Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.mft
File:                     z2wawDKfN1f-h9q2IGq8FXHES7A.mft (raw, json)
Hash identifier:          G8BI60tSgntYt7hu976+FFi1WGbMp8kvykFpqElsSus=
Subject key identifier:   1A:01:F7:89:27:A9:6D:43:4C:72:A3:BA:6D:7C:86:C9:D7:5B:6A:6F
Authority key identifier: CF:6C:1A:C0:32:9F:37:57:FE:87:DA:B6:20:6A:BC:15:71:C4:4B:B0
Certificate issuer:       /CN=cf6c1ac0329f3757fe87dab6206abc1571c44bb0
Certificate serial:       01965C4CA5F5C674856BE94D235152992D7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z2wawDKfN1f-h9q2IGq8FXHES7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.mft
Manifest number:          1500
Signing time:             Tue 22 Apr 2025 07:00:49 +0000
Manifest this update:     Tue 22 Apr 2025 07:00:49 +0000
Manifest next update:     Wed 23 Apr 2025 07:00:49 +0000
Files and hashes:         1: z2wawDKfN1f-h9q2IGq8FXHES7A.crl (hash: WsrHWZH7odsAPvWRoMjOdPoqAjXg8GO7M7shPRVWwAc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z2wawDKfN1f-h9q2IGq8FXHES7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:4c:a5:f5:c6:74:85:6b:e9:4d:23:51:52:99:2d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf6c1ac0329f3757fe87dab6206abc1571c44bb0
        Validity
            Not Before: Apr 22 07:00:49 2025 GMT
            Not After : Apr 23 07:00:49 2025 GMT
        Subject: CN=1a01f78927a96d434c72a3ba6d7c86c9d75b6a6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:23:67:ce:57:b4:78:38:79:46:43:a2:8f:fa:
                    71:28:5f:8b:fb:d7:d9:28:e7:18:b8:55:de:2a:bf:
                    ad:19:85:e6:d4:ac:fb:85:55:5d:1f:50:b9:9c:f5:
                    d4:5c:96:28:3c:83:bd:ae:f6:ee:5d:a2:a1:99:19:
                    89:db:7b:61:80:3b:9a:77:99:09:2b:95:25:c5:a3:
                    51:86:b0:9c:e0:71:7d:3b:73:17:19:2b:14:05:b2:
                    2d:08:fe:db:30:51:30:36:0f:13:e1:b6:b8:89:f5:
                    e5:b2:78:ef:81:33:0d:a5:74:51:81:2e:59:31:7b:
                    01:17:be:29:79:23:d3:4c:63:53:62:9a:a0:1f:b9:
                    2a:c4:24:4b:aa:c2:a0:6c:35:a8:6e:ca:18:5c:2a:
                    51:f1:16:06:86:83:26:30:15:0c:1f:3f:bf:49:3f:
                    e2:fd:48:de:6a:60:fe:83:91:7a:d3:8d:9b:f0:9e:
                    24:b1:50:5a:ad:2b:97:60:c6:81:b8:0a:0e:ba:76:
                    27:55:b3:83:aa:f3:2a:21:d6:11:96:4a:9c:48:1e:
                    59:e2:98:e2:c7:6a:5c:8e:aa:2d:62:47:3f:5d:e6:
                    db:d4:a1:45:31:27:9a:75:21:3d:89:55:f9:e4:dd:
                    b7:fd:3c:d4:e5:0c:8f:e0:2d:79:d2:1c:32:de:4d:
                    50:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:01:F7:89:27:A9:6D:43:4C:72:A3:BA:6D:7C:86:C9:D7:5B:6A:6F
            X509v3 Authority Key Identifier:
