Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
File:                     _ZTgRMvlw1KV-rxEWALakFgTtzI.mft (raw, json)
Hash identifier:          O+0aVoE5PBcKraXioEOV+MvgCjhn3FJhLnijJtR8kP8=
Subject key identifier:   B9:F0:20:86:EF:F9:94:75:12:82:9A:A3:05:7B:37:F2:05:4E:F6:99
Authority key identifier: FD:94:E0:44:CB:E5:C3:52:95:FA:BC:44:58:02:DA:90:58:13:B7:32
Certificate issuer:       /CN=fd94e044cbe5c35295fabc445802da905813b732
Certificate serial:       0197B93390E4EBC85C714190A05183F7D862
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
Manifest number:          0214
Signing time:             Sun 29 Jun 2025 01:00:53 +0000
Manifest this update:     Sun 29 Jun 2025 01:00:53 +0000
Manifest next update:     Mon 30 Jun 2025 01:00:53 +0000
Files and hashes:         1: _ZTgRMvlw1KV-rxEWALakFgTtzI.crl (hash: OACKUtcoFrGu9efcyL/JsaBH+L3k2EPCrmWwg+hBYUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:33:90:e4:eb:c8:5c:71:41:90:a0:51:83:f7:d8:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd94e044cbe5c35295fabc445802da905813b732
        Validity
            Not Before: Jun 29 01:00:53 2025 GMT
            Not After : Jun 30 01:00:53 2025 GMT
        Subject: CN=b9f02086eff9947512829aa3057b37f2054ef699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:01:88:93:79:e9:d1:26:30:8e:06:a5:16:1f:
                    23:0a:b7:0a:72:8c:d0:47:bf:5e:57:6d:bb:6b:e3:
                    9a:6a:fc:fb:5f:66:09:34:e1:b2:7a:8f:b4:52:cc:
                    aa:5b:f0:75:c4:65:e2:1d:a9:26:ae:84:d7:c5:a5:
                    00:e9:1b:32:10:b0:01:bc:d1:04:d6:17:c6:54:5a:
                    93:d9:91:c0:0f:2d:a6:a5:ce:dc:23:2c:95:b7:25:
                    16:9b:c8:05:0d:28:dc:88:df:2a:b1:76:25:90:34:
                    db:53:02:7d:02:41:fe:aa:5a:34:4f:d1:95:1f:2e:
                    59:e7:d6:8c:38:8d:16:63:15:0c:a8:98:c9:1d:b7:
                    a9:17:a3:5d:e1:80:12:a2:c3:2d:39:1d:73:d8:fa:
                    56:36:d1:1a:46:ff:9b:77:20:76:8f:b5:19:df:03:
                    28:e2:0d:09:71:7f:f7:1c:c8:20:98:87:f9:ab:28:
                    61:7e:b9:a0:ae:70:0e:dc:7f:df:dc:09:18:4b:99:
                    34:28:8c:fb:04:f5:4e:6e:57:a3:00:43:d3:16:eb:
                    32:1c:bf:29:36:09:77:64:54:43:4f:1f:46:14:fe:
                    4f:c7:02:95:64:14:1b:ed:7a:e5:ad:97:90:6a:54:
                    02:ff:8d:e8:18:b2:b3:e4:15:ba:79:54:ec:10:21:
                    dc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F0:20:86:EF:F9:94:75:12:82:9A:A3:05:7B:37:F2:05:4E:F6:99
