Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
File:                     ezR3xSqsENrC7dQXOrbZTV4k3vU.mft (raw, json)
Hash identifier:          vASAD62Uv7REowjCKFObUY4nxRMNLD1l0PHpej7t/ts=
Subject key identifier:   EA:59:4A:43:20:07:03:9F:2F:E7:1C:10:0B:40:82:D5:34:0D:B7:68
Authority key identifier: 7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5
Certificate issuer:       /CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
Certificate serial:       019659EFD88023FF515CA10F79FD0AB6F2E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
Manifest number:          0521
Signing time:             Mon 21 Apr 2025 20:00:12 +0000
Manifest this update:     Mon 21 Apr 2025 20:00:12 +0000
Manifest next update:     Tue 22 Apr 2025 20:00:12 +0000
Files and hashes:         1: ezR3xSqsENrC7dQXOrbZTV4k3vU.crl (hash: za4ghtqbfCLTD98LoKF77v54BIc4NhGeyRPSx/NoCIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:ef:d8:80:23:ff:51:5c:a1:0f:79:fd:0a:b6:f2:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
        Validity
            Not Before: Apr 21 20:00:12 2025 GMT
            Not After : Apr 22 20:00:12 2025 GMT
        Subject: CN=ea594a432007039f2fe71c100b4082d5340db768
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b2:09:be:11:fe:7e:a2:51:94:7e:5b:53:64:
                    48:84:30:ac:1b:6a:00:21:5a:17:9b:48:77:b8:8e:
                    a8:ff:85:98:04:34:1f:c0:91:74:7b:f7:36:17:be:
                    f4:4d:78:c8:28:cc:da:31:29:7d:b8:9d:1c:c9:8f:
                    5e:8f:47:c8:de:57:a2:ba:16:3a:6b:f6:54:28:c0:
                    89:51:6c:f0:03:4d:de:26:2b:fe:12:ad:95:b5:0f:
                    40:e5:02:fe:24:c4:ca:f6:6a:7f:42:23:c5:d1:92:
                    32:3a:4e:a8:ac:15:20:45:bc:54:61:a5:8c:a1:58:
                    c1:19:ca:60:cf:d5:ca:36:8a:57:cd:f5:87:de:cb:
                    47:bc:60:ed:ee:5d:20:da:4c:b5:a2:56:9c:8a:61:
                    7d:1e:93:1a:e9:c4:bd:5f:75:f2:9c:f0:e8:a5:d1:
                    85:2b:2c:9c:8c:3b:fc:39:e0:84:a1:5f:6b:41:f8:
                    c6:fb:8f:89:d3:26:ed:ec:b2:34:c7:a6:55:f8:ed:
                    37:68:81:55:e5:59:3e:6b:b7:16:c8:8a:8d:65:3c:
                    dc:63:cf:82:a4:f7:ad:a2:39:8c:ac:dd:e3:93:4c:
                    55:a7:ef:e0:b3:51:17:76:0c:ca:21:fa:93:18:bd:
                    03:ca:88:c5:62:d9:42:06:3b:85:a9:cd:5b:a2:7e:
                    9a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:59:4A:43:20:07:03:9F:2F:E7:1C:10:0B:40:82:D5:34:0D:B7:68
            X509v3 Authority Key Identifier:
                keyid:7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:b2:3c:e1:d3:15:88:4e:d3:53:e4:c3:ae:24:fd:88:82:b3:
         b3:f8:9a:f7:7e:81:50:a2:5a:be:84:dc:75:cb:15:bc:d2:dd:
         41:7c:a5:16:c0:d5:ce:27:8f:40:89:0c:f5:bf:c2:fc:c2:e3:
         97:dd:45:89:27:0d:b1:0e:90:90:1d:e4:4d:98:b3:07:3c:01:
         da:9d:a5:d5:f5:69:25:93:e2:31:01:a2:e2:48:b1:af:97:15:
         2a:3d:68:b2:fd:9f:80:1f:46:07:85:5b:60:68:9c:2b:52:2d:
         23:f5:9a:24:3a:54:8c:89:e4:3e:19:40:5c:76:17:72:51:d3:
         ff:2d:46:1e:30:e5:7b:9e:22:a1:4f:69:59:09:ad:cb:14:1e:
         51:c9:f1:87:87:9f:3d:33:ee:c8:68:35:62:ea:bc:44:a3:36:
         8e:ad:59:1b:55:6b:ca:5f:0f:14:00:52:0f:dd:4b:7c:b4:e1:
         eb:ee:4b:9c:d5:1a:d8:77:11:7f:86:98:58:f7:51:c6:3b:ab:
         98:07:1b:79:91:8c:8d:00:26:f7:21:6d:a5:08:20:6d:1d:ee:
         cc:7b:71:31:9f:14:4b:3d:52:86:0e:65:ac:01:db:03:b2:f0:
         a0:62:95:6e:c8:d1:e4:57:aa:de:7a:9e:21:59:ab:c8:79:3f:
         ff:89:81:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZ79iAI/9RXKEPef0KtvLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMzQ3N2M1MmFhYzEwZGFjMmVkZDQxNzNhYjZkOTRkNWUy
NGRlZjUwHhcNMjUwNDIxMjAwMDEyWhcNMjUwNDIyMjAwMDEyWjAzMTEwLwYDVQQD
EyhlYTU5NGE0MzIwMDcwMzlmMmZlNzFjMTAwYjQwODJkNTM0MGRiNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrIJvhH+fqJRlH5bU2RIhDCsG2oA
IVoXm0h3uI6o/4WYBDQfwJF0e/c2F770TXjIKMzaMSl9uJ0cyY9ej0fI3leiuhY6
a/ZUKMCJUWzwA03eJiv+Eq2VtQ9A5QL+JMTK9mp/QiPF0ZIyOk6orBUgRbxUYaWM
oVjBGcpgz9XKNopXzfWH3stHvGDt7l0g2ky1olacimF9HpMa6cS9X3XynPDopdGF
KyycjDv8OeCEoV9rQfjG+4+J0ybt7LI0x6ZV+O03aIFV5Vk+a7cWyIqNZTzcY8+C
pPetojmMrN3jk0xVp+/gs1EXdgzKIfqTGL0DyojFYtlCBjuFqc1bon6apQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpZSkMgBwOfL+ccEAtAgtU0DbdoMB8GA1UdIwQY
MBaAFHs0d8UqrBDawu3UFzq22U1eJN71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4Yjgt
Y2M2OWEyMzg2ZWRjLzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4YjgtY2M2OWEyMzg2ZWRj
LzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrI84dMV
iE7TU+TDriT9iIKzs/ia936BUKJavoTcdcsVvNLdQXylFsDVziePQIkM9b/C/MLj
l91FiScNsQ6QkB3kTZizBzwB2p2l1fVpJZPiMQGi4kixr5cVKj1osv2fgB9GB4Vb
YGicK1ItI/WaJDpUjInkPhlAXHYXclHT/y1GHjDle54ioU9pWQmtyxQeUcnxh4ef
PTPuyGg1Yuq8RKM2jq1ZG1Vryl8PFABSD91LfLTh6+5LnNUa2HcRf4aYWPdRxjur
mAcbeZGMjQAm9yFtpQggbR3uzHtxMZ8USz1Shg5lrAHbA7LwoGKVbsjR5Feq3nqe
IVmryHk//4mBng==
-----END CERTIFICATE-----