Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          oGwpmh+2W2T+9DfWfHxdmvhBy0nRxEIFAslMinfF4ow=
Subject key identifier:   84:6C:24:BC:A9:D1:0C:B5:42:FD:00:F1:D5:B2:24:9C:CA:A8:55:F4
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       0196B7B5B3567415A29BC86DD0E3EBF6D087
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          134C
Signing time:             Sat 10 May 2025 01:01:00 +0000
Manifest this update:     Sat 10 May 2025 01:01:00 +0000
Manifest next update:     Sun 11 May 2025 01:01:00 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: 7mB2SL6Co4lqD1XBtUkpvDmRVBtZPgz3QTMLpJQ5hGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 01:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:b5:b3:56:74:15:a2:9b:c8:6d:d0:e3:eb:f6:d0:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: May 10 01:01:00 2025 GMT
            Not After : May 11 01:01:00 2025 GMT
        Subject: CN=846c24bca9d10cb542fd00f1d5b2249ccaa855f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:87:d2:6b:e3:22:af:25:6b:d1:e1:e8:4b:df:
                    39:9c:38:74:f0:a3:f4:2d:f4:7d:76:30:ca:08:b7:
                    10:14:3d:59:6c:5b:e5:06:9b:f6:5a:b0:96:e5:13:
                    c4:3a:ff:c0:37:14:63:e3:33:d7:c1:a4:f8:0a:ed:
                    99:27:a5:c2:51:8f:d4:ec:eb:c4:0d:98:a3:f7:36:
                    5a:93:00:26:96:8a:96:3b:f9:74:e5:78:4a:25:2f:
                    f2:b0:b7:48:59:00:09:59:95:26:e4:3c:4d:12:4a:
                    e8:fa:6f:e4:e6:b5:78:89:8a:92:d1:43:c7:22:95:
                    0f:4a:f4:95:25:b5:de:0b:4e:24:53:64:6d:36:04:
                    58:b7:a0:0d:b6:79:91:be:f5:fa:1d:01:bd:0f:36:
                    cd:61:54:f1:c8:13:39:03:6e:43:13:8f:9b:43:94:
                    ec:fc:a7:06:e1:19:1a:c3:52:e9:32:7e:10:67:15:
                    97:94:d6:e0:96:8b:11:bc:15:a8:0f:2d:d4:f9:dd:
                    f4:53:0c:cb:7e:50:5f:25:a4:8f:13:c1:10:cd:81:
                    9f:43:4a:d7:bf:8d:2f:37:09:88:44:a7:ca:03:8a:
                    a8:bc:6a:25:4f:ec:5c:bc:c8:1c:47:3a:ba:27:ec:
                    32:4f:22:55:0f:75:0b:61:7f:c1:41:9d:36:30:14:
                    63:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6C:24:BC:A9:D1:0C:B5:42:FD:00:F1:D5:B2:24:9C:CA:A8:55:F4
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:a3:39:a7:16:19:74:31:64:70:ac:7a:59:1f:7f:10:71:2a:
         65:ec:ac:85:a3:1d:64:23:8a:c0:08:d6:e1:4b:f6:f1:99:3a:
         e4:32:33:10:1c:8a:9c:c2:9d:54:c2:76:1f:ae:2f:cf:25:33:
         e6:d6:c3:00:64:cb:f8:f9:71:22:1d:de:d6:80:0e:ab:5e:bd:
         1f:3a:ac:cd:6d:f2:59:43:4c:8a:2d:e9:f7:9f:3f:f8:7d:3d:
         6f:37:c1:85:a3:5b:cf:2e:88:37:7c:b3:41:33:d3:c0:02:7e:
         4c:49:01:b0:1c:b6:3c:64:2b:fe:f3:c2:ca:9e:45:c6:ae:39:
         83:46:b0:70:cc:42:cf:22:5b:3d:99:b3:97:d7:1a:2c:ec:95:
         1d:4b:be:68:8d:70:c9:72:ba:2c:5c:94:41:ee:dd:19:c7:99:
         af:b9:a5:25:1a:42:91:82:25:33:2c:f6:66:ab:66:fb:5f:70:
         f0:93:70:dc:79:cb:63:24:12:1a:51:d6:c5:0a:a0:f1:a7:f7:
         e8:e0:75:02:7b:26:d4:78:41:ad:43:90:97:7b:f1:8c:59:a2:
         3d:53:ca:43:fb:6f:b5:22:64:2c:8b:96:e2:80:d1:4b:8d:5b:
         ba:49:c9:98:b3:6a:ed:13:cd:af:eb:4c:fa:45:70:01:16:57:
         ec:3e:e5:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3tbNWdBWim8ht0OPr9tCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwNTEwMDEwMTAwWhcNMjUwNTExMDEwMTAwWjAzMTEwLwYDVQQD
Eyg4NDZjMjRiY2E5ZDEwY2I1NDJmZDAwZjFkNWIyMjQ5Y2NhYTg1NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyofSa+MiryVr0eHoS985nDh08KP0
LfR9djDKCLcQFD1ZbFvlBpv2WrCW5RPEOv/ANxRj4zPXwaT4Cu2ZJ6XCUY/U7OvE
DZij9zZakwAmloqWO/l05XhKJS/ysLdIWQAJWZUm5DxNEkro+m/k5rV4iYqS0UPH
IpUPSvSVJbXeC04kU2RtNgRYt6ANtnmRvvX6HQG9DzbNYVTxyBM5A25DE4+bQ5Ts
/KcG4Rkaw1LpMn4QZxWXlNbglosRvBWoDy3U+d30UwzLflBfJaSPE8EQzYGfQ0rX
v40vNwmIRKfKA4qovGolT+xcvMgcRzq6J+wyTyJVD3ULYX/BQZ02MBRjcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRsJLyp0Qy1Qv0A8dWyJJzKqFX0MB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqM5pxYZ
dDFkcKx6WR9/EHEqZeyshaMdZCOKwAjW4Uv28Zk65DIzEByKnMKdVMJ2H64vzyUz
5tbDAGTL+PlxIh3e1oAOq169HzqszW3yWUNMii3p958/+H09bzfBhaNbzy6IN3yz
QTPTwAJ+TEkBsBy2PGQr/vPCyp5Fxq45g0awcMxCzyJbPZmzl9caLOyVHUu+aI1w
yXK6LFyUQe7dGceZr7mlJRpCkYIlMyz2Zqtm+19w8JNw3HnLYyQSGlHWxQqg8af3
6OB1Ansm1HhBrUOQl3vxjFmiPVPKQ/tvtSJkLIuW4oDRS41buknJmLNq7RPNr+tM
+kVwARZX7D7lxA==
-----END CERTIFICATE-----