Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          pCWxBNFm2fkJYA+QUmrDKzdOIKjD8dO8vwUdQz8vXj4=
Subject key identifier:   38:7A:6B:23:B6:3A:CE:9C:E4:E7:67:39:68:15:BD:E5:0C:08:49:7A
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       01974DB2FE131BAB6C3DA44BDF6E16F2AC35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          1132
Signing time:             Sun 08 Jun 2025 04:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 04:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 04:01:05 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: JHYmLqR1Oml5Wp6sAZbkL+7pARE0gpLWOwhfsNqW2/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:fe:13:1b:ab:6c:3d:a4:4b:df:6e:16:f2:ac:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Jun  8 04:01:05 2025 GMT
            Not After : Jun  9 04:01:05 2025 GMT
        Subject: CN=387a6b23b63ace9ce4e767396815bde50c08497a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:80:37:fd:12:6e:53:6c:0b:23:0e:29:59:92:
                    08:39:c4:68:9c:8d:b9:89:c4:78:f2:75:11:ad:b7:
                    9a:6b:0f:b1:8f:f8:62:bb:a3:72:33:9e:0a:1e:9d:
                    18:63:4a:bf:63:13:dc:76:b3:30:8a:2a:8a:88:d7:
                    93:05:38:2b:dd:ac:91:b0:3d:9d:d9:21:97:f8:ae:
                    29:05:d8:36:33:b7:28:d3:c6:40:65:7f:53:38:4e:
                    ba:56:49:43:8a:c2:25:da:ea:ba:97:16:01:cd:51:
                    ef:ae:dd:5d:70:8b:f0:dc:26:09:1e:15:2a:eb:00:
                    8f:e4:e7:27:cf:f1:de:06:a6:c9:0d:a9:f7:f2:cb:
                    b0:75:b0:e3:25:3f:5f:36:14:71:80:33:9e:cb:ec:
                    99:a4:c3:62:28:ef:61:a9:6a:b6:95:47:2f:d9:fc:
                    4f:dd:85:af:ad:c4:8b:dc:4c:cc:18:73:0f:e2:2a:
                    fc:ae:3c:f3:c5:80:57:d4:05:ec:48:2a:32:1e:8a:
                    73:4e:fb:86:02:9b:6d:d7:ba:25:05:9b:fa:24:db:
                    11:3a:9a:83:da:a5:be:9d:96:fd:ef:57:d3:1d:53:
                    aa:48:9c:25:6d:6b:ad:1e:26:30:72:51:fd:05:0c:
                    c1:26:56:85:54:2d:49:80:18:24:66:78:9e:f6:89:
                    70:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:7A:6B:23:B6:3A:CE:9C:E4:E7:67:39:68:15:BD:E5:0C:08:49:7A
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:49:09:1a:a3:32:60:78:34:e6:c1:8c:0f:55:be:79:57:d0:
         d1:f2:c6:e6:18:76:9b:ea:c2:6c:a4:ad:71:b2:1f:e4:0d:f9:
         3a:b8:a8:0d:9f:77:18:ef:62:79:3e:03:7d:aa:7a:cf:2c:ef:
         6a:b0:ec:d8:81:3f:59:51:4c:de:fd:bf:47:98:6d:41:0e:c0:
         4f:de:85:b1:f5:48:a9:1e:e3:10:54:ee:42:0a:4d:ca:4c:bc:
         f9:47:c6:98:57:1d:4a:e8:70:d7:ac:0f:ab:c0:1b:55:50:12:
         62:4e:0b:ae:4c:59:8d:1f:73:b5:1e:ad:61:f2:bc:66:ef:ba:
         14:20:87:9a:73:83:fd:cb:81:61:74:ec:d8:8d:a9:4f:b4:0a:
         58:84:55:e4:23:f9:04:8d:a1:aa:a6:0b:94:92:5d:2d:5a:1e:
         39:5f:45:68:41:9c:23:0f:e1:a6:e0:34:9e:0a:c7:2f:40:2b:
         4e:66:7f:ee:68:24:b6:ea:ec:05:fc:88:1e:31:c2:13:fd:e1:
         58:8a:25:b4:1a:cb:4d:1e:ba:a6:f3:af:8c:41:ec:33:8b:1b:
         95:74:ce:fd:5b:69:72:71:26:da:22:a7:1d:7a:0b:5a:67:c8:
         bf:11:52:69:14:29:69:42:0f:42:3e:50:4a:aa:07:6d:d7:97:
         15:a2:af:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsv4TG6tsPaRL324W8qw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjUwNjA4MDQwMTA1WhcNMjUwNjA5MDQwMTA1WjAzMTEwLwYDVQQD
EygzODdhNmIyM2I2M2FjZTljZTRlNzY3Mzk2ODE1YmRlNTBjMDg0OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4A3/RJuU2wLIw4pWZIIOcRonI25
icR48nURrbeaaw+xj/hiu6NyM54KHp0YY0q/YxPcdrMwiiqKiNeTBTgr3ayRsD2d
2SGX+K4pBdg2M7co08ZAZX9TOE66VklDisIl2uq6lxYBzVHvrt1dcIvw3CYJHhUq
6wCP5Ocnz/HeBqbJDan38suwdbDjJT9fNhRxgDOey+yZpMNiKO9hqWq2lUcv2fxP
3YWvrcSL3EzMGHMP4ir8rjzzxYBX1AXsSCoyHopzTvuGAptt17olBZv6JNsROpqD
2qW+nZb971fTHVOqSJwlbWutHiYwclH9BQzBJlaFVC1JgBgkZnie9olw9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDh6ayO2Os6c5OdnOWgVveUMCEl6MB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYEkJGqMy
YHg05sGMD1W+eVfQ0fLG5hh2m+rCbKStcbIf5A35OrioDZ93GO9ieT4Dfap6zyzv
arDs2IE/WVFM3v2/R5htQQ7AT96FsfVIqR7jEFTuQgpNyky8+UfGmFcdSuhw16wP
q8AbVVASYk4LrkxZjR9ztR6tYfK8Zu+6FCCHmnOD/cuBYXTs2I2pT7QKWIRV5CP5
BI2hqqYLlJJdLVoeOV9FaEGcIw/hpuA0ngrHL0ArTmZ/7mgktursBfyIHjHCE/3h
WIoltBrLTR66pvOvjEHsM4sblXTO/VtpcnEm2iKnHXoLWmfIvxFSaRQpaUIPQj5Q
SqoHbdeXFaKvUA==
-----END CERTIFICATE-----