Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
File:                     Zhao67AREZsvaVMn-xblH4hwRHk.mft (raw, json)
Hash identifier:          TGPBqjvsFG9BIKVKsTv0wI+pcF36+QRI8AJjjMGK2Hs=
Subject key identifier:   DC:47:49:B6:2F:CC:DB:6A:10:10:3F:F0:39:EE:1D:BF:E6:F2:31:B0
Authority key identifier: 66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79
Certificate issuer:       /CN=6616a8ebb011119b2f695327fb16e51f88704479
Certificate serial:       0198D515B9AA25AD4E9567DDCBFC1DDBC8B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
Manifest number:          0105
Signing time:             Sat 23 Aug 2025 04:00:27 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:27 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:27 +0000
Files and hashes:         1: Zhao67AREZsvaVMn-xblH4hwRHk.crl (hash: KH/mRWDDjffSR6R3ByxezzYIMszZQvUsNL9vioTwC2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:b9:aa:25:ad:4e:95:67:dd:cb:fc:1d:db:c8:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6616a8ebb011119b2f695327fb16e51f88704479
        Validity
            Not Before: Aug 23 04:00:27 2025 GMT
            Not After : Aug 24 04:00:27 2025 GMT
        Subject: CN=dc4749b62fccdb6a10103ff039ee1dbfe6f231b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:58:37:59:34:12:48:c6:ee:2b:87:9b:79:7f:
                    e4:18:6f:ba:2f:5c:83:00:73:91:76:62:dd:80:71:
                    38:cd:1f:47:83:08:60:c8:82:7f:99:3f:bb:61:6b:
                    2d:a3:54:f5:75:e6:5e:fc:78:91:02:55:e2:45:89:
                    b2:76:3b:04:fc:a9:65:12:f6:9d:dd:7f:ed:d6:51:
                    1e:a4:cb:ad:85:15:d6:8c:34:97:6e:4a:12:96:23:
                    88:09:9c:91:fe:c1:b8:c2:e5:1b:3a:44:1d:50:d9:
                    49:98:be:f0:bb:20:30:3b:fc:8e:54:dd:2d:91:a5:
                    6a:ba:dc:f5:c9:5c:45:fd:4a:92:d1:09:6b:3d:13:
                    ff:f8:91:90:90:c3:cb:50:1b:00:36:b8:7d:28:6a:
                    8e:9b:9d:21:91:0e:94:b1:52:8b:3d:1f:ea:22:9f:
                    3a:3c:69:3f:c4:58:d2:f1:9b:69:44:d5:9e:46:c6:
                    ea:09:23:e3:03:1c:37:79:6d:c7:ac:b4:6a:6f:95:
                    04:5c:d3:12:f7:f5:0e:50:52:e8:2a:26:37:62:47:
                    7e:30:62:64:08:f0:bc:5f:37:91:c9:dd:45:e4:57:
                    83:6d:9b:c6:d8:74:79:d7:a1:1a:e8:c1:14:f6:52:
                    79:7d:38:55:b0:fa:2a:0d:b6:ed:0b:80:ff:6a:85:
                    53:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:47:49:B6:2F:CC:DB:6A:10:10:3F:F0:39:EE:1D:BF:E6:F2:31:B0
            X509v3 Authority Key Identifier:
                keyid:66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:81:96:cf:d6:b4:f6:0f:f0:79:98:d4:23:5e:12:30:60:45:
         1d:bb:9b:65:68:b8:a7:f9:84:e8:ce:94:03:9d:e3:ce:a7:62:
         8b:f7:88:4e:b9:5a:c0:79:ca:b9:c9:cf:7b:07:af:78:84:53:
         a6:7d:cc:1c:db:2b:78:47:54:e1:f8:16:64:fd:13:00:8f:0f:
         91:9c:67:64:2e:ab:dd:5e:9b:a6:5c:48:47:a5:6f:42:2c:70:
         9d:ab:a7:7c:6a:78:77:42:f7:68:24:96:b3:58:8c:8c:b0:ca:
         cc:6a:02:27:3c:30:3f:cf:a4:22:0d:65:48:f1:f3:48:30:e9:
         bc:60:29:0d:95:dc:ad:8e:67:f3:f0:f8:1a:a6:c8:7a:67:b5:
         fa:00:c9:0b:59:a2:13:a1:b9:26:ab:81:4b:93:e4:c8:32:03:
         8a:29:c7:42:17:af:9f:e6:f8:62:4c:c4:af:e8:8d:97:8e:23:
         c8:9b:70:d9:19:26:f3:bc:02:c7:03:b4:64:e2:80:80:69:9a:
         6a:36:d0:27:4d:5a:26:14:a3:c7:f5:9b:64:f0:44:61:69:84:
         ca:bd:c3:7b:a0:1b:e3:26:c6:e5:c2:6d:5a:2e:e7:0c:3b:64:
         bc:83:4b:89:3e:35:26:55:b7:20:33:3d:7c:35:79:fa:75:f4:
         77:3f:73:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFbmqJa1OlWfdy/wd28i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTZhOGViYjAxMTExOWIyZjY5NTMyN2ZiMTZlNTFmODg3
MDQ0NzkwHhcNMjUwODIzMDQwMDI3WhcNMjUwODI0MDQwMDI3WjAzMTEwLwYDVQQD
EyhkYzQ3NDliNjJmY2NkYjZhMTAxMDNmZjAzOWVlMWRiZmU2ZjIzMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlg3WTQSSMbuK4ebeX/kGG+6L1yD
AHORdmLdgHE4zR9HgwhgyIJ/mT+7YWsto1T1deZe/HiRAlXiRYmydjsE/KllEvad
3X/t1lEepMuthRXWjDSXbkoSliOICZyR/sG4wuUbOkQdUNlJmL7wuyAwO/yOVN0t
kaVqutz1yVxF/UqS0QlrPRP/+JGQkMPLUBsANrh9KGqOm50hkQ6UsVKLPR/qIp86
PGk/xFjS8ZtpRNWeRsbqCSPjAxw3eW3HrLRqb5UEXNMS9/UOUFLoKiY3Ykd+MGJk
CPC8XzeRyd1F5FeDbZvG2HR516Ea6MEU9lJ5fThVsPoqDbbtC4D/aoVTOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxHSbYvzNtqEBA/8DnuHb/m8jGwMB8GA1UdIwQY
MBaAFGYWqOuwERGbL2lTJ/sW5R+IcER5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEt
ZWQzZDI3MDU1MDIwLzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEtZWQzZDI3MDU1MDIw
LzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXIGWz9a0
9g/weZjUI14SMGBFHbubZWi4p/mE6M6UA53jzqdii/eITrlawHnKucnPeweveIRT
pn3MHNsreEdU4fgWZP0TAI8PkZxnZC6r3V6bplxIR6VvQixwnaunfGp4d0L3aCSW
s1iMjLDKzGoCJzwwP8+kIg1lSPHzSDDpvGApDZXcrY5n8/D4GqbIeme1+gDJC1mi
E6G5JquBS5PkyDIDiinHQhevn+b4YkzEr+iNl44jyJtw2Rkm87wCxwO0ZOKAgGma
ajbQJ01aJhSjx/WbZPBEYWmEyr3De6Ab4ybG5cJtWi7nDDtkvINLiT41JlW3IDM9
fDV5+nX0dz9z8A==
-----END CERTIFICATE-----