXOdL5VZTZwmKHK09j37ADJ4P82T6YY4bR5upMH1eCko7ZnjzrVI8vNrmJ
T/+ep9ToqcqIWbNEltMNUXmxoN5D6u7LdPwRr5PWRIh+xsBnZzujYrbvloWGjILE
8JwhVxDGN2R+rcOAGAlZpYxTE0drQOgeEFUDNLXO4BEPoC4sJuMlukzjAItdtIdl
72yZWKSUKtwTHDcsex8DOIP4Jd9dMhT/rTGD6NyPzpcLBr9mHwC7tyQQjnhRPVQY
+UnrN1iiuuGWznhLzq8Iahfb423PrWThzP+XZUBpjg7FXjMEW1UrdTPvEcjjNoAN
tzPFA5fDFlTcWA==
-----END CERTIFICATE-----