Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
File:                     dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json)
Hash identifier:          P8ek4dv/ZPyS6o14EqmezRHMchNSvHU/PTgfA04v25Y=
Subject key identifier:   E7:F1:DF:7A:F8:45:67:68:33:7A:1A:AD:A0:A7:01:2A:89:58:57:26
Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C
Certificate issuer:       /CN=74f675a1679816793d5b30ad2f253f56c8e2445c
Certificate serial:       0196C49561EBDC6BC1B5242D25E076796FE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
Manifest number:          1533
Signing time:             Mon 12 May 2025 13:00:46 +0000
Manifest this update:     Mon 12 May 2025 13:00:46 +0000
Manifest next update:     Tue 13 May 2025 13:00:46 +0000
Files and hashes:         1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: lvTpNG14oqSOc2W50RcTfhttV+7lp1HpjDt5a0EVZ0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 13:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:95:61:eb:dc:6b:c1:b5:24:2d:25:e0:76:79:6f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c
        Validity
            Not Before: May 12 13:00:46 2025 GMT
            Not After : May 13 13:00:46 2025 GMT
        Subject: CN=e7f1df7af8456768337a1aada0a7012a89585726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:39:2e:25:cd:6c:dc:ca:b4:d4:21:6a:2a:8b:
                    b1:05:11:09:72:e9:fb:e2:e3:b7:c1:0f:6a:18:45:
                    8e:35:16:c5:1e:0a:bf:3e:8c:fc:2e:b0:d8:9f:b1:
                    64:2c:74:32:94:c0:ff:f9:17:73:f7:04:48:a3:42:
                    13:6d:3b:6b:8e:8d:01:e1:cc:cf:36:ce:00:98:2a:
                    e9:2f:fc:f5:85:a3:0b:63:4c:ee:14:9d:73:d7:4c:
                    c1:92:ae:6b:33:ad:fd:f1:59:20:84:f3:54:38:88:
                    f4:7b:9b:4f:5a:57:0c:a5:93:cf:4b:4e:5d:70:f9:
                    ee:15:80:91:91:1e:b1:69:3f:b2:68:ce:3a:1b:a2:
                    74:88:1c:75:54:50:bc:ac:66:2d:d1:55:5f:dd:16:
                    8b:b5:59:ca:fc:10:0f:08:a4:8d:bc:41:6e:1e:e3:
                    e0:fa:20:69:77:5c:e5:ac:28:a1:25:e5:87:17:e8:
                    f0:3f:c8:75:d3:ec:90:fa:d1:65:11:ea:ef:6d:8e:
                    59:c5:92:3a:10:29:e7:c3:9c:84:97:0c:73:60:d1:
                    65:0b:47:e4:d4:d5:3c:2c:7a:a6:63:1a:cd:1a:50:
                    80:6b:b0:06:d4:e1:2d:7b:7c:0d:1e:1c:6c:88:31:
                    f8:a3:dd:c7:6d:97:28:b6:5a:49:56:84:7c:7f:8c:
                    5c:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F1:DF:7A:F8:45:67:68:33:7A:1A:AD:A0:A7:01:2A:89:58:57:26
            X509v3 Authority Key Identifier:
                keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:fd:e8:09:87:b4:53:e7:c7:28:67:04:73:90:6c:db:c1:bf:
         cf:ce:a1:38:07:6f:72:13:24:13:a6:8b:3d:df:3c:7d:f8:26:
         31:ed:8a:ab:c1:f0:79:bc:8d:1d:06:2a:5a:d2:2b:98:63:cb:
         af:65:7b:1b:ef:d0:1d:c2:a2:2a:32:81:40:c1:4e:3d:fc:bc:
         35:e7:ec:00:bb:a0:33:fc:dc:f2:4e:e0:7c:62:ae:ad:72:17:
         6a:cd:ee:4a:09:a8:b2:f1:21:b1:a4:2b:dd:8a:85:79:75:b6:
         f5:61:b5:f7:b4:7e:4a:1f:17:f6:09:1e:3e:49:7b:b6:41:87:
         16:fd:6e:fa:14:9d:6c:29:eb:19:56:e7:fb:94:12:cc:5d:a5:
         86:1f:fe:17:6f:4a:cd:10:af:e3:7e:4b:02:b5:f9:44:85:22:
         6c:75:14:f6:3a:e1:6d:99:4c:50:e2:f9:4f:79:d1:3b:44:41:
         6a:1b:bb:6e:d4:37:fa:cb:7a:77:dc:74:17:31:6f:e7:ff:97:
         4e:26:85:7d:b9:cf:be:d4:15:fc:12:0e:5e:c6:05:e7:f7:e8:
         ac:18:36:f7:4b:59:e4:b0:63:62:a3:1d:81:b4:bc:6a:52:a5:
         94:ae:12:4a:9e:5e:57:3e:5f:79:c7:41:de:a8:64:91:69:51:
         5c:ea:63:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbElWHr3GvBtSQtJeB2eW/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl
MjQ0NWMwHhcNMjUwNTEyMTMwMDQ2WhcNMjUwNTEzMTMwMDQ2WjAzMTEwLwYDVQQD
EyhlN2YxZGY3YWY4NDU2NzY4MzM3YTFhYWRhMGE3MDEyYTg5NTg1NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDkuJc1s3Mq01CFqKouxBREJcun7
4uO3wQ9qGEWONRbFHgq/Poz8LrDYn7FkLHQylMD/+Rdz9wRIo0ITbTtrjo0B4czP
Ns4AmCrpL/z1haMLY0zuFJ1z10zBkq5rM6398VkghPNUOIj0e5tPWlcMpZPPS05d
cPnuFYCRkR6xaT+yaM46G6J0iBx1VFC8rGYt0VVf3RaLtVnK/BAPCKSNvEFuHuPg
+iBpd1zlrCihJeWHF+jwP8h10+yQ+tFlEervbY5ZxZI6ECnnw5yElwxzYNFlC0fk
1NU8LHqmYxrNGlCAa7AG1OEte3wNHhxsiDH4o93HbZcotlpJVoR8f4xcKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfx33r4RWdoM3oaraCnASqJWFcmMB8GA1UdIwQY
MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt
MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3
LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYv3oCYe0
U+fHKGcEc5Bs28G/z86hOAdvchMkE6aLPd88ffgmMe2Kq8HwebyNHQYqWtIrmGPL
r2V7G+/QHcKiKjKBQMFOPfy8NefsALugM/zc8k7gfGKurXIXas3uSgmosvEhsaQr
3YqFeXW29WG197R+Sh8X9gkePkl7tkGHFv1u+hSdbCnrGVbn+5QSzF2lhh/+F29K
zRCv435LArX5RIUibHUU9jrhbZlMUOL5T3nRO0RBahu7btQ3+st6d9x0FzFv5/+X
TiaFfbnPvtQV/BIOXsYF5/forBg290tZ5LBjYqMdgbS8alKllK4SSp5eVz5fecdB
3qhkkWlRXOpjZw==
-----END CERTIFICATE-----