Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
File:                     rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json)
Hash identifier:          w0jHJXogbpS0IBqAzz57Z4CkQHw0ftTkBn67aP6SDHY=
Subject key identifier:   67:B7:BA:DE:2F:89:3B:1B:C6:56:35:0C:B1:96:19:EA:F0:A9:93:5C
Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
Certificate issuer:       /CN=af3465437669ce586261a066cc4ad1ea464eb663
Certificate serial:       01974E581CE6FFD646831C1F615BB923C090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
Manifest number:          0E2E
Signing time:             Sun 08 Jun 2025 07:01:26 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:26 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:26 +0000
Files and hashes:         1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: BUMMFeSpYR5LZQ9OBYZQmxuCTHNCqZ1ZIl1D0TYaOvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:58:1c:e6:ff:d6:46:83:1c:1f:61:5b:b9:23:c0:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663
        Validity
            Not Before: Jun  8 07:01:26 2025 GMT
            Not After : Jun  9 07:01:26 2025 GMT
        Subject: CN=67b7bade2f893b1bc656350cb19619eaf0a9935c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fd:22:38:20:70:14:b2:7a:76:ca:6c:ae:67:
                    99:8a:11:c3:ed:47:c2:43:70:d6:2c:33:bb:aa:fb:
                    b2:08:eb:27:24:98:79:a4:86:29:f3:e6:90:5a:46:
                    43:df:d2:fe:61:25:7b:d8:3a:56:d2:43:78:ee:4e:
                    7b:5d:c1:c8:9b:e1:ec:f9:b7:7f:1d:95:06:e7:31:
                    57:16:48:89:52:93:7e:6a:93:cf:d9:28:51:84:08:
                    d1:ec:ee:0a:16:ab:23:4d:95:f2:10:c7:42:b6:2e:
                    dc:e1:b2:18:cb:ab:b9:1d:8c:29:38:e0:f1:62:67:
                    fe:6a:78:fa:ad:c8:be:c7:0d:cb:fa:8d:73:29:8b:
                    2e:63:a6:8d:d5:82:28:e1:d8:80:52:71:62:c4:a1:
                    f0:31:24:19:90:b8:47:01:6f:c3:78:b8:2e:42:6e:
                    45:5f:d2:89:ee:7a:a8:7d:3d:72:d7:ba:70:a2:b5:
                    b8:8d:44:7e:2d:00:95:e6:78:be:39:b5:08:1a:09:
                    99:f5:9e:95:89:de:2a:b7:8d:10:32:09:9a:65:d9:
                    c3:71:28:ae:2b:5b:cd:b1:60:5e:7b:9e:3b:7d:4c:
                    7d:f2:0e:14:31:da:55:15:60:83:3d:f8:d1:e4:de:
                    ad:45:99:8b:6a:a0:7d:43:05:4b:59:ea:b2:46:b9:
                    1c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:B7:BA:DE:2F:89:3B:1B:C6:56:35:0C:B1:96:19:EA:F0:A9:93:5C
            X509v3 Authority Key Identifier:
                keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:ec:31:eb:33:76:76:43:d7:e4:54:97:5c:f7:86:80:55:d5:
         1a:95:9c:19:de:88:81:54:b3:ad:04:35:65:15:a9:87:2d:c8:
         35:78:e9:49:ba:ad:8e:82:29:bd:bc:3d:bf:80:09:96:ed:d3:
         2f:f6:53:cb:e5:04:6d:c8:ae:e9:4e:37:6b:6c:91:bb:8c:cc:
         ed:54:13:ea:98:d5:b2:fe:ae:0f:f9:4e:73:d0:c9:2a:74:5e:
         87:1d:07:5a:e5:a3:b3:6a:b6:64:00:67:03:be:61:fc:18:36:
         1f:63:ee:fd:45:8f:a4:97:6c:e5:1d:f3:10:da:a4:69:c0:b4:
         88:e3:e1:54:55:bc:65:9e:1b:81:96:d2:97:a2:b9:4b:72:97:
         29:50:26:df:5c:a7:5a:8e:bd:63:49:7b:54:55:de:e2:6e:1e:
         ac:12:9a:ee:86:3c:b1:e6:c4:76:8b:d8:85:3f:9c:23:84:7c:
         86:2f:ac:51:91:9c:dc:10:86:14:15:da:9c:0d:57:62:32:d1:
         dd:00:5e:b8:46:b8:87:c2:2e:6b:b4:38:15:71:42:ed:86:99:
         69:68:60:0a:13:e5:73:a4:30:84:17:c6:a7:07:06:59:ad:6b:
         2a:30:d8:0c:78:31:7a:14:c0:4f:5a:9f:b4:3d:fb:42:d3:b9:
         56:d0:7b:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOWBzm/9ZGgxwfYVu5I8CQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0
ZWI2NjMwHhcNMjUwNjA4MDcwMTI2WhcNMjUwNjA5MDcwMTI2WjAzMTEwLwYDVQQD
Eyg2N2I3YmFkZTJmODkzYjFiYzY1NjM1MGNiMTk2MTllYWYwYTk5MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof0iOCBwFLJ6dspsrmeZihHD7UfC
Q3DWLDO7qvuyCOsnJJh5pIYp8+aQWkZD39L+YSV72DpW0kN47k57XcHIm+Hs+bd/
HZUG5zFXFkiJUpN+apPP2ShRhAjR7O4KFqsjTZXyEMdCti7c4bIYy6u5HYwpOODx
Ymf+anj6rci+xw3L+o1zKYsuY6aN1YIo4diAUnFixKHwMSQZkLhHAW/DeLguQm5F
X9KJ7nqofT1y17pworW4jUR+LQCV5ni+ObUIGgmZ9Z6Vid4qt40QMgmaZdnDcSiu
K1vNsWBee547fUx98g4UMdpVFWCDPfjR5N6tRZmLaqB9QwVLWeqyRrkcUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGe3ut4viTsbxlY1DLGWGerwqZNcMB8GA1UdIwQY
MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt
NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz
LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATewx6zN2
dkPX5FSXXPeGgFXVGpWcGd6IgVSzrQQ1ZRWphy3INXjpSbqtjoIpvbw9v4AJlu3T
L/ZTy+UEbciu6U43a2yRu4zM7VQT6pjVsv6uD/lOc9DJKnRehx0HWuWjs2q2ZABn
A75h/Bg2H2Pu/UWPpJds5R3zENqkacC0iOPhVFW8ZZ4bgZbSl6K5S3KXKVAm31yn
Wo69Y0l7VFXe4m4erBKa7oY8sebEdovYhT+cI4R8hi+sUZGc3BCGFBXanA1XYjLR
3QBeuEa4h8Iua7Q4FXFC7YaZaWhgChPlc6QwhBfGpwcGWa1rKjDYDHgxehTAT1qf
tD37QtO5VtB7pA==
-----END CERTIFICATE-----