Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          x/j+6XjQmxbRIpgdmwshAquoH1IsYkBui2xphwzw0b0=
Subject key identifier:   B6:2A:32:E3:BB:6B:CF:D4:C4:30:37:2B:A3:19:CE:BF:CC:D0:82:F8
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       0197B6A06B3E99AB38F59DD1B59ADC1AF463
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0E1D
Signing time:             Sat 28 Jun 2025 13:00:55 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:55 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:55 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: kJm7ao8I5X7N7RaXdbwp7RGaito/BabWft7Me713OoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:6b:3e:99:ab:38:f5:9d:d1:b5:9a:dc:1a:f4:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Jun 28 13:00:55 2025 GMT
            Not After : Jun 29 13:00:55 2025 GMT
        Subject: CN=b62a32e3bb6bcfd4c430372ba319cebfccd082f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c5:67:1d:12:cd:fc:78:27:71:19:3a:7e:b5:
                    a0:83:fc:43:d2:21:d1:08:68:40:5b:91:67:c9:b0:
                    4b:ed:d0:23:f8:ae:d5:81:56:24:4b:48:0f:ba:0d:
                    44:ff:47:f6:66:28:28:66:47:35:80:84:8e:3f:ca:
                    09:02:17:48:0f:f5:d8:8d:07:47:56:20:87:6e:78:
                    a2:2b:68:2d:eb:94:4c:73:8f:ec:db:6f:aa:f9:db:
                    99:8c:f8:6b:66:6f:39:e8:7f:56:a4:a4:3c:2e:bc:
                    34:7c:7e:e4:da:eb:9b:db:ef:1f:39:b0:0c:67:c2:
                    a0:c7:72:ff:6e:a5:c7:70:ec:3e:49:68:b4:fa:58:
                    42:0e:fd:33:bf:68:cf:2f:34:ee:65:eb:30:32:7b:
                    04:6a:d2:8f:f7:bf:e8:47:9d:39:47:d9:72:cf:c0:
                    05:9c:ce:13:5b:32:c2:20:25:95:7a:ee:ca:c0:45:
                    c6:b6:7a:5d:92:17:e5:9c:0b:68:6f:c1:19:88:c7:
                    21:76:f1:ec:3a:cf:14:81:0a:64:44:cd:b1:42:d6:
                    1d:65:4e:ef:3d:ff:34:36:92:a4:bc:8b:58:13:d6:
                    96:14:dc:e7:fa:2b:bc:18:e6:6e:ff:48:8d:95:b7:
                    89:a1:1b:e0:51:c1:84:e2:88:84:3f:27:6b:68:2f:
                    fc:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:2A:32:E3:BB:6B:CF:D4:C4:30:37:2B:A3:19:CE:BF:CC:D0:82:F8
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:32:85:81:d7:7f:55:98:9e:2d:43:db:8b:dd:99:a3:44:44:
         f4:fc:01:ee:02:ad:0b:2f:0a:8b:80:4b:85:b6:c8:2d:c4:7f:
         d6:de:25:6b:37:88:21:30:65:28:89:ad:33:e9:ae:50:30:4a:
         8c:81:71:d2:cf:7d:00:a1:0f:aa:96:35:15:95:9b:f1:25:0f:
         b5:b3:84:c1:c3:4a:bf:2c:c6:08:64:20:9a:db:0c:0a:d0:da:
         2e:8c:f3:e6:18:28:17:a3:53:ab:a8:e5:72:52:ee:6a:91:53:
         81:2e:f7:f3:1e:95:50:bc:4c:70:b9:91:fc:bd:bf:43:ea:e8:
         b1:5a:8d:f7:6e:b3:bd:a2:87:58:a2:e2:b3:39:9a:88:57:13:
         73:2f:c6:17:8a:76:fd:a0:64:a5:8a:f1:d4:6c:80:4a:fa:c3:
         72:98:28:eb:df:37:b8:83:bf:fc:bc:48:0b:d2:91:f1:b5:56:
         8a:83:3a:4a:9d:43:59:66:4a:2b:bb:f3:4f:01:d3:4f:3a:ca:
         3d:22:da:6d:ed:4f:fa:eb:8c:bf:15:45:c2:4e:ab:0b:9a:5d:
         7c:d8:ac:70:b9:92:4f:64:d2:92:e6:fc:df:9a:b4:cd:df:8d:
         e4:fc:35:75:17:21:7f:17:06:43:bf:00:e2:2d:e2:b7:f6:ba:
         ba:f4:41:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oGs+mas49Z3RtZrcGvRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUwNjI4MTMwMDU1WhcNMjUwNjI5MTMwMDU1WjAzMTEwLwYDVQQD
EyhiNjJhMzJlM2JiNmJjZmQ0YzQzMDM3MmJhMzE5Y2ViZmNjZDA4MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8VnHRLN/HgncRk6frWgg/xD0iHR
CGhAW5FnybBL7dAj+K7VgVYkS0gPug1E/0f2ZigoZkc1gISOP8oJAhdID/XYjQdH
ViCHbniiK2gt65RMc4/s22+q+duZjPhrZm856H9WpKQ8Lrw0fH7k2uub2+8fObAM
Z8Kgx3L/bqXHcOw+SWi0+lhCDv0zv2jPLzTuZeswMnsEatKP97/oR505R9lyz8AF
nM4TWzLCICWVeu7KwEXGtnpdkhflnAtob8EZiMchdvHsOs8UgQpkRM2xQtYdZU7v
Pf80NpKkvItYE9aWFNzn+iu8GOZu/0iNlbeJoRvgUcGE4oiEPydraC/8cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYqMuO7a8/UxDA3K6MZzr/M0IL4MB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwDKFgdd/
VZieLUPbi92Zo0RE9PwB7gKtCy8Ki4BLhbbILcR/1t4lazeIITBlKImtM+muUDBK
jIFx0s99AKEPqpY1FZWb8SUPtbOEwcNKvyzGCGQgmtsMCtDaLozz5hgoF6NTq6jl
clLuapFTgS738x6VULxMcLmR/L2/Q+rosVqN926zvaKHWKLiszmaiFcTcy/GF4p2
/aBkpYrx1GyASvrDcpgo6983uIO//LxIC9KR8bVWioM6Sp1DWWZKK7vzTwHTTzrK
PSLabe1P+uuMvxVFwk6rC5pdfNiscLmST2TSkub835q0zd+N5Pw1dRchfxcGQ78A
4i3it/a6uvRBSA==
-----END CERTIFICATE-----