            X509v3 Authority Key Identifier:
                keyid:FD:94:E0:44:CB:E5:C3:52:95:FA:BC:44:58:02:DA:90:58:13:B7:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:6a:7d:52:28:30:f0:90:1a:e3:2c:72:af:d1:46:4e:33:87:
         85:cf:ae:42:fa:34:f6:6c:29:f9:79:b5:21:57:3b:65:77:b3:
         e6:fc:db:c5:83:67:04:05:1d:8e:aa:d3:50:1f:63:3e:c9:ab:
         ab:84:49:7e:ed:05:80:bc:ff:a5:c9:d3:8d:d5:3a:df:4d:31:
         b6:46:b1:79:90:0e:df:09:30:18:a4:92:7e:01:af:1b:dc:e0:
         85:8d:ed:50:6b:ce:67:1e:0d:18:b5:d9:f2:9d:43:18:dd:cc:
         54:f1:4d:31:2e:b8:a6:af:2b:f0:e4:e0:87:63:63:71:47:f2:
         81:7c:57:40:52:23:ad:03:b6:b7:bf:82:c9:b3:5d:1e:f5:1f:
         81:c6:c4:d4:05:ca:d3:be:65:9d:12:76:aa:de:87:50:a7:8d:
         e2:9f:f1:68:13:2d:1e:9a:ba:79:ed:07:58:2a:aa:4e:cd:bd:
         2f:b3:45:4d:41:b5:12:5b:3c:3e:0d:1a:96:6e:fd:ad:a9:11:
         7b:44:8f:08:e3:ed:72:c8:56:42:53:b3:9a:08:3b:75:f2:d7:
         3c:d0:36:cb:f0:d3:a1:1a:0c:ff:62:0e:2b:95:b5:ef:a0:1f:
         a4:df:48:9b:7c:48:e7:2a:20:c5:53:33:42:9a:13:82:f1:e1:
         d8:fc:8d:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5M5Dk68hccUGQoFGD99hiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOTRlMDQ0Y2JlNWMzNTI5NWZhYmM0NDU4MDJkYTkwNTgx
M2I3MzIwHhcNMjUwNjI5MDEwMDUzWhcNMjUwNjMwMDEwMDUzWjAzMTEwLwYDVQQD
EyhiOWYwMjA4NmVmZjk5NDc1MTI4MjlhYTMwNTdiMzdmMjA1NGVmNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQGIk3np0SYwjgalFh8jCrcKcozQ
R79eV227a+Oaavz7X2YJNOGyeo+0UsyqW/B1xGXiHakmroTXxaUA6RsyELABvNEE
1hfGVFqT2ZHADy2mpc7cIyyVtyUWm8gFDSjciN8qsXYlkDTbUwJ9AkH+qlo0T9GV
Hy5Z59aMOI0WYxUMqJjJHbepF6Nd4YASosMtOR1z2PpWNtEaRv+bdyB2j7UZ3wMo
4g0JcX/3HMggmIf5qyhhfrmgrnAO3H/f3AkYS5k0KIz7BPVOblejAEPTFusyHL8p
Ngl3ZFRDTx9GFP5PxwKVZBQb7XrlrZeQalQC/43oGLKz5BW6eVTsECHctwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnwIIbv+ZR1EoKaowV7N/IFTvaZMB8GA1UdIwQY
MBaAFP2U4ETL5cNSlfq8RFgC2pBYE7cyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85NjAyYTktNzRiNi00OTkyLWI3MWQt
YmFiMjQ3ZmU3ZDdjLzEvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85NjAyYTktNzRiNi00OTkyLWI3MWQtYmFiMjQ3ZmU3ZDdj
LzEvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGp9Uigw
8JAa4yxyr9FGTjOHhc+uQvo09mwp+Xm1IVc7ZXez5vzbxYNnBAUdjqrTUB9jPsmr
q4RJfu0FgLz/pcnTjdU6300xtkaxeZAO3wkwGKSSfgGvG9zghY3tUGvOZx4NGLXZ
8p1DGN3MVPFNMS64pq8r8OTgh2NjcUfygXxXQFIjrQO2t7+CybNdHvUfgcbE1AXK
075lnRJ2qt6HUKeN4p/xaBMtHpq6ee0HWCqqTs29L7NFTUG1Els8Pg0alm79rakR
e0SPCOPtcshWQlOzmgg7dfLXPNA2y/DToRoM/2IOK5W176AfpN9Im3xI5yogxVMz
QpoTgvHh2PyNdA==
-----END CERTIFICATE-----