Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          8xHSpfrhbvXXw3dHxYabuD7I8PpbWfAJvkNnWaCOzng=
Subject key identifier:   A5:E1:CA:67:7A:CF:D5:4B:43:D4:76:E5:1D:C5:58:F4:1D:90:D4:D1
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       01969F3F78AEF629F7361BA21E60BB9C7339
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          1391
Signing time:             Mon 05 May 2025 07:00:59 +0000
Manifest this update:     Mon 05 May 2025 07:00:59 +0000
Manifest next update:     Tue 06 May 2025 07:00:59 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: NqsYsZZQ/rP4GY70n9yBW8VnLackT79xNRl5kRRnbMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:3f:78:ae:f6:29:f7:36:1b:a2:1e:60:bb:9c:73:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: May  5 07:00:59 2025 GMT
            Not After : May  6 07:00:59 2025 GMT
        Subject: CN=a5e1ca677acfd54b43d476e51dc558f41d90d4d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:25:ac:26:5c:f6:6c:32:70:1e:73:3f:06:24:
                    45:0a:b2:ac:8e:31:d7:4d:e0:31:34:ae:f3:3a:da:
                    f6:2f:cf:a4:ac:5c:42:4f:53:77:f9:2c:a5:25:1c:
                    03:ce:94:19:44:b7:1f:fd:46:b8:94:67:ee:a9:64:
                    e4:e5:e4:fa:5c:71:e7:24:53:22:80:92:8f:19:2f:
                    b9:39:3a:6a:28:38:e4:f6:90:ea:17:76:54:5c:a1:
                    23:4c:f7:0e:7a:83:b0:7a:58:4d:9b:ac:59:cc:4e:
                    8a:7b:3d:24:43:e9:c6:48:88:bb:0b:2a:f1:e7:68:
                    5f:b5:14:62:b8:37:ed:e9:6c:54:20:d7:df:28:1c:
                    b8:b0:94:82:82:41:34:b9:76:76:c5:d1:03:d4:60:
                    6d:7f:94:f4:10:ed:75:4f:08:c1:f4:0a:44:41:82:
                    f3:d5:ed:e9:15:13:a5:ec:b1:c3:b7:89:34:bc:cc:
                    53:87:f6:1e:6f:71:89:de:23:5c:dd:35:3f:50:fc:
                    89:61:23:44:87:9e:d5:bf:10:ce:11:0c:cb:f5:96:
                    60:da:f8:e0:22:44:43:2e:0d:7b:45:1c:74:8f:16:
                    f0:22:9b:3d:0f:94:fd:88:c3:76:f2:b5:12:ab:43:
                    dd:59:15:a0:c9:6f:8a:3d:aa:bb:ca:cd:c8:09:12:
                    36:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:E1:CA:67:7A:CF:D5:4B:43:D4:76:E5:1D:C5:58:F4:1D:90:D4:D1
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:28:f8:3a:19:a4:30:ef:7d:4d:3b:f6:fd:78:9e:d9:1d:c6:
         06:ec:dc:41:b5:8d:bb:af:bd:c6:00:03:04:f7:82:41:e5:60:
         48:ec:09:b4:52:32:2b:c5:f5:35:ee:da:b8:b3:b0:53:fe:54:
         5d:a3:8a:5a:76:54:ee:28:98:93:20:22:f5:f1:c2:45:f8:86:
         a2:ef:d3:96:8c:e7:55:54:ef:d5:b4:03:10:10:d0:5c:e3:a3:
         bf:7d:3b:a9:93:7d:16:ce:4d:b1:ba:cb:9a:cd:07:2b:ab:5d:
         3e:22:45:62:c4:c2:69:c7:47:ea:a4:f2:3d:26:6b:46:cf:e1:
         53:ad:28:2c:59:c8:39:da:df:14:7b:65:d4:c9:d9:32:d2:c5:
         65:22:13:75:59:10:d6:0f:33:2c:4e:cd:47:29:94:d2:de:ea:
         f0:04:f0:9d:b2:11:a6:3a:40:07:81:3c:93:d8:82:07:db:3d:
         dd:d6:b5:db:9e:c1:7d:58:f4:e9:7b:03:02:9d:a7:d8:3a:f8:
         c1:d9:2f:43:e0:36:cd:c9:4d:3f:bb:f7:d7:d6:68:49:b9:89:
         66:75:69:55:6f:30:c7:77:e5:00:a6:20:d6:09:64:76:a9:9e:
         a3:b7:03:a7:96:92:7d:4e:7e:f3:de:8d:e8:4f:23:a2:2c:f7:
         f3:e5:e4:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafP3iu9in3NhuiHmC7nHM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwNTA1MDcwMDU5WhcNMjUwNTA2MDcwMDU5WjAzMTEwLwYDVQQD
EyhhNWUxY2E2NzdhY2ZkNTRiNDNkNDc2ZTUxZGM1NThmNDFkOTBkNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iWsJlz2bDJwHnM/BiRFCrKsjjHX
TeAxNK7zOtr2L8+krFxCT1N3+SylJRwDzpQZRLcf/Ua4lGfuqWTk5eT6XHHnJFMi
gJKPGS+5OTpqKDjk9pDqF3ZUXKEjTPcOeoOwelhNm6xZzE6Kez0kQ+nGSIi7Cyrx
52hftRRiuDft6WxUINffKBy4sJSCgkE0uXZ2xdED1GBtf5T0EO11TwjB9ApEQYLz
1e3pFROl7LHDt4k0vMxTh/Yeb3GJ3iNc3TU/UPyJYSNEh57VvxDOEQzL9ZZg2vjg
IkRDLg17RRx0jxbwIps9D5T9iMN28rUSq0PdWRWgyW+KPaq7ys3ICRI2fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXhymd6z9VLQ9R25R3FWPQdkNTRMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUij4Ohmk
MO99TTv2/Xie2R3GBuzcQbWNu6+9xgADBPeCQeVgSOwJtFIyK8X1Ne7auLOwU/5U
XaOKWnZU7iiYkyAi9fHCRfiGou/TloznVVTv1bQDEBDQXOOjv307qZN9Fs5NsbrL
ms0HK6tdPiJFYsTCacdH6qTyPSZrRs/hU60oLFnIOdrfFHtl1MnZMtLFZSITdVkQ
1g8zLE7NRymU0t7q8ATwnbIRpjpAB4E8k9iCB9s93da1257BfVj06XsDAp2n2Dr4
wdkvQ+A2zclNP7v319ZoSbmJZnVpVW8wx3flAKYg1glkdqmeo7cDp5aSfU5+896N
6E8joiz38+Xkqw==
-----END CERTIFICATE-----