Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
File:                     ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft (raw, json)
Hash identifier:          YmGhsl1MTkQMVA+oTHER1FWbmASVUMXy35uRdaNIwTc=
Subject key identifier:   EC:59:62:D3:4C:50:7D:41:DA:77:9A:A7:81:F9:C3:0D:2B:E6:4C:29
Authority key identifier: 65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B
Certificate issuer:       /CN=654364d0c6c93df28027488afcbfcf329726392b
Certificate serial:       01967FB518973DCC90A7D529F486B08A1B67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
Manifest number:          08A7
Signing time:             Tue 29 Apr 2025 04:01:36 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:36 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:36 +0000
Files and hashes:         1: ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl (hash: RxzMt3DkK+PP0KAgCjlCG4Q8Az6sZUKyaySe4diovBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b5:18:97:3d:cc:90:a7:d5:29:f4:86:b0:8a:1b:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654364d0c6c93df28027488afcbfcf329726392b
        Validity
            Not Before: Apr 29 04:01:36 2025 GMT
            Not After : Apr 30 04:01:36 2025 GMT
        Subject: CN=ec5962d34c507d41da779aa781f9c30d2be64c29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:4c:4d:dc:3f:7f:7d:c3:a6:72:1e:44:e7:2f:
                    22:fa:ae:88:8d:b4:8f:66:57:70:f4:e7:28:d3:cf:
                    9a:10:b3:88:df:b4:d0:f7:37:db:b2:68:d0:05:13:
                    74:f9:ef:fe:3a:b8:89:af:e0:fe:c9:a6:dd:7b:b5:
                    8c:30:ec:b1:8d:1a:26:04:68:b1:4e:70:e1:c9:1f:
                    e0:be:f5:bb:ea:29:ad:9f:14:d3:e7:18:d9:3c:14:
                    0b:82:1e:cc:24:db:ef:7a:1b:f5:b9:e9:32:a7:5f:
                    7b:69:96:e6:23:39:c9:00:52:58:91:44:1d:04:42:
                    8c:75:d7:b0:94:90:38:86:2d:5d:61:db:b5:0f:c0:
                    cb:b8:e8:27:78:9f:7a:87:7c:0a:83:de:25:36:26:
                    7d:c4:62:7c:05:1d:86:ba:2f:ed:30:d4:cb:d2:5b:
                    36:e7:76:ae:27:e6:bf:de:d6:c8:b2:66:fa:b9:39:
                    9b:3c:29:e6:e6:e0:9c:0b:bf:a7:51:f2:6b:63:73:
                    63:a4:f5:02:cd:1e:50:7c:56:86:6f:55:f2:23:c7:
                    06:1b:88:eb:d6:31:bd:8f:0d:9a:0e:2b:98:92:73:
                    4a:56:42:47:59:05:7f:20:66:21:27:3e:e6:0e:30:
                    d3:a2:24:70:24:69:78:b2:39:ae:f2:0f:a8:27:d0:
                    38:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:59:62:D3:4C:50:7D:41:DA:77:9A:A7:81:F9:C3:0D:2B:E6:4C:29
            X509v3 Authority Key Identifier:
                keyid:65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:74:d8:d7:6d:a3:50:99:ea:f1:d6:7f:ee:13:d1:54:92:fe:
         30:07:b0:1f:eb:3f:ad:96:52:8b:92:65:75:da:a7:85:c8:d4:
         c3:03:b3:7e:71:89:41:0d:36:20:d8:01:a3:6b:66:e4:1a:0f:
         c6:c4:69:fa:74:c7:18:1a:7b:7a:8d:d4:99:9b:f7:10:18:e8:
         ea:b2:b0:1c:c6:3a:ea:cc:44:1d:91:0c:23:70:ed:88:73:66:
         0d:78:36:e8:03:90:e1:2c:6e:ef:5a:f5:76:06:e6:d5:da:75:
         1c:4e:23:a3:82:d0:15:14:96:19:6d:c8:79:fa:4e:64:b4:e5:
         3f:a2:9f:48:a3:09:c9:da:85:05:5b:f6:71:7d:9f:4f:82:bf:
         64:f3:4c:1a:d9:8d:50:27:e8:ac:e5:17:b6:82:f8:66:ce:5b:
         8e:ed:92:39:9b:fb:dd:22:84:e6:04:03:41:30:ce:37:67:63:
         64:49:41:73:f5:b9:04:4f:89:7d:73:49:80:5f:58:cc:2b:fa:
         92:b8:05:52:fc:36:05:2b:20:06:0e:17:a7:2a:72:1f:61:4a:
         e7:62:20:16:eb:41:91:2b:2a:b4:58:ce:e9:19:ec:95:b3:c0:
         62:7c:95:fb:3f:56:1d:8c:c9:36:e2:8e:79:92:b8:c9:0d:97:
         1c:8e:9b:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tRiXPcyQp9Up9IawihtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2NGQwYzZjOTNkZjI4MDI3NDg4YWZjYmZjZjMyOTcy
NjM5MmIwHhcNMjUwNDI5MDQwMTM2WhcNMjUwNDMwMDQwMTM2WjAzMTEwLwYDVQQD
EyhlYzU5NjJkMzRjNTA3ZDQxZGE3NzlhYTc4MWY5YzMwZDJiZTY0YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUxN3D9/fcOmch5E5y8i+q6IjbSP
Zldw9Oco08+aELOI37TQ9zfbsmjQBRN0+e/+OriJr+D+yabde7WMMOyxjRomBGix
TnDhyR/gvvW76imtnxTT5xjZPBQLgh7MJNvvehv1uekyp197aZbmIznJAFJYkUQd
BEKMddewlJA4hi1dYdu1D8DLuOgneJ96h3wKg94lNiZ9xGJ8BR2Gui/tMNTL0ls2
53auJ+a/3tbIsmb6uTmbPCnm5uCcC7+nUfJrY3NjpPUCzR5QfFaGb1XyI8cGG4jr
1jG9jw2aDiuYknNKVkJHWQV/IGYhJz7mDjDToiRwJGl4sjmu8g+oJ9A4JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxZYtNMUH1B2neap4H5ww0r5kwpMB8GA1UdIwQY
MBaAFGVDZNDGyT3ygCdIivy/zzKXJjkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTct
YjZlOGVhOTEyNDgwLzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTctYjZlOGVhOTEyNDgw
LzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3TY122j
UJnq8dZ/7hPRVJL+MAewH+s/rZZSi5JlddqnhcjUwwOzfnGJQQ02INgBo2tm5BoP
xsRp+nTHGBp7eo3UmZv3EBjo6rKwHMY66sxEHZEMI3DtiHNmDXg26AOQ4Sxu71r1
dgbm1dp1HE4jo4LQFRSWGW3IefpOZLTlP6KfSKMJydqFBVv2cX2fT4K/ZPNMGtmN
UCforOUXtoL4Zs5bju2SOZv73SKE5gQDQTDON2djZElBc/W5BE+JfXNJgF9YzCv6
krgFUvw2BSsgBg4XpypyH2FK52IgFutBkSsqtFjO6RnslbPAYnyV+z9WHYzJNuKO
eZK4yQ2XHI6bCw==
-----END CERTIFICATE-----