Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          64t9lAXi7xVeNBvg7aGd9AmDDf8HaI10FY+s9Dtdk2s=
Subject key identifier:   4B:CA:78:B8:30:8D:44:A0:E8:17:BA:E2:21:D6:EE:03:EB:74:81:8D
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       01974779E43BB07B5740DF06B864D1ACEA7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          1174
Signing time:             Fri 06 Jun 2025 23:00:59 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:59 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:59 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: XzG5W1pJCs/za6K8sqYxdcPaIJMuPXgl2VXnRUYFZjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:e4:3b:b0:7b:57:40:df:06:b8:64:d1:ac:ea:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Jun  6 23:00:59 2025 GMT
            Not After : Jun  7 23:00:59 2025 GMT
        Subject: CN=4bca78b8308d44a0e817bae221d6ee03eb74818d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:da:19:3c:1e:66:ef:11:3b:60:cc:20:ea:f3:
                    fd:a7:98:ed:d8:eb:61:5f:3f:d7:cc:f2:61:70:64:
                    84:43:a5:34:7e:11:8d:ce:1a:38:95:97:a0:ea:0d:
                    fe:03:ba:94:a3:66:c7:eb:9a:77:30:4b:cc:cf:dd:
                    66:95:7e:ab:8a:91:a2:f7:4b:20:af:86:9e:7b:4b:
                    34:69:02:13:e3:65:ba:e5:13:9b:ff:ce:3c:97:2d:
                    b4:16:10:f9:77:68:68:68:88:d1:08:0a:09:d4:81:
                    5b:89:dc:cb:67:79:3a:26:29:e4:d8:d4:ec:50:77:
                    ee:09:bc:01:9f:51:cf:bf:25:c1:b6:88:85:d6:e6:
                    71:bd:09:ba:d0:c5:d3:ff:91:b1:1a:e6:a2:1f:ae:
                    e9:3b:30:1d:97:50:18:62:94:fc:c6:f4:19:22:36:
                    9a:bb:ce:e7:0f:bf:c4:c9:92:e4:a1:e4:77:b0:2b:
                    70:d3:a2:74:ca:70:fa:5a:6d:4a:f9:cf:4c:da:a5:
                    f7:09:9e:0a:c6:af:af:e4:06:23:92:6e:66:7c:87:
                    bd:45:04:72:63:58:2d:83:c3:72:8a:17:e4:5b:10:
                    28:8c:a4:95:bf:8a:3d:5f:2b:f3:37:a4:2c:bd:a5:
                    76:22:c8:8c:04:eb:b3:fc:20:cb:c3:76:e3:57:19:
                    45:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:CA:78:B8:30:8D:44:A0:E8:17:BA:E2:21:D6:EE:03:EB:74:81:8D
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:b2:17:c5:98:c4:1b:62:9d:ea:3a:9e:9a:5a:80:81:47:a4:
         87:d0:fa:62:d9:50:fd:db:d8:8b:b1:30:6a:71:ea:fc:be:c7:
         86:93:55:13:92:cf:17:58:e6:3f:09:a6:3e:4b:22:f9:70:be:
         20:8e:c0:05:43:4d:e9:ab:cc:f0:1e:e0:e0:32:03:86:49:69:
         3c:6e:6c:01:8f:f2:41:30:7a:c9:a3:64:2c:34:ae:e6:b5:d0:
         1c:75:69:48:13:3a:b2:97:68:99:e6:97:e8:c6:ce:dd:e1:09:
         4e:cb:d8:9d:f3:61:f3:ed:24:72:40:9b:2e:c9:6d:43:9c:9a:
         2b:12:0b:1b:59:ac:f0:e2:01:8b:bd:e7:69:be:fc:bf:b1:b6:
         1e:b2:45:bc:4e:25:87:15:71:78:a5:ff:05:7e:4d:8a:4f:db:
         4c:a9:f0:fa:05:ca:c6:cc:8e:bc:04:31:88:e8:1b:1c:81:25:
         47:a8:8c:8b:e4:eb:cc:e0:b5:05:2d:51:00:97:f3:4c:87:b0:
         16:bd:03:f1:8a:df:2f:29:0c:cf:1c:b7:81:ad:90:59:40:ff:
         11:ec:fe:e0:35:66:b8:7f:5b:30:e7:37:5a:2b:5e:94:59:8e:
         71:72:8a:61:e4:d1:36:49:88:6f:c2:5e:b1:c4:a1:98:65:88:
         26:45:bd:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeeQ7sHtXQN8GuGTRrOp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUwNjA2MjMwMDU5WhcNMjUwNjA3MjMwMDU5WjAzMTEwLwYDVQQD
Eyg0YmNhNzhiODMwOGQ0NGEwZTgxN2JhZTIyMWQ2ZWUwM2ViNzQ4MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NoZPB5m7xE7YMwg6vP9p5jt2Oth
Xz/XzPJhcGSEQ6U0fhGNzho4lZeg6g3+A7qUo2bH65p3MEvMz91mlX6ripGi90sg
r4aee0s0aQIT42W65ROb/848ly20FhD5d2hoaIjRCAoJ1IFbidzLZ3k6Jink2NTs
UHfuCbwBn1HPvyXBtoiF1uZxvQm60MXT/5GxGuaiH67pOzAdl1AYYpT8xvQZIjaa
u87nD7/EyZLkoeR3sCtw06J0ynD6Wm1K+c9M2qX3CZ4Kxq+v5AYjkm5mfIe9RQRy
Y1gtg8NyihfkWxAojKSVv4o9XyvzN6QsvaV2IsiMBOuz/CDLw3bjVxlF/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvKeLgwjUSg6Be64iHW7gPrdIGNMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLIXxZjE
G2Kd6jqemlqAgUekh9D6YtlQ/dvYi7EwanHq/L7HhpNVE5LPF1jmPwmmPksi+XC+
II7ABUNN6avM8B7g4DIDhklpPG5sAY/yQTB6yaNkLDSu5rXQHHVpSBM6spdomeaX
6MbO3eEJTsvYnfNh8+0kckCbLsltQ5yaKxILG1ms8OIBi73nab78v7G2HrJFvE4l
hxVxeKX/BX5Nik/bTKnw+gXKxsyOvAQxiOgbHIElR6iMi+TrzOC1BS1RAJfzTIew
Fr0D8YrfLykMzxy3ga2QWUD/Eez+4DVmuH9bMOc3WitelFmOcXKKYeTRNkmIb8Je
scShmGWIJkW9RA==
-----END CERTIFICATE-----