Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          8Qs35WSbaSp8ClZ3DwXCQ+sxUQNXMvo5+fR8S0BuP58=
Subject key identifier:   F8:63:70:BE:2E:92:A6:57:24:66:2D:57:5F:F5:0A:A6:BD:89:6B:F7
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       0198D84FB824A8696B2A74EE6184B820233B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0B4E
Signing time:             Sat 23 Aug 2025 19:02:39 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:39 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:39 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: +kDxfFlhp6c2aZadM/Em3CsTY2m4yJ9KhLvmvfYaY9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:b8:24:a8:69:6b:2a:74:ee:61:84:b8:20:23:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Aug 23 19:02:39 2025 GMT
            Not After : Aug 24 19:02:39 2025 GMT
        Subject: CN=f86370be2e92a65724662d575ff50aa6bd896bf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:10:20:06:42:ce:aa:8b:91:72:40:23:98:94:
                    3c:a7:89:39:f5:31:35:4e:d6:22:9d:98:ff:6b:d7:
                    40:4c:18:b0:82:c2:f8:06:92:ea:aa:09:30:54:9a:
                    5c:95:fb:df:f4:c3:8e:a4:f6:5c:82:cc:ce:9f:24:
                    48:64:5a:7a:81:14:52:e1:c3:f3:f9:5a:b8:ed:3d:
                    72:5b:81:97:a2:23:18:9b:27:76:f2:4f:7f:63:01:
                    51:9a:a3:59:0d:e3:9a:6c:9e:e1:4e:61:b7:d8:5e:
                    f0:47:33:64:c1:31:46:81:e7:24:b0:fa:93:00:c6:
                    c1:b2:79:a1:e3:00:cb:3c:72:74:c1:b0:b5:e4:28:
                    b3:44:c4:d6:50:d1:47:1b:65:54:5d:28:49:de:73:
                    83:77:b5:53:ad:f4:fa:bc:21:91:f5:fc:ed:da:c8:
                    85:95:d4:bc:c5:39:11:6c:a2:c9:f4:2e:ab:49:32:
                    3c:47:5a:12:b6:cb:94:45:22:35:a8:33:1c:38:55:
                    d6:b2:a3:0f:d0:3c:d0:54:c2:15:df:80:92:fd:e1:
                    54:49:5d:0b:64:30:a3:02:41:b4:e9:3d:46:a9:e8:
                    fc:b9:4d:94:2c:f2:d9:89:e2:db:e4:b7:58:9b:7f:
                    bb:75:7f:62:93:15:d8:de:43:29:06:f3:a2:87:91:
                    34:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:63:70:BE:2E:92:A6:57:24:66:2D:57:5F:F5:0A:A6:BD:89:6B:F7
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a8:34:2c:2e:0a:ae:ea:b6:bf:73:d2:93:b1:96:6e:52:db:
         12:b6:25:6e:d9:35:cd:89:08:8a:f3:1e:54:89:7c:ae:5c:aa:
         12:eb:a6:e1:b4:1e:0c:ce:e4:18:fb:46:0e:97:5d:2f:5a:00:
         59:c2:21:9a:47:99:b8:69:3c:45:ec:f3:b0:fc:ca:0f:db:d6:
         bb:10:f0:00:cb:b5:46:4c:9c:b2:62:34:81:a4:8d:46:1d:58:
         29:3d:6f:3e:ac:71:12:ce:01:da:cc:72:f9:b6:b2:87:c1:8f:
         00:13:59:f7:b4:7b:15:37:6f:52:40:c8:05:56:50:7d:28:b5:
         3e:ec:75:e4:58:19:7e:f0:12:d1:20:7c:e6:f0:c4:83:8d:1a:
         ad:02:fa:00:ea:72:62:64:d2:f2:77:95:04:ae:3a:cc:fe:7d:
         fe:f7:cf:73:16:00:68:e2:f8:3a:03:9b:81:4f:9a:01:1f:1b:
         14:f5:01:54:9c:0d:f6:d6:ab:ee:9d:c5:93:46:3d:7b:15:f5:
         28:63:71:05:31:93:40:94:6d:9f:7d:3a:5e:6c:f5:23:2e:14:
         2d:6f:49:0e:89:4b:01:f7:c3:6b:12:fe:c8:4b:b9:e7:29:42:
         46:60:93:e2:2b:62:5f:58:f1:f8:32:c6:36:08:b8:22:ef:07:
         a7:99:9a:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT7gkqGlrKnTuYYS4ICM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjUwODIzMTkwMjM5WhcNMjUwODI0MTkwMjM5WjAzMTEwLwYDVQQD
EyhmODYzNzBiZTJlOTJhNjU3MjQ2NjJkNTc1ZmY1MGFhNmJkODk2YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxAgBkLOqouRckAjmJQ8p4k59TE1
TtYinZj/a9dATBiwgsL4BpLqqgkwVJpclfvf9MOOpPZcgszOnyRIZFp6gRRS4cPz
+Vq47T1yW4GXoiMYmyd28k9/YwFRmqNZDeOabJ7hTmG32F7wRzNkwTFGgecksPqT
AMbBsnmh4wDLPHJ0wbC15CizRMTWUNFHG2VUXShJ3nODd7VTrfT6vCGR9fzt2siF
ldS8xTkRbKLJ9C6rSTI8R1oStsuURSI1qDMcOFXWsqMP0DzQVMIV34CS/eFUSV0L
ZDCjAkG06T1Gqej8uU2ULPLZieLb5LdYm3+7dX9ikxXY3kMpBvOih5E0OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhjcL4ukqZXJGYtV1/1Cqa9iWv3MB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6g0LC4K
ruq2v3PSk7GWblLbErYlbtk1zYkIivMeVIl8rlyqEuum4bQeDM7kGPtGDpddL1oA
WcIhmkeZuGk8RezzsPzKD9vWuxDwAMu1RkycsmI0gaSNRh1YKT1vPqxxEs4B2sxy
+bayh8GPABNZ97R7FTdvUkDIBVZQfSi1Pux15FgZfvAS0SB85vDEg40arQL6AOpy
YmTS8neVBK46zP59/vfPcxYAaOL4OgObgU+aAR8bFPUBVJwN9tar7p3Fk0Y9exX1
KGNxBTGTQJRtn306Xmz1Iy4ULW9JDolLAffDaxL+yEu55ylCRmCT4itiX1jx+DLG
Ngi4Iu8Hp5maog==
-----END CERTIFICATE-----