Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
File:                     Zr5SEJO7idx2JQsif39_umbiKNg.mft (raw, json)
Hash identifier:          BVNrM8TXulAOtlecqQlVHM6XnoGbKRV+smDo1tCrdcY=
Subject key identifier:   E0:2D:E0:7D:57:E5:BE:0E:08:20:46:45:DA:97:90:E0:8E:08:86:52
Authority key identifier: 66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8
Certificate issuer:       /CN=66be521093bb89dc76250b227f7f7fba66e228d8
Certificate serial:       0198D4E06568D1B1BCC0C62197D260746ED4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
Manifest number:          019D
Signing time:             Sat 23 Aug 2025 03:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:12 +0000
Files and hashes:         1: Zr5SEJO7idx2JQsif39_umbiKNg.crl (hash: rb98GP5xMc6QYMCs/QVJvUPI2QUukPELiWDBqoCH2K0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:65:68:d1:b1:bc:c0:c6:21:97:d2:60:74:6e:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66be521093bb89dc76250b227f7f7fba66e228d8
        Validity
            Not Before: Aug 23 03:02:12 2025 GMT
            Not After : Aug 24 03:02:12 2025 GMT
        Subject: CN=e02de07d57e5be0e08204645da9790e08e088652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:80:27:f5:45:8a:62:41:76:2b:ad:c1:f6:44:
                    f9:0b:ce:54:38:da:b5:25:45:28:f1:32:9d:fe:46:
                    c6:d0:4f:ed:91:20:ad:f1:05:e3:19:bc:9b:02:fc:
                    bc:d9:0a:fe:c1:be:13:0b:06:af:1a:b3:58:cd:c3:
                    26:bf:ef:f1:7f:75:c0:50:fa:93:59:24:e2:21:4c:
                    cc:9d:68:62:a0:42:a9:43:f6:43:57:ac:71:5e:53:
                    53:a7:12:a9:c0:b4:8a:bb:06:8d:6a:40:44:32:b0:
                    80:0c:63:5a:7a:5d:45:20:72:b3:50:72:ce:17:ea:
                    b4:9e:97:6f:6a:43:cb:97:1c:b1:ed:ff:ff:95:37:
                    3c:c1:71:12:df:5e:97:d4:2f:03:e2:b2:35:97:74:
                    5d:ff:29:28:5f:67:19:d1:00:06:77:a5:74:d1:20:
                    c6:6a:7e:19:c9:bc:fb:52:26:5e:d5:7b:2c:43:5a:
                    2b:cb:11:f8:28:ae:5c:02:b5:71:a0:97:54:e6:6b:
                    45:d3:07:8b:50:8e:79:23:e3:6a:a9:c7:09:ee:4a:
                    b1:e3:6b:c3:b5:14:1b:57:9d:a8:74:61:40:49:ae:
                    f5:33:d9:6a:f3:91:b6:0b:44:01:6f:18:e1:4c:77:
                    0f:ee:8e:5a:0c:1d:05:ea:5a:ad:c5:fb:2f:54:f3:
                    24:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:2D:E0:7D:57:E5:BE:0E:08:20:46:45:DA:97:90:E0:8E:08:86:52
            X509v3 Authority Key Identifier:
                keyid:66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:69:cb:eb:50:ed:bf:56:5a:d3:45:73:84:92:7e:54:7a:f0:
         13:38:b8:c3:9e:ac:cc:84:ca:b7:ab:8b:2b:53:3a:55:79:b9:
         e0:38:7c:29:59:1f:42:c3:e9:3b:3a:8d:a4:ad:97:b9:1f:48:
         58:5c:be:15:2a:41:95:b3:92:50:f3:cf:cc:35:dd:fe:cc:3c:
         6c:b5:a3:3f:a2:ac:48:30:3d:9c:80:dc:34:5a:3f:b8:88:b2:
         fe:86:8d:60:35:70:51:00:07:5e:02:98:e8:27:30:52:22:52:
         16:39:c8:52:f8:d1:51:d2:35:5d:fa:ef:11:53:e6:3d:77:ea:
         df:63:00:61:c8:fd:67:cc:f4:f4:6e:0a:aa:84:b3:b4:83:f4:
         dd:62:b5:13:81:f9:24:f1:37:92:96:45:8e:14:e7:d4:77:b1:
         a1:19:3f:09:e3:93:51:d9:19:be:b4:d5:73:22:32:18:31:e1:
         61:2e:83:ce:7b:88:2c:28:07:32:b9:cf:27:39:e7:e0:aa:ec:
         67:28:28:37:e0:05:f8:b2:33:ca:35:ca:c0:80:2b:51:46:5d:
         47:22:40:66:f1:21:e4:ec:13:38:d5:61:27:f3:f7:be:cd:62:
         0b:cb:7d:61:3e:21:5e:3d:76:17:04:d2:9e:49:9a:95:50:22:
         fc:eb:9a:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4GVo0bG8wMYhl9JgdG7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmU1MjEwOTNiYjg5ZGM3NjI1MGIyMjdmN2Y3ZmJhNjZl
MjI4ZDgwHhcNMjUwODIzMDMwMjEyWhcNMjUwODI0MDMwMjEyWjAzMTEwLwYDVQQD
EyhlMDJkZTA3ZDU3ZTViZTBlMDgyMDQ2NDVkYTk3OTBlMDhlMDg4NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYAn9UWKYkF2K63B9kT5C85UONq1
JUUo8TKd/kbG0E/tkSCt8QXjGbybAvy82Qr+wb4TCwavGrNYzcMmv+/xf3XAUPqT
WSTiIUzMnWhioEKpQ/ZDV6xxXlNTpxKpwLSKuwaNakBEMrCADGNael1FIHKzUHLO
F+q0npdvakPLlxyx7f//lTc8wXES316X1C8D4rI1l3Rd/ykoX2cZ0QAGd6V00SDG
an4Zybz7UiZe1XssQ1oryxH4KK5cArVxoJdU5mtF0weLUI55I+NqqccJ7kqx42vD
tRQbV52odGFASa71M9lq85G2C0QBbxjhTHcP7o5aDB0F6lqtxfsvVPMkmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAt4H1X5b4OCCBGRdqXkOCOCIZSMB8GA1UdIwQY
MBaAFGa+UhCTu4ncdiULIn9/f7pm4ijYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDkt
OTAwMzBkMDQwZmY3LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDktOTAwMzBkMDQwZmY3
LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmnL61Dt
v1Za00VzhJJ+VHrwEzi4w56szITKt6uLK1M6VXm54Dh8KVkfQsPpOzqNpK2XuR9I
WFy+FSpBlbOSUPPPzDXd/sw8bLWjP6KsSDA9nIDcNFo/uIiy/oaNYDVwUQAHXgKY
6CcwUiJSFjnIUvjRUdI1XfrvEVPmPXfq32MAYcj9Z8z09G4KqoSztIP03WK1E4H5
JPE3kpZFjhTn1HexoRk/CeOTUdkZvrTVcyIyGDHhYS6DznuILCgHMrnPJznn4Krs
ZygoN+AF+LIzyjXKwIArUUZdRyJAZvEh5OwTONVhJ/P3vs1iC8t9YT4hXj12FwTS
nkmalVAi/Oua9Q==
-----END CERTIFICATE-----