Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          zSVYEC/1wXH3i0qNaf8mvSf+tuVCE5LKWG089LcSt8o=
Subject key identifier:   57:E5:61:0E:D6:21:E2:E7:B6:AC:F9:3D:CC:7B:0D:E1:FD:DE:49:B5
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       01969E9A68D4F7FDDBCC9EDDA358D1365C5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1521
Signing time:             Mon 05 May 2025 04:00:41 +0000
Manifest this update:     Mon 05 May 2025 04:00:41 +0000
Manifest next update:     Tue 06 May 2025 04:00:41 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: MGCTxFeHKR+IhK4lXSP7GUzUrQ4t48oGiPKfl/d1J4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:68:d4:f7:fd:db:cc:9e:dd:a3:58:d1:36:5c:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: May  5 04:00:41 2025 GMT
            Not After : May  6 04:00:41 2025 GMT
        Subject: CN=57e5610ed621e2e7b6acf93dcc7b0de1fdde49b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b1:52:6c:38:11:f0:49:b5:04:61:f9:3c:b6:
                    e6:3f:a1:10:8e:e1:18:af:ce:bf:27:19:bf:6c:c4:
                    bc:63:9a:54:d5:5f:7e:bf:43:4b:5a:05:bc:90:15:
                    f0:72:65:11:95:6b:29:ef:f2:e6:13:0a:cd:86:aa:
                    99:74:e6:ee:89:18:a0:f4:e6:0c:22:d3:37:6d:22:
                    a3:f3:ef:19:99:85:8c:57:79:dc:aa:4b:51:49:60:
                    37:b2:38:3b:14:e7:62:17:ee:5f:ef:65:b2:5c:9c:
                    21:75:19:f8:86:50:64:f7:56:0b:7d:73:eb:f5:6f:
                    84:41:9f:d0:2a:aa:89:c1:f5:3e:61:68:f1:2e:7f:
                    a6:4b:f5:f0:15:00:95:6d:6c:60:c9:f7:d0:14:c9:
                    35:75:04:d7:4d:ff:2b:96:65:c5:df:18:06:11:b0:
                    60:8a:37:cc:f8:d1:37:51:0a:b8:ea:63:28:97:1f:
                    ab:6f:69:58:a5:e0:ee:b8:d7:60:7f:06:06:08:10:
                    28:c2:32:0e:bc:9e:e1:aa:b7:bc:35:c8:b3:73:b9:
                    d3:a1:8e:4e:f5:10:a3:2e:7e:52:38:f4:9c:ec:2f:
                    36:29:70:8f:57:15:c9:35:1d:00:b8:a5:7c:74:d3:
                    43:3d:6a:cb:a8:29:f7:d3:93:e6:ac:df:10:f9:fb:
                    51:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E5:61:0E:D6:21:E2:E7:B6:AC:F9:3D:CC:7B:0D:E1:FD:DE:49:B5
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:69:76:3b:7e:4b:c9:d7:b9:1c:21:f3:a3:52:94:90:58:4c:
         96:aa:9a:b6:b7:8e:54:a8:7f:91:4d:36:51:d8:8f:bb:c3:35:
         4d:15:e1:80:02:1b:7a:8c:12:38:45:c7:44:49:7c:5b:7c:6b:
         ae:ff:f7:7a:da:e0:d7:95:c7:ca:de:0d:25:7a:52:2e:e9:8d:
         a1:59:b0:10:fd:d7:88:24:57:7a:24:2a:df:12:3e:4f:55:a0:
         11:06:69:a9:f0:1a:f1:2c:8a:24:32:a2:05:00:7d:4b:98:63:
         3b:b5:00:3b:66:7b:9a:f9:db:eb:61:a4:06:ae:e9:32:09:d5:
         4e:f7:7b:53:dc:4f:f2:7d:6c:d0:ec:f7:77:83:9d:2b:02:59:
         1f:b9:07:30:dd:c8:e1:01:16:61:17:87:67:20:68:a3:0e:cc:
         21:cf:10:f6:62:8d:98:96:0b:51:c0:ee:96:87:75:8f:4e:f1:
         ec:9b:98:61:cf:fe:e2:cf:20:e3:04:bd:2d:f7:42:1c:c0:b7:
         03:14:48:b5:2b:17:a5:e5:03:bb:47:02:f6:e3:8e:f2:ac:f3:
         bb:37:48:ef:3f:97:d6:07:c1:28:27:7b:98:5b:03:71:80:d3:
         20:c9:7a:83:08:27:87:59:e7:08:d9:47:73:8b:93:76:39:8d:
         cf:ba:26:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemmjU9/3bzJ7do1jRNlxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwNTA1MDQwMDQxWhcNMjUwNTA2MDQwMDQxWjAzMTEwLwYDVQQD
Eyg1N2U1NjEwZWQ2MjFlMmU3YjZhY2Y5M2RjYzdiMGRlMWZkZGU0OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rFSbDgR8Em1BGH5PLbmP6EQjuEY
r86/Jxm/bMS8Y5pU1V9+v0NLWgW8kBXwcmURlWsp7/LmEwrNhqqZdObuiRig9OYM
ItM3bSKj8+8ZmYWMV3ncqktRSWA3sjg7FOdiF+5f72WyXJwhdRn4hlBk91YLfXPr
9W+EQZ/QKqqJwfU+YWjxLn+mS/XwFQCVbWxgyffQFMk1dQTXTf8rlmXF3xgGEbBg
ijfM+NE3UQq46mMolx+rb2lYpeDuuNdgfwYGCBAowjIOvJ7hqre8Ncizc7nToY5O
9RCjLn5SOPSc7C82KXCPVxXJNR0AuKV8dNNDPWrLqCn305PmrN8Q+ftRgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFflYQ7WIeLntqz5Pcx7DeH93km1MB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGl2O35L
yde5HCHzo1KUkFhMlqqatreOVKh/kU02UdiPu8M1TRXhgAIbeowSOEXHREl8W3xr
rv/3etrg15XHyt4NJXpSLumNoVmwEP3XiCRXeiQq3xI+T1WgEQZpqfAa8SyKJDKi
BQB9S5hjO7UAO2Z7mvnb62GkBq7pMgnVTvd7U9xP8n1s0Oz3d4OdKwJZH7kHMN3I
4QEWYReHZyBoow7MIc8Q9mKNmJYLUcDulod1j07x7JuYYc/+4s8g4wS9LfdCHMC3
AxRItSsXpeUDu0cC9uOO8qzzuzdI7z+X1gfBKCd7mFsDcYDTIMl6gwgnh1nnCNlH
c4uTdjmNz7omSQ==
-----END CERTIFICATE-----