Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
File:                     jzAoLIbxBGuTEkzycOEU5fAm_3M.mft (raw, json)
Hash identifier:          pnwbzvBEdkcW4TzVO2h2j2n7EqI0YbpWfoRlv3uf1gM=
Subject key identifier:   B0:1D:E3:F6:69:72:FC:86:0A:A7:F3:B3:04:3D:93:2C:FF:3E:5F:12
Authority key identifier: 8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73
Certificate issuer:       /CN=8f30282c86f1046b93124cf270e114e5f026ff73
Certificate serial:       01975BDCD8CD94CD3ECE0755A5A40FFC2396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
Manifest number:          0F44
Signing time:             Tue 10 Jun 2025 22:01:29 +0000
Manifest this update:     Tue 10 Jun 2025 22:01:29 +0000
Manifest next update:     Wed 11 Jun 2025 22:01:29 +0000
Files and hashes:         1: jzAoLIbxBGuTEkzycOEU5fAm_3M.crl (hash: uQ57xEFQ5GJNwcBljm5QHl1NDeW0gBp2KbKCFtYMMq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:dc:d8:cd:94:cd:3e:ce:07:55:a5:a4:0f:fc:23:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f30282c86f1046b93124cf270e114e5f026ff73
        Validity
            Not Before: Jun 10 22:01:29 2025 GMT
            Not After : Jun 11 22:01:29 2025 GMT
        Subject: CN=b01de3f66972fc860aa7f3b3043d932cff3e5f12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:68:77:3f:52:34:5b:65:77:fd:f2:76:45:3a:
                    52:cc:0f:e0:55:c8:63:e6:6e:cc:ce:9a:95:b5:63:
                    36:60:c8:af:37:7e:53:9c:1d:d4:98:2d:5c:64:ce:
                    bc:18:55:ba:66:c5:44:72:f5:57:49:da:32:9e:49:
                    67:14:19:ee:90:51:b3:e4:d3:8f:69:c6:d4:de:2b:
                    64:63:b8:7b:ce:52:13:43:e5:07:f2:15:ac:1a:3f:
                    90:11:d9:e0:3c:ce:5f:a0:f4:be:94:05:71:7e:97:
                    ee:da:a1:7c:f2:f2:46:28:37:87:77:3f:ef:cf:cf:
                    50:d5:a7:f5:7d:85:36:e8:5c:65:c7:74:76:74:12:
                    e9:f3:00:05:05:33:e9:ef:16:9f:3e:ab:d8:12:e5:
                    aa:06:3d:91:2e:c5:53:c3:fe:27:45:3f:71:aa:71:
                    0d:7b:95:f1:ba:a3:10:86:fc:1e:0b:2d:6a:ee:c8:
                    7d:67:b1:e2:fb:f6:ef:16:a9:b9:0b:ab:24:65:9f:
                    fe:a4:e8:51:f5:de:48:16:3e:24:9c:e8:c1:77:f9:
                    26:64:3b:1d:76:16:bb:84:fb:d8:a7:28:0c:1a:1c:
                    2d:b1:20:f4:b1:61:93:ea:cd:c3:ca:f3:09:f6:3b:
                    91:53:ce:9a:71:07:21:67:c9:4f:cb:95:e2:96:d8:
                    54:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:1D:E3:F6:69:72:FC:86:0A:A7:F3:B3:04:3D:93:2C:FF:3E:5F:12
            X509v3 Authority Key Identifier:
                keyid:8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:3e:f2:f8:8a:63:92:a8:d2:f5:39:ad:9d:4e:a6:35:85:71:
         7a:6c:35:74:10:8b:c9:ed:94:2f:2b:1d:2b:2d:1e:f6:8e:63:
         55:86:60:69:87:6a:72:05:01:d7:6b:fc:89:59:56:cb:ba:98:
         7b:a6:80:ff:11:e0:3c:40:29:58:19:8e:02:67:93:36:c8:a9:
         f4:a4:78:90:58:58:53:db:81:90:b8:a8:d8:31:fa:7d:2d:98:
         78:c4:dc:06:28:86:6c:48:65:d1:c8:5d:9a:a6:b3:45:2a:e3:
         72:25:66:8c:7a:d1:35:35:84:35:9b:5c:74:c8:04:9f:f3:82:
         61:cd:15:5b:12:c9:14:98:74:9b:0d:23:ca:b5:b9:c6:d8:61:
         59:26:05:21:65:11:c6:5d:9b:2e:b5:e3:cc:b0:b5:f3:ff:65:
         53:71:57:11:35:2e:00:5a:f6:c7:4a:a3:37:cb:e8:4d:09:98:
         21:c5:69:1b:86:74:20:33:2f:9f:9e:7d:5f:ff:d2:3f:44:2d:
         70:cb:18:20:91:98:06:42:ff:66:8f:2c:1d:86:bf:cc:72:eb:
         11:74:96:78:4b:1b:69:63:5f:59:f3:5d:e7:bf:5c:60:5f:c4:
         0c:98:d1:2f:99:23:24:ab:19:af:af:bd:97:b7:d9:e2:68:d6:
         32:4e:3a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb3NjNlM0+zgdVpaQP/COWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAyODJjODZmMTA0NmI5MzEyNGNmMjcwZTExNGU1ZjAy
NmZmNzMwHhcNMjUwNjEwMjIwMTI5WhcNMjUwNjExMjIwMTI5WjAzMTEwLwYDVQQD
EyhiMDFkZTNmNjY5NzJmYzg2MGFhN2YzYjMwNDNkOTMyY2ZmM2U1ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mh3P1I0W2V3/fJ2RTpSzA/gVchj
5m7MzpqVtWM2YMivN35TnB3UmC1cZM68GFW6ZsVEcvVXSdoynklnFBnukFGz5NOP
acbU3itkY7h7zlITQ+UH8hWsGj+QEdngPM5foPS+lAVxfpfu2qF88vJGKDeHdz/v
z89Q1af1fYU26Fxlx3R2dBLp8wAFBTPp7xafPqvYEuWqBj2RLsVTw/4nRT9xqnEN
e5XxuqMQhvweCy1q7sh9Z7Hi+/bvFqm5C6skZZ/+pOhR9d5IFj4knOjBd/kmZDsd
dha7hPvYpygMGhwtsSD0sWGT6s3DyvMJ9juRU86acQchZ8lPy5XilthUqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAd4/ZpcvyGCqfzswQ9kyz/Pl8SMB8GA1UdIwQY
MBaAFI8wKCyG8QRrkxJM8nDhFOXwJv9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjIt
Zjk4Nzk2ZjUxMDIyLzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjItZjk4Nzk2ZjUxMDIy
LzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACz7y+Ipj
kqjS9TmtnU6mNYVxemw1dBCLye2ULysdKy0e9o5jVYZgaYdqcgUB12v8iVlWy7qY
e6aA/xHgPEApWBmOAmeTNsip9KR4kFhYU9uBkLio2DH6fS2YeMTcBiiGbEhl0chd
mqazRSrjciVmjHrRNTWENZtcdMgEn/OCYc0VWxLJFJh0mw0jyrW5xthhWSYFIWUR
xl2bLrXjzLC18/9lU3FXETUuAFr2x0qjN8voTQmYIcVpG4Z0IDMvn559X//SP0Qt
cMsYIJGYBkL/Zo8sHYa/zHLrEXSWeEsbaWNfWfNd579cYF/EDJjRL5kjJKsZr6+9
l7fZ4mjWMk461g==
-----END CERTIFICATE-----