Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          g+pJXgIUdRji19QTzVNMA+hWz3YX3WEk18L+DiBK4sw=
Subject key identifier:   0B:03:9C:D1:64:FE:25:CF:01:54:5C:7C:5B:45:B3:CE:B5:66:40:DF
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       0197B70F3F8D4136622211229CAA9F3044A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          01C4
Signing time:             Sat 28 Jun 2025 15:01:59 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:59 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:59 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: Ni+7RqJSvWGmjvDe8JiKwZa5KERoAH5Qa1JtdhX6qVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:3f:8d:41:36:62:22:11:22:9c:aa:9f:30:44:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Jun 28 15:01:59 2025 GMT
            Not After : Jun 29 15:01:59 2025 GMT
        Subject: CN=0b039cd164fe25cf01545c7c5b45b3ceb56640df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:f0:29:c2:9b:92:5e:9b:41:77:c5:43:2c:52:
                    04:94:c4:b0:16:dc:41:0a:fb:a2:30:e8:3a:ad:81:
                    79:75:c4:b2:0b:ab:9c:3c:f8:50:98:5a:1c:f6:c2:
                    a3:f5:35:7a:74:7f:c6:cc:52:a0:f8:f3:9e:c1:88:
                    ba:cf:9b:8d:be:b4:23:98:7a:fd:ef:da:eb:7d:44:
                    ae:0d:ea:28:50:35:a4:4d:39:5f:ad:9c:e2:2f:81:
                    fc:7e:df:95:e9:3c:a5:35:4f:62:46:07:e7:92:92:
                    21:98:73:b0:ad:a7:79:cc:71:a7:a9:b0:67:88:28:
                    04:f8:99:c5:b4:98:6e:93:d5:cb:1f:de:99:9c:b2:
                    09:26:85:e9:19:5c:1e:ea:39:8e:e8:35:8d:c6:9c:
                    27:94:a2:15:a7:e0:c5:ed:c4:64:a4:b2:f7:54:cd:
                    78:df:21:42:80:09:b7:d8:54:12:61:cc:1e:4c:3d:
                    bb:35:96:0e:6a:94:6e:82:0a:a1:5f:6f:d8:cb:33:
                    e3:d1:bb:12:2a:95:c8:80:a9:b4:95:c6:0d:33:41:
                    f6:de:f8:2a:26:3c:1e:a3:7a:e3:0b:01:2f:9f:1a:
                    39:c0:35:cd:8e:a0:06:16:24:6d:10:f4:22:4e:05:
                    49:81:44:21:b9:dc:fa:ef:d3:46:df:98:fe:12:9e:
                    55:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:03:9C:D1:64:FE:25:CF:01:54:5C:7C:5B:45:B3:CE:B5:66:40:DF
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4d:e1:79:73:c7:d4:bd:ea:cc:83:95:9c:b5:3d:c1:6f:76:
         80:4e:14:3e:1d:95:b7:b8:68:d6:93:79:d5:42:99:6f:46:db:
         d5:71:74:e4:4f:e5:ef:c5:d1:82:97:6b:61:c9:a3:3e:0d:7f:
         f0:81:da:d2:03:ca:64:e2:ef:e0:6c:2e:39:f7:a1:6c:dc:49:
         db:b0:46:42:33:1c:3c:61:34:ac:da:13:32:5e:e1:1b:8e:81:
         af:70:26:b0:cc:5e:d0:fc:22:cd:46:de:fa:e1:37:31:af:38:
         3c:97:10:2c:0b:6c:8e:59:0f:0f:24:ab:44:17:25:2f:1f:24:
         83:ee:b8:de:15:a2:2f:f9:e1:b3:96:2b:b0:61:1b:66:14:65:
         9e:f7:66:d1:b1:60:d4:4d:23:3b:21:7a:39:33:42:34:00:b1:
         6f:ca:97:3e:10:03:c6:7b:13:ee:9c:d1:06:99:36:0b:77:1a:
         33:ad:51:60:0a:a1:77:05:dc:1e:4e:79:b3:93:45:31:24:9c:
         87:a6:ee:c2:e1:34:fb:5b:cd:7d:59:5d:8f:e6:0c:88:71:44:
         96:4d:d8:51:f2:8d:99:f4:ca:8e:e5:75:4d:91:70:b8:e3:9f:
         4a:8e:e3:81:8d:62:8e:00:11:93:01:3b:ab:e4:c4:94:17:dc:
         b1:dd:91:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dz+NQTZiIhEinKqfMESmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUwNjI4MTUwMTU5WhcNMjUwNjI5MTUwMTU5WjAzMTEwLwYDVQQD
EygwYjAzOWNkMTY0ZmUyNWNmMDE1NDVjN2M1YjQ1YjNjZWI1NjY0MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fApwpuSXptBd8VDLFIElMSwFtxB
CvuiMOg6rYF5dcSyC6ucPPhQmFoc9sKj9TV6dH/GzFKg+POewYi6z5uNvrQjmHr9
79rrfUSuDeooUDWkTTlfrZziL4H8ft+V6TylNU9iRgfnkpIhmHOwrad5zHGnqbBn
iCgE+JnFtJhuk9XLH96ZnLIJJoXpGVwe6jmO6DWNxpwnlKIVp+DF7cRkpLL3VM14
3yFCgAm32FQSYcweTD27NZYOapRuggqhX2/YyzPj0bsSKpXIgKm0lcYNM0H23vgq
Jjweo3rjCwEvnxo5wDXNjqAGFiRtEPQiTgVJgUQhudz679NG35j+Ep5V+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsDnNFk/iXPAVRcfFtFs861ZkDfMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFE3heXPH
1L3qzIOVnLU9wW92gE4UPh2Vt7ho1pN51UKZb0bb1XF05E/l78XRgpdrYcmjPg1/
8IHa0gPKZOLv4GwuOfehbNxJ27BGQjMcPGE0rNoTMl7hG46Br3AmsMxe0PwizUbe
+uE3Ma84PJcQLAtsjlkPDySrRBclLx8kg+643hWiL/nhs5YrsGEbZhRlnvdm0bFg
1E0jOyF6OTNCNACxb8qXPhADxnsT7pzRBpk2C3caM61RYAqhdwXcHk55s5NFMSSc
h6buwuE0+1vNfVldj+YMiHFElk3YUfKNmfTKjuV1TZFwuOOfSo7jgY1ijgARkwE7
q+TElBfcsd2RUg==
-----END CERTIFICATE-----