Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
File:                     Z42bouOWhCO-_F7tBXGbMABX18s.mft (raw, json)
Hash identifier:          0482CSsP4N1lscpU8oxTOt8sdP+CvGRYT1+frdT36eY=
Subject key identifier:   72:AC:D7:9F:CF:98:6C:8B:7F:C2:E2:94:BB:F3:0C:D5:28:A8:6C:BF
Authority key identifier: 67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
Certificate issuer:       /CN=678d9ba2e3968423befc5eed05719b300057d7cb
Certificate serial:       01974E209A0B9467B976380446C1FEC2B0F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
Manifest number:          0275
Signing time:             Sun 08 Jun 2025 06:00:48 +0000
Manifest this update:     Sun 08 Jun 2025 06:00:48 +0000
Manifest next update:     Mon 09 Jun 2025 06:00:48 +0000
Files and hashes:         1: Z42bouOWhCO-_F7tBXGbMABX18s.crl (hash: rXNGKCd7CkH8/P5wkXnOmw8KdI2cWD9dN1VJnBHLMUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:20:9a:0b:94:67:b9:76:38:04:46:c1:fe:c2:b0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=678d9ba2e3968423befc5eed05719b300057d7cb
        Validity
            Not Before: Jun  8 06:00:48 2025 GMT
            Not After : Jun  9 06:00:48 2025 GMT
        Subject: CN=72acd79fcf986c8b7fc2e294bbf30cd528a86cbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:64:35:c2:0d:37:aa:23:00:f2:df:cb:59:82:
                    23:9f:c6:19:44:d0:4b:c6:56:c8:b1:48:e3:5f:74:
                    ad:be:2f:4a:dd:6a:d0:c5:ba:c4:f6:74:01:bb:49:
                    c9:1d:4d:81:ae:c2:78:03:6f:4e:c9:1a:cf:d8:d7:
                    bf:c8:f3:04:08:78:4e:f8:d8:11:29:9c:a1:ff:c2:
                    f0:78:e2:29:4f:fb:72:23:d9:a5:14:b2:29:22:a9:
                    2a:2a:93:2d:d5:b5:db:89:bc:df:ce:b8:dd:03:5a:
                    2b:d0:db:6e:4d:e6:0f:a2:28:85:10:4e:6d:a6:73:
                    9b:77:28:9d:d6:b5:37:c6:2c:f4:20:1a:30:fd:b2:
                    8c:a2:39:60:79:c6:2d:fa:1c:c5:6b:b4:ec:40:ae:
                    68:1c:7a:cc:f8:ea:fa:7a:93:50:a4:59:4d:c0:a7:
                    ce:56:79:a4:00:7b:37:64:66:fc:41:8c:10:7f:2f:
                    69:96:85:f4:d6:5e:09:b9:46:6e:89:49:a5:19:ef:
                    0a:90:33:6a:ca:a5:ac:e1:a0:0a:c7:e2:d2:5c:ec:
                    f0:fe:73:99:63:e4:7a:0e:ec:fa:12:eb:5b:61:c3:
                    25:bc:a9:95:f5:03:a7:ff:aa:62:37:e6:e6:08:4e:
                    8d:1f:a7:5e:ff:a1:73:9c:45:bc:36:98:f2:18:8a:
                    9e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AC:D7:9F:CF:98:6C:8B:7F:C2:E2:94:BB:F3:0C:D5:28:A8:6C:BF
            X509v3 Authority Key Identifier:
                keyid:67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:03:5f:15:82:40:bb:12:37:a8:b2:ab:fb:ba:c6:2b:dd:45:
         32:20:50:d9:00:71:d8:ad:44:d7:19:c3:d2:c4:bd:db:89:16:
         aa:f2:b5:5e:94:23:b5:87:7b:1c:97:76:0f:94:bc:cc:f1:d0:
         16:6e:b4:c0:e7:73:a7:30:da:c0:2b:78:5f:f7:22:ec:25:0a:
         39:e1:a5:42:07:59:01:f6:ee:1c:0f:1b:f3:37:b0:cb:5e:bc:
         44:b3:8b:d3:6b:c8:33:c5:de:8b:64:7f:1f:45:66:2d:ee:f3:
         af:40:9a:21:00:e6:3c:4f:5b:bd:14:84:db:d5:dc:36:2a:7b:
         73:b3:bc:27:1b:62:db:3a:a3:e6:71:45:c7:f8:df:5f:f1:21:
         1f:63:8a:be:be:97:0e:3e:d5:a0:9b:70:ef:1e:96:44:6b:aa:
         d1:f0:65:c7:68:c0:6d:82:34:25:f7:f5:c6:b8:3d:4a:15:b5:
         cc:bf:ff:82:8f:03:d7:57:8f:21:3f:20:e5:fb:76:58:0b:84:
         3e:f6:28:46:42:2d:ae:ed:f0:de:59:fa:5a:9b:ce:9a:b0:09:
         3a:83:ab:a3:a9:9b:fc:3d:12:44:74:6c:18:37:c4:3b:b1:64:
         0c:2c:88:e8:3f:ea:40:f9:f3:01:d9:d6:3e:7a:1a:22:cf:ae:
         a5:a8:06:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIJoLlGe5djgERsH+wrDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGQ5YmEyZTM5Njg0MjNiZWZjNWVlZDA1NzE5YjMwMDA1
N2Q3Y2IwHhcNMjUwNjA4MDYwMDQ4WhcNMjUwNjA5MDYwMDQ4WjAzMTEwLwYDVQQD
Eyg3MmFjZDc5ZmNmOTg2YzhiN2ZjMmUyOTRiYmYzMGNkNTI4YTg2Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmQ1wg03qiMA8t/LWYIjn8YZRNBL
xlbIsUjjX3Stvi9K3WrQxbrE9nQBu0nJHU2BrsJ4A29OyRrP2Ne/yPMECHhO+NgR
KZyh/8LweOIpT/tyI9mlFLIpIqkqKpMt1bXbibzfzrjdA1or0NtuTeYPoiiFEE5t
pnObdyid1rU3xiz0IBow/bKMojlgecYt+hzFa7TsQK5oHHrM+Or6epNQpFlNwKfO
VnmkAHs3ZGb8QYwQfy9ploX01l4JuUZuiUmlGe8KkDNqyqWs4aAKx+LSXOzw/nOZ
Y+R6Duz6EutbYcMlvKmV9QOn/6piN+bmCE6NH6de/6FznEW8NpjyGIqeIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKs15/PmGyLf8LilLvzDNUoqGy/MB8GA1UdIwQY
MBaAFGeNm6LjloQjvvxe7QVxmzAAV9fLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEt
YzgwYTcyM2QzNGY3LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEtYzgwYTcyM2QzNGY3
LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATQNfFYJA
uxI3qLKr+7rGK91FMiBQ2QBx2K1E1xnD0sS924kWqvK1XpQjtYd7HJd2D5S8zPHQ
Fm60wOdzpzDawCt4X/ci7CUKOeGlQgdZAfbuHA8b8zewy168RLOL02vIM8Xei2R/
H0VmLe7zr0CaIQDmPE9bvRSE29XcNip7c7O8Jxti2zqj5nFFx/jfX/EhH2OKvr6X
Dj7VoJtw7x6WRGuq0fBlx2jAbYI0Jff1xrg9ShW1zL//go8D11ePIT8g5ft2WAuE
PvYoRkItru3w3ln6WpvOmrAJOoOro6mb/D0SRHRsGDfEO7FkDCyI6D/qQPnzAdnW
PnoaIs+upagGTw==
-----END CERTIFICATE-----