Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
File:                     Unzgu6rDVu3srWci8qhvjgZJCY4.mft (raw, json)
Hash identifier:          s/qfgs6CSktpvyqPZxWw4pqg045xJOJd1Ebnz7Vfu1c=
Subject key identifier:   57:70:C0:CF:8C:E6:72:F2:6A:51:0F:55:FA:9F:E7:0E:86:57:8D:B1
Authority key identifier: 52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E
Certificate issuer:       /CN=527ce0bbaac356edecad6722f2a86f8e0649098e
Certificate serial:       0196789F605AF4756B2D1F3DEFB6B11B0FCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
Manifest number:          14A0
Signing time:             Sun 27 Apr 2025 19:00:32 +0000
Manifest this update:     Sun 27 Apr 2025 19:00:32 +0000
Manifest next update:     Mon 28 Apr 2025 19:00:32 +0000
Files and hashes:         1: Unzgu6rDVu3srWci8qhvjgZJCY4.crl (hash: gYE2eraPKNK9Y3Ho+zFEz10cPEeymWaZ+tWKKM03SAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:9f:60:5a:f4:75:6b:2d:1f:3d:ef:b6:b1:1b:0f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=527ce0bbaac356edecad6722f2a86f8e0649098e
        Validity
            Not Before: Apr 27 19:00:32 2025 GMT
            Not After : Apr 28 19:00:32 2025 GMT
        Subject: CN=5770c0cf8ce672f26a510f55fa9fe70e86578db1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:07:64:b7:3a:3d:87:1d:7b:d5:67:92:f4:c2:
                    e4:d5:e2:c6:15:64:ec:12:69:39:fe:87:ed:d3:f9:
                    b3:bb:66:17:d3:96:96:b1:dd:fc:2c:c7:bc:12:59:
                    6a:8d:49:4a:5e:b7:91:63:5c:bb:3e:6f:af:23:ab:
                    b7:ba:df:59:50:06:63:ca:82:54:78:bc:f3:7e:3e:
                    35:30:d9:76:82:f7:19:bf:f6:b8:af:64:eb:7d:ef:
                    06:4e:ba:2f:a8:2b:b4:d4:96:52:a7:8f:06:13:c9:
                    6c:c2:c9:2b:71:ec:48:00:f2:4f:fe:ef:c5:d7:67:
                    54:af:cc:4c:90:15:47:e8:03:96:2f:be:21:d9:c2:
                    01:58:f5:a9:49:a8:a7:fe:f9:48:f3:21:68:79:d8:
                    1d:43:75:bd:f5:7e:89:a9:a9:a3:65:db:e8:01:ff:
                    22:d3:fe:da:6f:2d:3b:22:d9:02:0d:5c:09:39:49:
                    a7:58:74:f5:fb:a0:ab:b7:79:10:3a:63:a3:2a:d1:
                    6f:17:97:64:55:f1:a9:22:5e:79:9d:fe:48:3d:a1:
                    64:12:d0:a9:ef:b9:9a:98:f0:4a:4b:d2:4d:37:11:
                    aa:0f:e6:9f:15:1d:31:8a:37:aa:0d:a7:61:eb:ff:
                    d6:a5:7c:89:50:d7:c8:19:97:a9:62:1f:90:32:aa:
                    d3:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:70:C0:CF:8C:E6:72:F2:6A:51:0F:55:FA:9F:E7:0E:86:57:8D:B1
            X509v3 Authority Key Identifier:
                keyid:52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:6a:e4:c5:95:18:bc:a5:80:72:ea:04:e4:50:b0:d4:ef:a8:
         5f:a1:46:dd:28:35:64:d9:2a:d4:4c:b4:72:de:f8:03:a1:2f:
         08:36:57:e4:d8:26:a7:1a:b8:a3:84:ae:ab:6c:52:c3:db:66:
         8d:93:9b:6b:10:c6:9e:32:e1:9c:70:c9:72:7f:4e:94:73:3b:
         ec:6f:80:3d:81:d6:92:93:d0:0f:2b:a0:fe:50:37:1b:37:48:
         37:c8:1e:37:55:db:35:75:0e:b2:51:8c:71:be:be:d4:ea:5b:
         fa:40:9c:5d:85:7f:89:7b:19:a6:bd:db:a1:63:49:c6:e3:5a:
         6c:fa:24:ad:64:f7:80:1e:57:dc:92:bf:35:92:1a:4b:fe:33:
         7f:7e:b4:ce:46:e8:9a:ce:45:2a:bc:28:88:94:36:03:28:e9:
         c6:52:db:84:1f:83:20:53:79:13:41:89:e7:8f:f1:c9:fd:55:
         1a:93:b6:d1:a0:ce:9f:7a:a8:e8:4a:49:af:62:95:a0:38:81:
         fd:7e:de:64:7d:71:44:f7:d3:d3:19:bb:81:31:0c:28:94:69:
         dd:d7:dd:ab:bc:b8:98:1c:c7:3e:bc:e1:e8:f7:5e:30:61:d4:
         9a:88:2d:9d:7b:02:e4:3f:39:4f:e4:fa:06:29:98:1c:fb:fe:
         ca:3d:b5:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4n2Ba9HVrLR8977axGw/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyN2NlMGJiYWFjMzU2ZWRlY2FkNjcyMmYyYTg2ZjhlMDY0
OTA5OGUwHhcNMjUwNDI3MTkwMDMyWhcNMjUwNDI4MTkwMDMyWjAzMTEwLwYDVQQD
Eyg1NzcwYzBjZjhjZTY3MmYyNmE1MTBmNTVmYTlmZTcwZTg2NTc4ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAdktzo9hx171WeS9MLk1eLGFWTs
Emk5/oft0/mzu2YX05aWsd38LMe8EllqjUlKXreRY1y7Pm+vI6u3ut9ZUAZjyoJU
eLzzfj41MNl2gvcZv/a4r2Trfe8GTrovqCu01JZSp48GE8lswskrcexIAPJP/u/F
12dUr8xMkBVH6AOWL74h2cIBWPWpSain/vlI8yFoedgdQ3W99X6JqamjZdvoAf8i
0/7aby07ItkCDVwJOUmnWHT1+6Crt3kQOmOjKtFvF5dkVfGpIl55nf5IPaFkEtCp
77mamPBKS9JNNxGqD+afFR0xijeqDadh6//WpXyJUNfIGZepYh+QMqrT3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdwwM+M5nLyalEPVfqf5w6GV42xMB8GA1UdIwQY
MBaAFFJ84Luqw1bt7K1nIvKob44GSQmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDkt
OGEyYjdmOTU2OTI0LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDktOGEyYjdmOTU2OTI0
LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2rkxZUY
vKWAcuoE5FCw1O+oX6FG3Sg1ZNkq1Ey0ct74A6EvCDZX5Ngmpxq4o4Suq2xSw9tm
jZObaxDGnjLhnHDJcn9OlHM77G+APYHWkpPQDyug/lA3GzdIN8geN1XbNXUOslGM
cb6+1Opb+kCcXYV/iXsZpr3boWNJxuNabPokrWT3gB5X3JK/NZIaS/4zf360zkbo
ms5FKrwoiJQ2AyjpxlLbhB+DIFN5E0GJ54/xyf1VGpO20aDOn3qo6EpJr2KVoDiB
/X7eZH1xRPfT0xm7gTEMKJRp3dfdq7y4mBzHPrzh6PdeMGHUmogtnXsC5D85T+T6
BimYHPv+yj21SQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:05:23 2025 by rpki-client