Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          9eim1+gVU/akrQLwLGfhLrAW89TUmpTB+iSM7OVWc+I=
Subject key identifier:   69:5A:8F:68:4F:73:E9:D5:4F:36:28:1F:89:94:4B:FC:F2:06:83:62
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       0197488D40FA0EFBA58B767E3E3B18B7E036
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0AC1
Signing time:             Sat 07 Jun 2025 04:01:45 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:45 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:45 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: 28jw4skB8Dpi8FAdetI4Z92s79tDfxdp794gwngabGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:40:fa:0e:fb:a5:8b:76:7e:3e:3b:18:b7:e0:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Jun  7 04:01:45 2025 GMT
            Not After : Jun  8 04:01:45 2025 GMT
        Subject: CN=695a8f684f73e9d54f36281f89944bfcf2068362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:77:f8:13:2f:6e:8c:f9:26:54:4f:5e:95:e5:
                    96:a3:b4:3e:81:cc:1a:93:06:cf:b2:94:cd:bb:9b:
                    b4:cd:43:ff:bf:96:6e:9e:e3:14:cf:35:b1:27:d4:
                    84:15:cd:38:6a:2a:31:62:24:24:47:2f:86:38:6d:
                    c4:18:9c:23:5d:b1:fb:f2:26:67:6f:02:ec:8f:b2:
                    37:2d:46:1e:c4:f3:28:5a:ba:7f:38:e8:e4:66:77:
                    5c:e5:28:16:76:9e:8b:fc:fc:ba:a5:9d:33:94:df:
                    70:d7:a4:ac:27:aa:34:db:c5:e9:fd:12:a3:13:14:
                    a5:fe:3e:86:81:97:6e:94:00:95:4a:c4:d6:07:45:
                    3d:89:93:bb:a3:dc:d4:38:08:21:ae:ea:33:d9:54:
                    6c:2b:a1:f3:80:f9:77:cc:0a:52:f9:83:94:ae:44:
                    ac:b5:e0:45:1f:13:05:7d:19:82:64:8b:07:84:20:
                    f2:38:14:56:e8:d0:f3:a7:eb:5c:86:d4:fe:9a:71:
                    ac:55:ff:1f:45:61:99:8e:b2:03:b0:2a:fa:80:c6:
                    ab:97:74:32:f4:05:6f:9d:d0:68:4b:86:36:03:6d:
                    a7:af:e7:c0:15:17:32:f6:f2:49:33:3d:87:cb:8f:
                    dd:ef:10:a7:c7:f3:c1:86:04:10:02:7f:74:0f:02:
                    4a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:5A:8F:68:4F:73:E9:D5:4F:36:28:1F:89:94:4B:FC:F2:06:83:62
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:57:fd:78:48:3d:0f:bc:22:93:87:01:1c:e8:9a:26:1f:aa:
         81:6f:76:05:5e:9b:cf:6c:d0:3c:79:18:4e:15:31:ec:ae:9c:
         20:a1:a4:fe:86:16:47:ce:e1:cd:1a:2e:b7:5d:61:1a:df:e2:
         3f:0f:a3:61:1d:37:6b:9a:53:bf:00:17:d1:e4:8f:67:1b:f9:
         89:1f:e9:da:24:ea:70:a5:8e:03:a1:be:55:c2:78:83:db:75:
         ce:85:3b:14:e3:9c:9b:bf:87:3d:63:d5:5f:12:e2:8d:b6:f9:
         98:28:99:17:4c:a4:a5:3b:ea:5a:5c:8a:d2:41:fa:7c:83:1d:
         f5:4a:b8:4e:61:81:3e:a9:02:56:ac:6e:06:b8:35:57:6b:55:
         49:fb:90:15:72:6c:2f:7f:d1:50:ec:d9:15:9f:fb:35:81:20:
         66:02:4f:3c:8f:ee:87:d5:53:56:cd:ee:4d:21:c4:0e:07:83:
         fd:af:43:05:37:39:da:4e:25:ed:74:45:59:48:5b:69:5d:40:
         38:25:e9:85:0e:9a:89:09:7c:55:da:36:2e:4d:54:ca:0e:36:
         6a:75:02:9b:6a:69:42:6d:be:fc:7a:b4:4c:87:f9:45:c2:24:
         0c:70:18:d8:98:e1:e6:cd:6f:ea:d0:a2:b9:ab:5c:52:21:b0:
         f8:87:05:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjUD6Dvuli3Z+PjsYt+A2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjUwNjA3MDQwMTQ1WhcNMjUwNjA4MDQwMTQ1WjAzMTEwLwYDVQQD
Eyg2OTVhOGY2ODRmNzNlOWQ1NGYzNjI4MWY4OTk0NGJmY2YyMDY4MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3f4Ey9ujPkmVE9eleWWo7Q+gcwa
kwbPspTNu5u0zUP/v5ZunuMUzzWxJ9SEFc04aioxYiQkRy+GOG3EGJwjXbH78iZn
bwLsj7I3LUYexPMoWrp/OOjkZndc5SgWdp6L/Py6pZ0zlN9w16SsJ6o028Xp/RKj
ExSl/j6GgZdulACVSsTWB0U9iZO7o9zUOAghruoz2VRsK6HzgPl3zApS+YOUrkSs
teBFHxMFfRmCZIsHhCDyOBRW6NDzp+tchtT+mnGsVf8fRWGZjrIDsCr6gMarl3Qy
9AVvndBoS4Y2A22nr+fAFRcy9vJJMz2Hy4/d7xCnx/PBhgQQAn90DwJKEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlaj2hPc+nVTzYoH4mUS/zyBoNiMB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFf9eEg9
D7wik4cBHOiaJh+qgW92BV6bz2zQPHkYThUx7K6cIKGk/oYWR87hzRout11hGt/i
Pw+jYR03a5pTvwAX0eSPZxv5iR/p2iTqcKWOA6G+VcJ4g9t1zoU7FOOcm7+HPWPV
XxLijbb5mCiZF0ykpTvqWlyK0kH6fIMd9Uq4TmGBPqkCVqxuBrg1V2tVSfuQFXJs
L3/RUOzZFZ/7NYEgZgJPPI/uh9VTVs3uTSHEDgeD/a9DBTc52k4l7XRFWUhbaV1A
OCXphQ6aiQl8Vdo2Lk1Uyg42anUCm2ppQm2+/Hq0TIf5RcIkDHAY2Jjh5s1v6tCi
uatcUiGw+IcFWQ==
-----END CERTIFICATE-----