Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          8e2UNapzWxPbyZVLBMxF5b4+Y0MKZGxhCZs9eeLbnCg=
Subject key identifier:   58:04:E0:31:20:02:DE:5E:39:D3:81:99:C8:8D:84:9C:80:00:B1:00
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       0197B7EA18D29E061A5520223BD3353E6D60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          132B
Signing time:             Sat 28 Jun 2025 19:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:01 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: dsv5cWWV5FGgBbM98NsMEZ56kDatZS3wuFwbFaoN/gg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:18:d2:9e:06:1a:55:20:22:3b:d3:35:3e:6d:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Jun 28 19:01:01 2025 GMT
            Not After : Jun 29 19:01:01 2025 GMT
        Subject: CN=5804e0312002de5e39d38199c88d849c8000b100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a5:9b:a8:0c:da:6e:10:15:8a:dc:63:45:0f:
                    89:55:d1:b1:be:a2:e2:1f:31:1f:02:a2:9c:ff:7f:
                    21:98:3f:9c:8e:e2:90:f3:90:b8:e9:96:7f:2d:90:
                    61:66:c1:b0:b2:c5:3d:a0:da:e5:10:81:ad:eb:f7:
                    8e:7f:62:68:c7:89:ec:cd:46:95:1a:70:73:74:83:
                    fc:45:12:4b:35:50:38:f9:aa:74:c7:46:4e:4f:ea:
                    72:36:e0:8a:c7:44:3f:3c:e0:30:42:3a:a6:e5:d1:
                    14:cd:23:ab:43:7f:0d:14:41:4c:ae:1e:e9:83:e1:
                    d6:6c:00:bb:c3:b4:b5:86:ff:3c:03:ae:38:86:bc:
                    10:ad:e7:64:96:41:67:96:35:63:aa:26:6a:6e:00:
                    b7:a9:cd:20:8b:d4:09:7f:ee:ac:7d:43:e3:5e:4a:
                    cb:c8:77:d4:68:d3:c0:b3:20:09:f7:d8:cb:1c:53:
                    bd:cf:7a:7c:ef:69:c9:3c:fa:f7:1b:8f:0b:a0:01:
                    5e:9d:12:ac:94:5a:b2:63:a8:12:4f:2f:e4:82:be:
                    eb:b7:02:43:29:aa:1f:d6:f6:29:c3:7b:f3:cf:c2:
                    57:b6:09:40:96:cf:99:ca:bd:3b:73:ef:21:2c:4c:
                    e6:0d:60:77:57:46:7b:43:3d:e0:ef:e4:22:91:38:
                    bf:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:04:E0:31:20:02:DE:5E:39:D3:81:99:C8:8D:84:9C:80:00:B1:00
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:94:13:ac:f3:35:89:f6:7a:2c:9b:e6:3d:81:84:1f:96:d0:
         7e:94:9d:d9:27:03:54:3f:d7:b7:76:8e:c0:a0:28:2a:2c:65:
         b8:12:b3:ee:de:3f:6c:70:8c:c4:a8:65:92:b2:48:cd:8c:93:
         f1:75:e0:bf:bf:d2:e3:a8:1b:88:8d:ff:1c:98:df:75:37:7b:
         ea:ed:33:60:ec:3e:55:68:bb:87:a4:25:40:93:94:a9:4e:44:
         bd:74:87:23:69:39:94:48:2d:9f:57:e7:bb:68:44:6d:3b:10:
         ae:46:eb:71:c1:5b:4e:95:0d:54:66:76:57:fb:84:83:5f:94:
         2d:de:4f:92:6f:19:89:6a:87:d7:29:37:56:22:4c:23:17:c5:
         b8:22:64:00:ab:c3:cf:f7:02:4d:c1:00:90:6f:cd:7e:32:43:
         48:af:45:7d:ac:fa:15:af:e6:c6:9a:1b:22:f6:1f:07:8e:3a:
         6f:79:d6:63:dd:1e:76:a7:6f:bf:ca:ac:f9:97:af:a2:1e:80:
         52:f1:40:e8:35:75:b6:4c:43:ba:0d:ee:9d:82:ea:f3:4a:13:
         f1:95:ac:a3:f7:d1:9f:14:73:bd:84:d3:14:44:78:7c:32:74:
         7b:fb:4c:09:97:22:b5:33:6c:62:04:6c:95:3a:ec:72:ca:11:
         12:35:80:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36hjSngYaVSAiO9M1Pm1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUwNjI4MTkwMTAxWhcNMjUwNjI5MTkwMTAxWjAzMTEwLwYDVQQD
Eyg1ODA0ZTAzMTIwMDJkZTVlMzlkMzgxOTljODhkODQ5YzgwMDBiMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqWbqAzabhAVitxjRQ+JVdGxvqLi
HzEfAqKc/38hmD+cjuKQ85C46ZZ/LZBhZsGwssU9oNrlEIGt6/eOf2Jox4nszUaV
GnBzdIP8RRJLNVA4+ap0x0ZOT+pyNuCKx0Q/POAwQjqm5dEUzSOrQ38NFEFMrh7p
g+HWbAC7w7S1hv88A644hrwQredklkFnljVjqiZqbgC3qc0gi9QJf+6sfUPjXkrL
yHfUaNPAsyAJ99jLHFO9z3p872nJPPr3G48LoAFenRKslFqyY6gSTy/kgr7rtwJD
Kaof1vYpw3vzz8JXtglAls+Zyr07c+8hLEzmDWB3V0Z7Qz3g7+QikTi/DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgE4DEgAt5eOdOBmciNhJyAALEAMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfpQTrPM1
ifZ6LJvmPYGEH5bQfpSd2ScDVD/Xt3aOwKAoKixluBKz7t4/bHCMxKhlkrJIzYyT
8XXgv7/S46gbiI3/HJjfdTd76u0zYOw+VWi7h6QlQJOUqU5EvXSHI2k5lEgtn1fn
u2hEbTsQrkbrccFbTpUNVGZ2V/uEg1+ULd5Pkm8ZiWqH1yk3ViJMIxfFuCJkAKvD
z/cCTcEAkG/NfjJDSK9Ffaz6Fa/mxpobIvYfB446b3nWY90edqdvv8qs+Zevoh6A
UvFA6DV1tkxDug3unYLq80oT8ZWso/fRnxRzvYTTFER4fDJ0e/tMCZcitTNsYgRs
lTrscsoREjWAKA==
-----END CERTIFICATE-----