Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          Onk+KNHuIm5ymIr8X4DLq5Rd/CUKOA1jPdqhpxe19lY=
Subject key identifier:   EC:0B:46:4D:92:B6:29:FE:20:1F:32:91:C3:90:C7:E9:1A:55:26:7A
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       01974B1F65680AC840EC2A01144D044288D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          13EA
Signing time:             Sat 07 Jun 2025 16:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:38 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: MA+8i2ZoUOolImtZOIYkSvE51RLKaK1KMhhAyXUs9DA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:65:68:0a:c8:40:ec:2a:01:14:4d:04:42:88:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Jun  7 16:00:38 2025 GMT
            Not After : Jun  8 16:00:38 2025 GMT
        Subject: CN=ec0b464d92b629fe201f3291c390c7e91a55267a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5c:29:74:f8:fc:e9:de:98:42:b6:08:c3:40:
                    5a:3a:29:a0:8e:07:7c:56:b4:eb:68:cb:b1:4e:82:
                    3a:68:62:fe:4e:b0:a0:aa:00:08:e8:4a:fa:4f:5a:
                    90:d2:0a:ff:30:a2:97:5d:5a:6a:53:c0:17:89:3e:
                    a8:58:fc:6a:c4:b4:75:bf:65:49:c3:1e:6d:b3:70:
                    0d:b7:cc:ff:c4:2d:39:99:10:a3:bf:75:32:d5:73:
                    6c:81:2f:72:c2:43:ca:25:8d:40:11:7e:d0:4c:c9:
                    2e:fd:1d:7f:19:41:93:35:66:da:47:38:f8:d6:9b:
                    af:fe:eb:69:ba:a4:20:cb:b4:41:77:62:b0:e3:e1:
                    d2:69:85:6b:28:4a:cd:12:bd:2e:d7:72:cf:5c:0d:
                    02:81:1d:80:df:ed:b1:c7:3d:5e:3f:21:07:cf:d7:
                    5c:11:14:f7:25:7e:85:a9:06:2b:48:c4:34:30:43:
                    7f:24:b8:a6:63:bf:17:49:c0:8e:e5:84:bd:6f:61:
                    84:31:d8:0d:79:92:4e:a2:67:6e:74:8c:0b:4d:35:
                    d7:82:c8:68:01:a1:72:ad:6a:74:e7:3f:ce:80:cc:
                    23:4c:ee:4e:26:1f:3d:c0:70:8b:5b:9d:7d:c6:36:
                    46:83:54:fa:18:09:6c:c7:36:ee:c0:c6:fd:9a:20:
                    49:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:0B:46:4D:92:B6:29:FE:20:1F:32:91:C3:90:C7:E9:1A:55:26:7A
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:44:71:e3:3d:c4:58:36:bd:93:71:db:61:c5:4f:f0:81:30:
         9b:88:2b:4b:01:2d:1c:4d:c5:28:92:ee:c9:5d:c5:77:46:2d:
         13:6c:db:ea:81:b4:ce:ae:c5:1d:f6:4d:da:63:57:24:c1:ce:
         2b:17:e3:e8:b6:38:cb:7a:5b:31:e2:51:c2:79:c4:26:b3:54:
         81:20:7a:f1:8a:61:b4:59:c3:9e:ed:ee:b3:e4:36:d4:76:61:
         44:ec:0f:47:b4:b7:2a:c1:21:3d:ce:cb:52:4f:f4:1a:1b:ac:
         ac:2f:01:f6:8a:4e:2a:cf:d8:8d:78:85:e3:4d:24:33:d9:b1:
         4d:f6:21:50:39:fe:64:ea:3d:34:11:bf:81:fe:3c:69:26:90:
         22:d4:ea:02:ef:7f:8f:26:de:48:a5:6e:b1:ec:36:f4:fa:2b:
         c2:d6:9c:32:0e:4a:b6:b5:d4:83:21:bf:9e:12:3a:ac:71:2c:
         8d:36:c2:2a:7c:d7:60:70:84:1e:af:24:5f:5d:07:4f:f0:e2:
         56:55:7e:ab:ed:67:55:e2:80:d0:6b:e8:4b:ad:74:48:ff:2f:
         4a:b7:5c:c8:c3:cc:66:0a:39:d1:5f:57:77:9d:23:72:1d:7e:
         f1:a5:63:71:c5:db:d3:20:3e:fc:70:5c:82:73:c9:7d:ec:f1:
         0a:90:fe:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLH2VoCshA7CoBFE0EQojWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwNjA3MTYwMDM4WhcNMjUwNjA4MTYwMDM4WjAzMTEwLwYDVQQD
EyhlYzBiNDY0ZDkyYjYyOWZlMjAxZjMyOTFjMzkwYzdlOTFhNTUyNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlwpdPj86d6YQrYIw0BaOimgjgd8
VrTraMuxToI6aGL+TrCgqgAI6Er6T1qQ0gr/MKKXXVpqU8AXiT6oWPxqxLR1v2VJ
wx5ts3ANt8z/xC05mRCjv3Uy1XNsgS9ywkPKJY1AEX7QTMku/R1/GUGTNWbaRzj4
1puv/utpuqQgy7RBd2Kw4+HSaYVrKErNEr0u13LPXA0CgR2A3+2xxz1ePyEHz9dc
ERT3JX6FqQYrSMQ0MEN/JLimY78XScCO5YS9b2GEMdgNeZJOomdudIwLTTXXgsho
AaFyrWp05z/OgMwjTO5OJh89wHCLW519xjZGg1T6GAlsxzbuwMb9miBJyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwLRk2Stin+IB8ykcOQx+kaVSZ6MB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADURx4z3E
WDa9k3HbYcVP8IEwm4grSwEtHE3FKJLuyV3Fd0YtE2zb6oG0zq7FHfZN2mNXJMHO
Kxfj6LY4y3pbMeJRwnnEJrNUgSB68YphtFnDnu3us+Q21HZhROwPR7S3KsEhPc7L
Uk/0GhusrC8B9opOKs/YjXiF400kM9mxTfYhUDn+ZOo9NBG/gf48aSaQItTqAu9/
jybeSKVusew29PorwtacMg5KtrXUgyG/nhI6rHEsjTbCKnzXYHCEHq8kX10HT/Di
VlV+q+1nVeKA0GvoS610SP8vSrdcyMPMZgo50V9Xd50jch1+8aVjccXb0yA+/HBc
gnPJfezxCpD+oA==
-----END CERTIFICATE-----