Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
File:                     dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json)
Hash identifier:          ahrtf1p0OD79N0+HNUmSx1iV5A9oxVFKvRi1W/rT734=
Subject key identifier:   C3:CC:9F:3D:CD:97:00:81:9E:24:24:1B:70:D7:21:1C:9C:39:0E:F9
Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF
Certificate issuer:       /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
Certificate serial:       0197CBDF82C2EC38CDEA2CF0DD7105BBDC0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
Manifest number:          07E9
Signing time:             Wed 02 Jul 2025 16:01:52 +0000
Manifest this update:     Wed 02 Jul 2025 16:01:52 +0000
Manifest next update:     Thu 03 Jul 2025 16:01:52 +0000
Files and hashes:         1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: L0V/nyfcsgf04J831BhalneruwTBiymoR+phCLL/Fa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:df:82:c2:ec:38:cd:ea:2c:f0:dd:71:05:bb:dc:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
        Validity
            Not Before: Jul  2 16:01:52 2025 GMT
            Not After : Jul  3 16:01:52 2025 GMT
        Subject: CN=c3cc9f3dcd9700819e24241b70d7211c9c390ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e3:72:c6:22:58:c1:3f:23:fc:e7:1a:60:1d:
                    a0:1f:54:04:fc:fe:38:47:98:d2:74:b2:53:17:32:
                    dd:9f:0a:4b:5c:08:58:43:35:c0:8e:21:5b:fe:88:
                    c4:88:71:ad:7c:6b:53:df:10:8f:4f:66:1e:6f:0a:
                    16:e9:ef:86:ad:92:39:4b:b4:f6:0c:e3:3e:12:93:
                    59:45:a9:1c:c2:e6:62:bd:91:d9:f0:82:ae:4d:be:
                    74:a5:42:3d:2c:6d:e1:0c:06:e6:06:66:94:13:fe:
                    fa:89:6b:5f:1f:de:54:3c:a8:0d:96:15:03:1c:cc:
                    16:6e:0d:62:95:f7:27:1d:5e:8d:7b:db:4f:67:93:
                    33:0d:ba:24:b2:8c:55:ba:85:53:5a:ac:78:56:d6:
                    e4:13:c8:d5:03:ce:91:4f:60:18:21:af:0e:dc:91:
                    68:d8:fd:c9:c7:64:47:7d:e1:8c:f5:f6:1f:a0:27:
                    bb:54:64:a5:b0:43:76:86:40:43:8d:40:ba:52:7f:
                    ab:78:57:90:0d:2c:9f:f7:36:f1:4b:97:41:a9:f1:
                    22:5a:19:78:78:10:70:d9:03:be:cc:e3:2f:69:ef:
                    9d:64:c5:3a:4d:e6:be:4b:36:3f:38:23:e4:9f:de:
                    34:bd:a2:08:b5:69:e2:30:ea:06:1a:c5:77:a4:79:
                    6a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:CC:9F:3D:CD:97:00:81:9E:24:24:1B:70:D7:21:1C:9C:39:0E:F9
            X509v3 Authority Key Identifier:
                keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:5b:fa:84:cb:0e:87:27:5b:12:a1:1e:5a:d4:01:8c:ee:da:
         a5:30:9b:e7:04:b3:12:a7:47:b8:f7:13:7d:24:54:f0:21:71:
         1a:30:b3:4c:4e:29:4c:a1:91:79:de:45:a8:f1:b5:08:d1:36:
         fa:2f:d1:4e:ad:09:c3:ab:a2:cc:48:f6:ae:56:13:00:7a:21:
         13:24:d7:8e:75:6d:15:ef:15:7d:28:83:fb:56:66:10:3c:ce:
         75:f8:6f:58:42:d1:be:58:fa:08:be:85:fd:ca:d9:56:4f:ed:
         f3:3b:4c:0a:07:3f:8e:43:0a:90:09:c2:c4:43:e6:9a:73:34:
         00:49:5d:84:ff:70:fe:ed:03:d7:dc:92:9f:7f:f6:9e:98:d9:
         cf:61:ec:c2:af:72:55:e1:23:71:d6:d5:ba:66:0a:ce:37:80:
         78:b7:4e:e5:91:c6:04:49:b6:39:92:e3:9b:a1:6b:38:6d:99:
         f7:cc:4a:d3:45:ed:0a:81:3a:55:ce:11:fd:2e:62:95:a0:3b:
         7c:2d:76:b9:57:b5:87:af:48:21:f5:a4:ff:97:97:dd:34:4a:
         f9:ef:e4:b7:d7:55:df:9b:7c:26:15:ae:7c:87:af:0b:3c:6f:
         96:4c:cc:02:b6:b6:4c:64:0a:8b:20:8d:9f:0a:35:56:cf:c3:
         9d:34:61:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL34LC7DjN6izw3XEFu9wNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2
OGUxY2YwHhcNMjUwNzAyMTYwMTUyWhcNMjUwNzAzMTYwMTUyWjAzMTEwLwYDVQQD
EyhjM2NjOWYzZGNkOTcwMDgxOWUyNDI0MWI3MGQ3MjExYzljMzkwZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+NyxiJYwT8j/OcaYB2gH1QE/P44
R5jSdLJTFzLdnwpLXAhYQzXAjiFb/ojEiHGtfGtT3xCPT2YebwoW6e+GrZI5S7T2
DOM+EpNZRakcwuZivZHZ8IKuTb50pUI9LG3hDAbmBmaUE/76iWtfH95UPKgNlhUD
HMwWbg1ilfcnHV6Ne9tPZ5MzDboksoxVuoVTWqx4VtbkE8jVA86RT2AYIa8O3JFo
2P3Jx2RHfeGM9fYfoCe7VGSlsEN2hkBDjUC6Un+reFeQDSyf9zbxS5dBqfEiWhl4
eBBw2QO+zOMvae+dZMU6Tea+SzY/OCPkn940vaIItWniMOoGGsV3pHlqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPMnz3NlwCBniQkG3DXIRycOQ75MB8GA1UdIwQY
MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt
MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl
LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVv6hMsO
hydbEqEeWtQBjO7apTCb5wSzEqdHuPcTfSRU8CFxGjCzTE4pTKGRed5FqPG1CNE2
+i/RTq0Jw6uizEj2rlYTAHohEyTXjnVtFe8VfSiD+1ZmEDzOdfhvWELRvlj6CL6F
/crZVk/t8ztMCgc/jkMKkAnCxEPmmnM0AEldhP9w/u0D19ySn3/2npjZz2Hswq9y
VeEjcdbVumYKzjeAeLdO5ZHGBEm2OZLjm6FrOG2Z98xK00XtCoE6Vc4R/S5ilaA7
fC12uVe1h69IIfWk/5eX3TRK+e/kt9dV35t8JhWufIevCzxvlkzMAra2TGQKiyCN
nwo1Vs/DnTRhcA==
-----END CERTIFICATE-----