Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          X5+aYDS+COXwJpKGuuIZO3Y58retXj1JS+2Xc/9JPCQ=
Subject key identifier:   00:5E:11:4D:80:42:EC:53:A6:44:C6:03:BB:60:BE:BA:63:48:5F:10
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       0197594914EE606ACF30129094D488334FB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          0E31
Signing time:             Tue 10 Jun 2025 10:00:51 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:51 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:51 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: H3pbi+GjaSDloXwcFEmXgmpFSpaOqE7H6fHSEXa20u4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:49:14:ee:60:6a:cf:30:12:90:94:d4:88:33:4f:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Jun 10 10:00:51 2025 GMT
            Not After : Jun 11 10:00:51 2025 GMT
        Subject: CN=005e114d8042ec53a644c603bb60beba63485f10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:52:ea:4b:9f:83:97:23:21:32:50:3d:38:41:
                    e7:9c:9e:99:d9:86:95:cb:33:e3:67:19:37:a6:10:
                    f1:cf:55:f4:52:a1:1d:c4:a4:f2:ae:77:ef:5e:35:
                    69:64:f2:26:99:14:84:18:d1:b3:7f:74:68:be:89:
                    b5:54:75:5d:82:ac:7b:a3:99:1d:75:72:c1:ee:05:
                    ea:6f:b3:47:1b:fb:1c:30:5f:b4:ee:60:4e:97:02:
                    7d:f7:80:10:44:fc:cf:32:81:34:47:e2:d0:1d:bc:
                    df:4e:b9:32:93:60:9e:51:31:8c:43:9e:e3:a3:0e:
                    58:ba:5c:c3:19:03:18:84:26:df:4f:58:08:c0:29:
                    a4:2e:10:6d:df:6d:b2:95:d0:47:2c:01:79:19:43:
                    95:7a:38:ca:d6:68:9d:a3:96:f8:8e:51:10:db:f7:
                    e0:37:51:5c:7f:79:7e:3c:a5:7a:ce:50:52:20:ac:
                    70:36:f5:09:f4:7f:04:e7:cb:ff:2f:83:d4:93:7e:
                    92:53:89:7d:a5:12:1f:b0:1f:9e:22:71:02:9d:52:
                    22:58:09:f1:b8:e5:ea:bc:59:b6:72:6d:18:de:49:
                    ce:21:42:bb:39:e5:b6:5d:11:61:11:31:f5:10:f0:
                    0c:55:56:17:c9:8e:18:04:e7:b1:07:10:43:8d:29:
                    c8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:5E:11:4D:80:42:EC:53:A6:44:C6:03:BB:60:BE:BA:63:48:5F:10
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:bc:76:83:4c:66:29:99:44:58:91:87:23:26:75:ba:d9:fc:
         ae:ce:b9:3e:f2:f0:a4:ba:9b:89:63:ab:6f:37:02:98:19:15:
         d1:e6:7a:ef:c9:ac:d9:dc:58:93:36:c9:4f:58:58:f4:63:f0:
         b8:f3:d6:50:1c:17:d6:54:81:3c:0c:44:a7:5f:60:7a:cc:5c:
         fe:9a:3d:6d:02:87:6d:d4:c4:94:d0:7c:25:14:2b:7a:a2:27:
         a3:7c:48:26:89:d5:a7:56:93:37:56:6c:05:14:a3:54:55:91:
         0d:08:f7:f0:c1:8e:9d:6a:b1:d0:6b:ad:5c:7f:2d:80:80:dd:
         57:d3:87:f2:5b:d5:67:e9:6d:ee:7b:6a:9b:9f:c3:67:f2:88:
         78:4e:83:3b:18:e1:3c:fc:b8:26:0f:27:19:32:a9:2d:c9:d0:
         86:16:b7:06:d8:9b:0e:ab:79:d7:a7:da:67:f7:81:dd:34:5a:
         25:ab:37:0d:d4:ce:b5:d8:95:97:97:eb:a8:8d:28:8f:34:6c:
         65:cb:21:6c:6e:f9:02:f7:cf:1c:8a:f7:40:1d:b3:0b:58:cb:
         75:75:e5:4c:ff:7e:5a:fe:14:52:6c:8b:de:d8:80:46:78:9c:
         bd:f8:92:71:96:57:d5:c3:7c:d7:10:ba:01:8f:70:fb:90:5f:
         7e:8d:0c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSRTuYGrPMBKQlNSIM0+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjUwNjEwMTAwMDUxWhcNMjUwNjExMTAwMDUxWjAzMTEwLwYDVQQD
EygwMDVlMTE0ZDgwNDJlYzUzYTY0NGM2MDNiYjYwYmViYTYzNDg1ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVLqS5+DlyMhMlA9OEHnnJ6Z2YaV
yzPjZxk3phDxz1X0UqEdxKTyrnfvXjVpZPImmRSEGNGzf3Rovom1VHVdgqx7o5kd
dXLB7gXqb7NHG/scMF+07mBOlwJ994AQRPzPMoE0R+LQHbzfTrkyk2CeUTGMQ57j
ow5YulzDGQMYhCbfT1gIwCmkLhBt322yldBHLAF5GUOVejjK1mido5b4jlEQ2/fg
N1Fcf3l+PKV6zlBSIKxwNvUJ9H8E58v/L4PUk36SU4l9pRIfsB+eInECnVIiWAnx
uOXqvFm2cm0Y3knOIUK7OeW2XRFhETH1EPAMVVYXyY4YBOexBxBDjSnIYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABeEU2AQuxTpkTGA7tgvrpjSF8QMB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC7x2g0xm
KZlEWJGHIyZ1utn8rs65PvLwpLqbiWOrbzcCmBkV0eZ678ms2dxYkzbJT1hY9GPw
uPPWUBwX1lSBPAxEp19gesxc/po9bQKHbdTElNB8JRQreqIno3xIJonVp1aTN1Zs
BRSjVFWRDQj38MGOnWqx0GutXH8tgIDdV9OH8lvVZ+lt7ntqm5/DZ/KIeE6DOxjh
PPy4Jg8nGTKpLcnQhha3BtibDqt516faZ/eB3TRaJas3DdTOtdiVl5frqI0ojzRs
ZcshbG75AvfPHIr3QB2zC1jLdXXlTP9+Wv4UUmyL3tiARnicvfiScZZX1cN81xC6
AY9w+5Bffo0MEw==
-----END CERTIFICATE-----