Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          RLD40eCvFsvcT0PQVpeKHEwn9/1GaoPxcVLBTd846Zk=
Subject key identifier:   DA:3C:52:48:76:82:61:EE:7C:C6:BA:32:0C:1C:DF:F9:D7:BE:45:F7
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       0196BB91D235F873FA67524236AEA3F811E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0CCB
Signing time:             Sat 10 May 2025 19:00:17 +0000
Manifest this update:     Sat 10 May 2025 19:00:17 +0000
Manifest next update:     Sun 11 May 2025 19:00:17 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: ywIQzTw1VAwAsDywWTUA06VZD1T9QmJ+wTeQgGeOBzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:d2:35:f8:73:fa:67:52:42:36:ae:a3:f8:11:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: May 10 19:00:17 2025 GMT
            Not After : May 11 19:00:17 2025 GMT
        Subject: CN=da3c5248768261ee7cc6ba320c1cdff9d7be45f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7c:fa:e4:67:2b:a2:c2:f8:4e:64:08:b0:1a:
                    b2:b5:79:fc:78:d8:e3:c4:3e:3d:fb:08:fe:a9:bd:
                    c2:dc:72:30:7f:f4:c4:22:35:33:44:a1:f9:15:30:
                    08:74:da:e4:50:b5:f5:cc:36:f7:76:36:2a:53:05:
                    54:b7:26:72:5f:b8:d2:97:48:81:ef:90:42:eb:7c:
                    fc:19:7a:4b:e9:36:9e:d4:0d:57:6e:5e:5a:be:25:
                    93:50:44:31:b4:65:ba:95:8f:67:bd:96:21:ad:14:
                    6d:bd:4c:e4:dc:e2:5a:74:ad:be:7c:d8:71:1a:ee:
                    ec:d1:e0:07:e7:89:33:ae:a9:ce:90:78:83:bb:2d:
                    da:a6:2c:dd:5d:1b:06:5e:49:4a:54:0f:79:0f:2d:
                    56:26:08:c3:40:11:4e:a6:80:2c:5e:d4:1b:03:78:
                    ea:a6:81:81:b0:10:79:63:6c:a3:e7:a4:65:7d:96:
                    d0:04:42:47:67:01:44:0e:5a:52:9a:95:03:92:c4:
                    66:92:dd:81:c3:7d:fd:28:78:70:ab:79:da:01:04:
                    1a:9f:e3:51:45:a3:2a:2a:3d:21:d5:a3:4a:b0:09:
                    a2:b9:d6:30:45:25:85:7c:20:2a:48:85:7b:91:b2:
                    95:ce:b8:7a:2f:9d:42:f2:45:e7:4c:13:ec:50:b0:
                    42:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:3C:52:48:76:82:61:EE:7C:C6:BA:32:0C:1C:DF:F9:D7:BE:45:F7
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:cf:cc:40:4d:66:13:dc:59:52:1c:98:4f:eb:e2:96:ee:65:
         f7:e6:f9:55:6b:09:9a:26:97:1c:48:7c:5d:e7:25:cc:00:8b:
         42:78:4c:ee:bc:11:2e:25:7e:03:83:db:a2:56:6b:7d:ab:b1:
         3a:29:83:57:b4:97:60:49:00:38:26:26:66:a3:1e:a0:7b:67:
         5c:e0:61:c5:2f:eb:7a:8f:24:b6:05:8b:3f:22:b3:a7:52:c5:
         ab:eb:ed:e3:50:46:9b:37:53:9f:71:eb:ff:53:79:56:89:0d:
         22:a8:8e:51:49:ca:ee:a2:47:b5:ff:56:d8:66:96:c0:02:4c:
         23:cf:af:a0:02:b0:a9:69:7d:38:56:ce:e7:f4:1b:4a:f0:2e:
         40:de:a9:d5:62:f4:ed:ab:b8:b3:c5:26:3c:1d:d2:c5:b6:8b:
         2d:ac:e6:ca:4b:f4:0b:1e:fc:13:91:45:c1:34:02:a4:2d:c8:
         0f:f1:19:15:a2:4e:d1:25:fa:eb:09:64:91:f5:bf:ee:65:ab:
         b4:69:0a:77:c3:b7:83:81:fa:8f:7a:bf:c5:d7:32:58:f3:24:
         dd:93:fe:3e:33:a0:d7:0e:1b:6f:3a:42:d5:13:46:e6:cc:5c:
         70:33:36:86:d3:c4:28:68:8c:bc:f8:83:61:29:10:e1:4c:ad:
         6f:7a:52:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kdI1+HP6Z1JCNq6j+BHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUwNTEwMTkwMDE3WhcNMjUwNTExMTkwMDE3WjAzMTEwLwYDVQQD
EyhkYTNjNTI0ODc2ODI2MWVlN2NjNmJhMzIwYzFjZGZmOWQ3YmU0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hz65GcrosL4TmQIsBqytXn8eNjj
xD49+wj+qb3C3HIwf/TEIjUzRKH5FTAIdNrkULX1zDb3djYqUwVUtyZyX7jSl0iB
75BC63z8GXpL6Tae1A1Xbl5aviWTUEQxtGW6lY9nvZYhrRRtvUzk3OJadK2+fNhx
Gu7s0eAH54kzrqnOkHiDuy3apizdXRsGXklKVA95Dy1WJgjDQBFOpoAsXtQbA3jq
poGBsBB5Y2yj56RlfZbQBEJHZwFEDlpSmpUDksRmkt2Bw339KHhwq3naAQQan+NR
RaMqKj0h1aNKsAmiudYwRSWFfCAqSIV7kbKVzrh6L51C8kXnTBPsULBCTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNo8Ukh2gmHufMa6Mgwc3/nXvkX3MB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsc/MQE1m
E9xZUhyYT+vilu5l9+b5VWsJmiaXHEh8XeclzACLQnhM7rwRLiV+A4PbolZrfaux
OimDV7SXYEkAOCYmZqMeoHtnXOBhxS/reo8ktgWLPyKzp1LFq+vt41BGmzdTn3Hr
/1N5VokNIqiOUUnK7qJHtf9W2GaWwAJMI8+voAKwqWl9OFbO5/QbSvAuQN6p1WL0
7au4s8UmPB3SxbaLLazmykv0Cx78E5FFwTQCpC3ID/EZFaJO0SX66wlkkfW/7mWr
tGkKd8O3g4H6j3q/xdcyWPMk3ZP+PjOg1w4bbzpC1RNG5sxccDM2htPEKGiMvPiD
YSkQ4Uytb3pSYA==
-----END CERTIFICATE-----