Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          mpA50TxFK/Z77uv0Qb7kgoBMCZ+jTUePvtPNMYfUMpI=
Subject key identifier:   5D:C3:39:BB:2C:E9:E4:0B:64:6B:3A:CF:D8:7B:E3:B7:34:10:55:EF
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       0196CA605E45B2ADB4476852232BA68C4CAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          12B0
Signing time:             Tue 13 May 2025 16:00:35 +0000
Manifest this update:     Tue 13 May 2025 16:00:35 +0000
Manifest next update:     Wed 14 May 2025 16:00:35 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: LxnU9fqj0IcLNSbfXJK1uAlXnChkf4xpLYYAQpKLNXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 16:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:60:5e:45:b2:ad:b4:47:68:52:23:2b:a6:8c:4c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: May 13 16:00:35 2025 GMT
            Not After : May 14 16:00:35 2025 GMT
        Subject: CN=5dc339bb2ce9e40b646b3acfd87be3b7341055ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7a:40:2d:5b:eb:ef:20:17:21:d2:32:07:b4:
                    13:92:80:b0:62:85:b7:24:25:c9:c5:30:eb:89:ac:
                    33:91:34:3a:c5:7d:42:30:c3:00:41:49:8e:27:4a:
                    13:e5:88:05:f7:f3:fe:ba:14:23:dd:ea:f5:44:e2:
                    2c:76:d7:66:eb:6f:a0:0a:85:6f:91:6d:08:d7:d7:
                    7a:da:b7:37:c3:2e:1b:a8:43:84:87:a6:59:70:24:
                    91:f8:b0:10:38:33:7b:0c:47:91:12:42:77:8c:68:
                    7a:91:7c:a2:80:7c:63:bb:35:7d:e9:8a:d2:0d:55:
                    2b:35:7e:a0:a6:93:2c:ee:48:00:56:6b:58:77:c4:
                    9e:b7:7b:c6:e5:1e:f1:79:11:6e:db:41:52:ea:13:
                    fb:a9:05:15:32:21:85:a9:b5:59:97:e9:ac:4a:c8:
                    59:c2:10:5c:5e:e5:05:01:55:7e:d2:6b:c7:24:e5:
                    c1:be:f7:af:88:2a:91:5b:41:ea:7a:8f:e7:84:26:
                    69:f1:81:03:6d:d2:a9:92:f3:ab:f2:b6:b4:13:20:
                    dd:28:5a:48:ec:bb:16:b7:3a:4e:98:1f:cb:61:98:
                    df:da:3f:e7:cb:4a:fb:ef:e2:f3:24:0f:04:81:19:
                    3b:91:2c:dc:dd:6a:87:65:f2:f7:d5:90:41:c7:f9:
                    fb:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:C3:39:BB:2C:E9:E4:0B:64:6B:3A:CF:D8:7B:E3:B7:34:10:55:EF
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:3a:f0:63:b6:d9:a9:5e:97:6c:7f:57:2c:de:04:80:35:cc:
         fb:05:eb:eb:44:28:b2:2d:06:0c:63:3a:6a:3d:f3:43:eb:d4:
         70:2a:26:64:e5:67:c2:42:a4:cb:80:ca:c3:cd:95:a9:2d:bd:
         63:07:c9:48:c2:81:de:bc:ca:ea:a7:4c:11:4f:2f:95:07:00:
         5a:1c:39:fd:b2:e2:1b:42:27:27:e1:4a:f2:95:3f:07:a9:9a:
         0a:ad:df:bd:4c:a3:87:1a:63:ac:e4:72:97:0a:e7:b5:f3:20:
         23:bf:66:09:22:ae:42:d0:65:02:1c:c3:cd:30:78:06:ea:8f:
         75:1f:7c:ab:46:a1:e9:a8:a6:7c:dd:e6:dd:e1:c2:86:12:32:
         da:c1:e6:1c:71:08:67:fa:2e:9f:6b:b9:8e:0e:b3:8f:e7:15:
         5d:ee:33:82:ed:62:19:9d:60:b3:8f:ef:f0:6e:8b:9c:8a:01:
         8a:c0:b9:09:c6:35:a8:8b:96:cc:f4:ae:7d:b0:f7:0c:51:a5:
         cb:0c:2e:40:c9:39:f3:f0:33:b0:cd:a3:62:e8:47:90:a4:c5:
         78:84:67:33:10:e9:c2:91:71:50:2b:cd:9c:0c:83:31:fb:8c:
         c4:ac:db:c9:98:89:01:8a:b9:87:47:89:90:90:f8:b3:95:42:
         06:14:04:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYF5Fsq20R2hSIyumjEyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUwNTEzMTYwMDM1WhcNMjUwNTE0MTYwMDM1WjAzMTEwLwYDVQQD
Eyg1ZGMzMzliYjJjZTllNDBiNjQ2YjNhY2ZkODdiZTNiNzM0MTA1NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXpALVvr7yAXIdIyB7QTkoCwYoW3
JCXJxTDriawzkTQ6xX1CMMMAQUmOJ0oT5YgF9/P+uhQj3er1ROIsdtdm62+gCoVv
kW0I19d62rc3wy4bqEOEh6ZZcCSR+LAQODN7DEeREkJ3jGh6kXyigHxjuzV96YrS
DVUrNX6gppMs7kgAVmtYd8Set3vG5R7xeRFu20FS6hP7qQUVMiGFqbVZl+msSshZ
whBcXuUFAVV+0mvHJOXBvveviCqRW0Hqeo/nhCZp8YEDbdKpkvOr8ra0EyDdKFpI
7LsWtzpOmB/LYZjf2j/ny0r77+LzJA8EgRk7kSzc3WqHZfL31ZBBx/n76wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3DObss6eQLZGs6z9h747c0EFXvMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDrwY7bZ
qV6XbH9XLN4EgDXM+wXr60Qosi0GDGM6aj3zQ+vUcComZOVnwkKky4DKw82VqS29
YwfJSMKB3rzK6qdMEU8vlQcAWhw5/bLiG0InJ+FK8pU/B6maCq3fvUyjhxpjrORy
lwrntfMgI79mCSKuQtBlAhzDzTB4BuqPdR98q0ah6aimfN3m3eHChhIy2sHmHHEI
Z/oun2u5jg6zj+cVXe4zgu1iGZ1gs4/v8G6LnIoBisC5CcY1qIuWzPSufbD3DFGl
ywwuQMk58/AzsM2jYuhHkKTFeIRnMxDpwpFxUCvNnAyDMfuMxKzbyZiJAYq5h0eJ
kJD4s5VCBhQEWg==
-----END CERTIFICATE-----