Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          ZqbeoINQz8ljfzgSqgLKxfoluK1nusAI5faeRKZTeno=
Subject key identifier:   07:E7:6A:6D:F6:88:F9:72:AF:4D:7A:00:B5:80:F9:43:BE:A6:22:FD
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       0196A0893A3D887F429946CFDE7EDDDF4CAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0A28
Signing time:             Mon 05 May 2025 13:01:09 +0000
Manifest this update:     Mon 05 May 2025 13:01:09 +0000
Manifest next update:     Tue 06 May 2025 13:01:09 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: F4rG5tg1y48Hsv+xk/WEDU5FJvLEeR6PQcOp9hxMpXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:89:3a:3d:88:7f:42:99:46:cf:de:7e:dd:df:4c:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: May  5 13:01:09 2025 GMT
            Not After : May  6 13:01:09 2025 GMT
        Subject: CN=07e76a6df688f972af4d7a00b580f943bea622fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:45:37:5d:49:ea:1f:e7:fa:c2:ca:82:9f:ce:
                    92:22:4f:48:ed:33:46:ff:2f:59:df:e4:c8:c6:39:
                    ec:f3:33:e3:80:ec:8a:08:e8:8e:ae:eb:f2:c8:6c:
                    b3:db:50:c3:83:d4:be:3b:68:9b:81:52:98:72:5d:
                    68:c0:54:d4:6f:22:8e:65:2c:6c:82:e7:08:f5:86:
                    82:9e:da:62:60:13:45:65:30:07:47:33:a6:d4:e8:
                    60:ac:50:72:b5:ae:8c:a1:b7:5b:56:2c:c0:ca:02:
                    79:34:b9:90:90:4d:28:1a:e8:29:91:5f:4c:9f:8d:
                    ea:fe:f2:7a:24:e5:24:b3:aa:bb:dd:41:76:c3:19:
                    18:45:42:96:03:cf:91:a1:51:07:34:71:ef:07:0d:
                    4c:4a:43:82:b0:86:4d:2c:4e:15:ea:17:d8:b1:c1:
                    c9:85:4c:e1:4e:42:3e:2e:95:05:b0:39:f8:64:41:
                    50:7f:28:76:b5:ee:73:4f:8f:81:e0:ee:d4:cc:f1:
                    65:e2:67:61:50:41:71:a2:b7:dd:60:f0:cd:8b:37:
                    62:a9:73:d3:b3:8d:b0:f4:82:b2:a4:78:2a:dd:6b:
                    48:89:e5:fe:81:5e:86:20:e0:8f:56:65:12:f6:45:
                    c8:f1:9a:d6:13:e8:5d:3f:3b:32:2d:93:1a:16:04:
                    42:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:E7:6A:6D:F6:88:F9:72:AF:4D:7A:00:B5:80:F9:43:BE:A6:22:FD
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:aa:f8:97:d0:21:bd:2c:9f:a5:d9:fd:c5:5f:d6:e8:65:88:
         9a:66:6a:50:f8:c4:42:50:6b:68:b2:70:ac:6b:5e:7e:a2:25:
         a6:52:11:b7:f1:e0:bf:ed:6b:93:6f:ed:d4:97:62:99:5c:2c:
         3d:37:b4:5a:80:8c:86:ee:03:1d:ba:e1:f0:82:98:cf:61:be:
         7d:0d:74:48:26:fa:15:4e:bf:86:32:37:c5:86:90:71:59:fa:
         68:a1:f0:4f:04:24:35:f8:cc:3d:ba:05:67:ce:01:e5:fa:33:
         3e:49:c2:d4:90:47:5e:65:0d:e1:30:5a:d1:87:85:3d:da:f9:
         11:3b:03:09:d2:c0:41:7d:44:bb:d8:31:2f:76:59:0c:0b:af:
         7d:a9:25:d0:33:f7:0d:1b:5c:03:fe:fb:f0:17:9d:44:b0:9d:
         e4:d3:f0:b0:d6:cf:3a:8f:82:a7:b1:0b:0b:3d:ef:6c:1c:a3:
         41:22:f5:d4:0e:f3:c4:e8:ae:c4:8f:5b:ef:c0:43:26:c9:4b:
         32:fc:d4:4d:d4:23:cc:82:66:7d:7d:10:ff:7f:67:b2:0b:e2:
         3f:4e:6a:2d:f4:82:5c:16:6e:03:72:60:60:36:32:64:a2:6c:
         5a:29:5f:f7:93:a1:dc:67:25:52:38:5d:fc:d3:7b:11:17:6c:
         51:d5:3c:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiTo9iH9CmUbP3n7d30ysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjUwNTA1MTMwMTA5WhcNMjUwNTA2MTMwMTA5WjAzMTEwLwYDVQQD
EygwN2U3NmE2ZGY2ODhmOTcyYWY0ZDdhMDBiNTgwZjk0M2JlYTYyMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0U3XUnqH+f6wsqCn86SIk9I7TNG
/y9Z3+TIxjns8zPjgOyKCOiOruvyyGyz21DDg9S+O2ibgVKYcl1owFTUbyKOZSxs
gucI9YaCntpiYBNFZTAHRzOm1OhgrFByta6MobdbVizAygJ5NLmQkE0oGugpkV9M
n43q/vJ6JOUks6q73UF2wxkYRUKWA8+RoVEHNHHvBw1MSkOCsIZNLE4V6hfYscHJ
hUzhTkI+LpUFsDn4ZEFQfyh2te5zT4+B4O7UzPFl4mdhUEFxorfdYPDNizdiqXPT
s42w9IKypHgq3WtIieX+gV6GIOCPVmUS9kXI8ZrWE+hdPzsyLZMaFgRCmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfnam32iPlyr016ALWA+UO+piL9MB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU6r4l9Ah
vSyfpdn9xV/W6GWImmZqUPjEQlBraLJwrGtefqIlplIRt/Hgv+1rk2/t1JdimVws
PTe0WoCMhu4DHbrh8IKYz2G+fQ10SCb6FU6/hjI3xYaQcVn6aKHwTwQkNfjMPboF
Z84B5fozPknC1JBHXmUN4TBa0YeFPdr5ETsDCdLAQX1Eu9gxL3ZZDAuvfakl0DP3
DRtcA/778BedRLCd5NPwsNbPOo+Cp7ELCz3vbByjQSL11A7zxOiuxI9b78BDJslL
MvzUTdQjzIJmfX0Q/39nsgviP05qLfSCXBZuA3JgYDYyZKJsWilf95Oh3GclUjhd
/NN7ERdsUdU8dA==
-----END CERTIFICATE-----