                keyid:CF:6C:1A:C0:32:9F:37:57:FE:87:DA:B6:20:6A:BC:15:71:C4:4B:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2wawDKfN1f-h9q2IGq8FXHES7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5374a8-c6d9-49a7-8cdd-1fce555d8fef/1/z2wawDKfN1f-h9q2IGq8FXHES7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:9d:88:45:11:02:6c:39:c9:e2:ec:f4:a9:1e:5e:45:8b:01:
         1b:c0:58:68:71:6f:49:28:17:64:4d:fe:2f:0c:2d:36:81:59:
         b6:8f:9e:48:7c:f4:a5:28:8b:6b:de:83:4b:aa:1d:87:52:80:
         d5:ec:d1:0a:c7:be:c5:90:45:0b:0b:fa:4d:3e:a9:6e:e0:33:
         66:73:6e:9b:04:d7:07:44:2a:e7:b7:ab:f2:4f:b1:4d:f7:c8:
         cb:5b:e7:02:68:cc:cd:bf:ed:41:65:38:13:79:88:48:66:1f:
         9d:8f:72:a7:96:5e:ca:03:35:7b:a9:cf:dc:df:df:36:0a:2e:
         25:08:77:22:19:9a:d7:fe:94:51:f8:9c:5e:00:aa:5d:42:61:
         b5:c9:e8:2e:90:c0:59:cd:7a:f2:62:29:96:83:30:2d:c1:da:
         5c:68:18:5b:6e:63:29:ec:4a:cd:c8:98:b4:c2:83:66:65:6a:
         e6:a4:ee:80:5c:3c:df:b2:c0:db:10:b8:aa:89:ce:ae:07:f5:
         70:bb:fd:39:82:cb:3f:50:7c:93:35:d8:ef:21:1d:b1:b6:51:
         83:e4:a8:1c:df:05:96:94:19:62:e4:51:48:c7:7b:43:7c:a2:
         c5:d0:cd:26:f6:d4:fa:f7:ef:af:fd:cf:93:44:a2:a6:90:7f:
         05:e3:69:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZcTKX1xnSFa+lNI1FSmS16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNmMxYWMwMzI5ZjM3NTdmZTg3ZGFiNjIwNmFiYzE1NzFj
NDRiYjAwHhcNMjUwNDIyMDcwMDQ5WhcNMjUwNDIzMDcwMDQ5WjAzMTEwLwYDVQQD
EygxYTAxZjc4OTI3YTk2ZDQzNGM3MmEzYmE2ZDdjODZjOWQ3NWI2YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyNnzle0eDh5RkOij/pxKF+L+9fZ
KOcYuFXeKr+tGYXm1Kz7hVVdH1C5nPXUXJYoPIO9rvbuXaKhmRmJ23thgDuad5kJ
K5UlxaNRhrCc4HF9O3MXGSsUBbItCP7bMFEwNg8T4ba4ifXlsnjvgTMNpXRRgS5Z
MXsBF74peSPTTGNTYpqgH7kqxCRLqsKgbDWobsoYXCpR8RYGhoMmMBUMHz+/ST/i
/UjeamD+g5F6042b8J4ksVBarSuXYMaBuAoOunYnVbODqvMqIdYRlkqcSB5Z4pji
x2pcjqotYkc/Xebb1KFFMSeadSE9iVX55N23/TzU5QyP4C150hwy3k1QqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoB94knqW1DTHKjum18hsnXW2pvMB8GA1UdIwQY
MBaAFM9sGsAynzdX/ofatiBqvBVxxEuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJ3YXdES2ZOMWYtaDlxMklHcThGWEhFUzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81Mzc0YTgtYzZkOS00OWE3LThjZGQt
MWZjZTU1NWQ4ZmVmLzEvejJ3YXdES2ZOMWYtaDlxMklHcThGWEhFUzdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81Mzc0YTgtYzZkOS00OWE3LThjZGQtMWZjZTU1NWQ4ZmVm
LzEvejJ3YXdES2ZOMWYtaDlxMklHcThGWEhFUzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjJ2IRREC
bDnJ4uz0qR5eRYsBG8BYaHFvSSgXZE3+LwwtNoFZto+eSHz0pSiLa96DS6odh1KA
1ezRCse+xZBFCwv6TT6pbuAzZnNumwTXB0Qq57er8k+xTffIy1vnAmjMzb/tQWU4
E3mISGYfnY9yp5ZeygM1e6nP3N/fNgouJQh3Ihma1/6UUficXgCqXUJhtcnoLpDA
Wc168mIploMwLcHaXGgYW25jKexKzciYtMKDZmVq5qTugFw837LA2xC4qonOrgf1
cLv9OYLLP1B8kzXY7yEdsbZRg+SoHN8FlpQZYuRRSMd7Q3yixdDNJvbU+vfvr/3P
k0SippB/BeNppw==
-----END CERTIFICATE-----