Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
File:                     Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft (raw, json)
Hash identifier:          b+N2+QPum6efd6PfgI90kf1F22AS+CIkUOLjWidklmk=
Subject key identifier:   32:DF:27:EA:61:6D:47:2B:D2:13:DF:B7:9A:25:57:2F:8A:EC:44:08
Authority key identifier: 67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56
Certificate issuer:       /CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
Certificate serial:       01964DEC1AEB434671A650C10F9FB5067213
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
Manifest number:          0B7B
Signing time:             Sat 19 Apr 2025 12:00:41 +0000
Manifest this update:     Sat 19 Apr 2025 12:00:41 +0000
Manifest next update:     Sun 20 Apr 2025 12:00:41 +0000
Files and hashes:         1: Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl (hash: sWZs7dR6zxG2B2zdHg77zkTb4adbQeksFqZtEyQcPG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 12:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:ec:1a:eb:43:46:71:a6:50:c1:0f:9f:b5:06:72:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
        Validity
            Not Before: Apr 19 12:00:41 2025 GMT
            Not After : Apr 20 12:00:41 2025 GMT
        Subject: CN=32df27ea616d472bd213dfb79a25572f8aec4408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:53:61:78:11:7a:8e:39:4f:89:a5:cf:cb:b7:
                    1a:ca:a2:7b:cd:77:6f:d9:01:2f:29:9e:42:04:3d:
                    f8:46:7a:31:27:dd:1d:6c:03:c4:d4:d2:04:e2:1a:
                    67:f3:82:f8:dd:cb:29:72:c3:67:75:78:d0:a0:0e:
                    03:75:e9:25:30:88:af:b4:3a:16:6a:27:c2:9b:52:
                    13:55:b9:60:bf:76:ea:97:a5:60:19:79:f6:46:27:
                    a4:1c:ae:f3:f6:e9:2e:20:8d:91:d3:de:49:c8:e8:
                    91:7b:78:1d:f3:d6:f5:6a:46:ed:67:bd:64:19:bd:
                    b8:2e:9f:65:c1:ff:20:58:a0:28:39:d9:89:a1:86:
                    1e:db:46:e3:5e:b4:d4:b2:da:c5:a9:29:cd:ae:e0:
                    89:86:31:8c:a3:c4:f4:86:fb:44:60:3d:57:41:45:
                    31:cc:f8:5a:b2:f6:25:06:21:55:9c:57:ac:5f:50:
                    62:86:cf:d2:24:22:12:3b:51:68:8f:6c:08:f6:b6:
                    a9:2a:bb:04:f9:f3:38:c6:d7:1c:f2:ee:b5:3e:36:
                    09:60:54:d7:96:b0:8a:91:2d:b9:ca:66:f5:42:16:
                    88:ee:b1:9d:06:28:33:16:80:b8:9e:06:89:96:6a:
                    b4:52:a4:48:c8:df:d1:3b:8c:4d:2f:9f:b0:f2:d2:
                    dd:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:DF:27:EA:61:6D:47:2B:D2:13:DF:B7:9A:25:57:2F:8A:EC:44:08
            X509v3 Authority Key Identifier:
                keyid:67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:39:14:38:e4:d5:db:a3:b7:0d:84:6c:1d:43:98:09:47:bd:
         5b:1f:50:72:ce:06:87:51:49:b2:05:73:be:c9:2f:0e:b7:88:
         e3:6c:0b:e1:78:52:47:d0:e6:0f:32:59:8b:e3:7a:40:a3:eb:
         f1:1f:63:02:aa:6d:9a:64:15:bf:95:e1:02:b6:94:16:4b:84:
         74:8c:95:51:ad:59:a1:46:f9:9b:5d:9d:4d:c5:66:4d:c1:8a:
         d2:c3:a6:5b:9b:1f:f9:6a:87:23:f7:d8:da:43:df:a0:9a:4b:
         ce:ac:44:fe:ba:ec:92:e9:03:2f:24:8f:4f:b2:eb:5d:0d:93:
         cf:50:db:16:6c:4d:a7:42:60:5b:06:3d:3a:9c:a8:97:9f:c4:
         0e:4a:64:a7:7f:dd:73:ed:5a:da:59:e4:b6:e7:36:4f:8b:b3:
         88:16:d1:7b:ff:0f:bd:73:05:85:09:0a:f1:9a:8f:4c:e2:01:
         ba:26:87:89:43:69:a7:ed:1d:c1:db:bf:b8:78:cb:c5:07:17:
         bf:c0:b7:b6:05:35:6a:3e:9f:07:f2:89:6d:ba:33:2f:54:40:
         91:7c:19:b7:13:11:5c:95:cd:6e:7f:44:84:8f:be:a9:ed:ef:
         e3:d8:de:95:7d:b7:93:4f:2b:91:d8:d9:46:d2:19:77:2f:58:
         36:f7:09:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZN7BrrQ0ZxplDBD5+1BnITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NmZiYjU3N2M5M2RjNDVkNDhmMDE5OWIxOWQxY2E3YTIx
MzdjNTYwHhcNMjUwNDE5MTIwMDQxWhcNMjUwNDIwMTIwMDQxWjAzMTEwLwYDVQQD
EygzMmRmMjdlYTYxNmQ0NzJiZDIxM2RmYjc5YTI1NTcyZjhhZWM0NDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1NheBF6jjlPiaXPy7cayqJ7zXdv
2QEvKZ5CBD34RnoxJ90dbAPE1NIE4hpn84L43cspcsNndXjQoA4DdeklMIivtDoW
aifCm1ITVblgv3bql6VgGXn2RiekHK7z9ukuII2R095JyOiRe3gd89b1akbtZ71k
Gb24Lp9lwf8gWKAoOdmJoYYe20bjXrTUstrFqSnNruCJhjGMo8T0hvtEYD1XQUUx
zPhasvYlBiFVnFesX1Bihs/SJCISO1Foj2wI9rapKrsE+fM4xtcc8u61PjYJYFTX
lrCKkS25ymb1QhaI7rGdBigzFoC4ngaJlmq0UqRIyN/RO4xNL5+w8tLdkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLfJ+phbUcr0hPft5olVy+K7EQIMB8GA1UdIwQY
MBaAFGdvu1d8k9xF1I8BmbGdHKeiE3xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYt
MWNkZTczMWU2ZmRmLzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYtMWNkZTczMWU2ZmRm
LzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATzkUOOTV
26O3DYRsHUOYCUe9Wx9Qcs4Gh1FJsgVzvskvDreI42wL4XhSR9DmDzJZi+N6QKPr
8R9jAqptmmQVv5XhAraUFkuEdIyVUa1ZoUb5m12dTcVmTcGK0sOmW5sf+WqHI/fY
2kPfoJpLzqxE/rrskukDLySPT7LrXQ2Tz1DbFmxNp0JgWwY9Opyol5/EDkpkp3/d
c+1a2lnktuc2T4uziBbRe/8PvXMFhQkK8ZqPTOIBuiaHiUNpp+0dwdu/uHjLxQcX
v8C3tgU1aj6fB/KJbbozL1RAkXwZtxMRXJXNbn9EhI++qe3v49jelX23k08rkdjZ
RtIZdy9YNvcJng==
-----END CERTIFICATE-----