Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
File:                     DZHf1FaDQonB_QOg_vG1Kl79HZE.mft (raw, json)
Hash identifier:          pW+p5o0lNtXBjr3dwtX19RKXa7+a5rvgpOj5dQ2bE2g=
Subject key identifier:   92:85:42:8E:2F:73:52:A6:1A:AB:51:45:5A:6B:57:BC:43:7A:C9:9A
Authority key identifier: 0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91
Certificate issuer:       /CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
Certificate serial:       0196488ED0E96FA2279F7C0F23E96334BEA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
Manifest number:          0D5F
Signing time:             Fri 18 Apr 2025 11:00:41 +0000
Manifest this update:     Fri 18 Apr 2025 11:00:41 +0000
Manifest next update:     Sat 19 Apr 2025 11:00:41 +0000
Files and hashes:         1: DZHf1FaDQonB_QOg_vG1Kl79HZE.crl (hash: zZKqcf+Jjt5NXsujBDraHi9V+k8Qnpj7NTCSJoDVTLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:48:8e:d0:e9:6f:a2:27:9f:7c:0f:23:e9:63:34:be:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
        Validity
            Not Before: Apr 18 11:00:41 2025 GMT
            Not After : Apr 19 11:00:41 2025 GMT
        Subject: CN=9285428e2f7352a61aab51455a6b57bc437ac99a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e9:d1:2f:d0:4f:ff:23:01:1e:b5:44:f1:ea:
                    58:3a:78:90:0f:e7:33:18:7d:e0:d0:2d:a8:5c:09:
                    6a:75:76:c1:a6:19:1a:2c:bb:72:cf:3e:df:25:7b:
                    db:b0:3d:46:51:0e:68:e1:01:d2:42:3f:1b:ad:db:
                    79:2d:3e:a9:38:44:df:82:b4:7e:14:cc:be:46:c2:
                    2a:88:4e:15:94:53:25:39:af:7b:58:14:99:73:0d:
                    be:6e:80:df:c1:84:9d:6b:bd:9f:74:fe:a5:cc:38:
                    f5:42:48:60:65:f4:c0:1b:84:da:cb:23:ab:4e:99:
                    61:a8:e4:bf:63:88:4e:0e:d3:a3:79:f3:84:68:71:
                    65:e4:06:35:9f:4a:69:50:57:37:93:dc:e2:7c:28:
                    6b:c0:33:61:37:ce:42:2b:86:22:a5:84:7b:e6:af:
                    96:f5:1b:21:17:72:1a:84:60:91:c9:55:d1:1a:d2:
                    fa:2a:88:23:ae:13:62:c8:8d:75:36:f0:e9:28:f0:
                    0d:e3:7f:1b:ff:0c:28:be:0e:94:d3:e0:f4:bf:70:
                    bf:b5:a6:01:af:cc:27:7a:43:0f:95:fe:95:04:68:
                    ff:16:c9:03:31:f5:24:3e:8a:c7:61:3c:ec:6a:b2:
                    88:71:47:38:df:45:27:c3:76:89:e8:1e:1b:fa:84:
                    db:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:85:42:8E:2F:73:52:A6:1A:AB:51:45:5A:6B:57:BC:43:7A:C9:9A
            X509v3 Authority Key Identifier:
                keyid:0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:a9:99:05:40:2d:c7:54:41:a8:de:f7:b7:70:f3:ae:fb:33:
         9d:5e:74:3c:3b:c8:53:f4:3b:47:c2:b4:2d:1b:09:2a:ee:82:
         08:6e:d6:c8:f5:46:d1:8e:7f:de:22:39:62:a1:47:5a:1c:5f:
         22:36:ca:fd:05:86:5d:c5:5b:ee:ba:af:9f:b2:cf:67:46:fe:
         4e:a7:9e:9e:bc:33:69:65:ec:2f:cf:7e:44:07:20:7d:1a:ed:
         7f:dd:6c:2b:ed:dc:f5:26:5a:7b:bb:1d:05:46:43:35:8c:c6:
         d2:77:41:c0:c6:cd:78:1b:bc:12:36:ec:ce:94:0e:ce:64:dc:
         bc:62:f9:30:ed:a0:7a:1a:0f:fc:ab:c3:25:7b:af:db:39:35:
         31:05:1b:ef:aa:48:79:6d:6e:a5:7e:dd:2e:ba:2d:ac:80:c5:
         cb:e3:d3:a6:39:91:5c:de:08:21:ce:11:64:6d:04:b6:7c:07:
         26:5e:87:f6:eb:f8:ba:5f:1e:fb:e3:b6:2e:8e:3b:79:45:49:
         ec:00:7a:08:a7:70:ba:ae:fe:a6:20:aa:ac:ca:47:24:79:56:
         6c:b1:13:c7:11:b4:e7:71:0b:c4:20:66:2c:1c:f0:7c:9f:af:
         d8:bf:c1:98:7b:95:0c:ee:90:6a:4e:73:be:7d:e9:95:3c:4f:
         3f:c4:89:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZIjtDpb6Inn3wPI+ljNL6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTFkZmQ0NTY4MzQyODljMWZkMDNhMGZlZjFiNTJhNWVm
ZDFkOTEwHhcNMjUwNDE4MTEwMDQxWhcNMjUwNDE5MTEwMDQxWjAzMTEwLwYDVQQD
Eyg5Mjg1NDI4ZTJmNzM1MmE2MWFhYjUxNDU1YTZiNTdiYzQzN2FjOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvunRL9BP/yMBHrVE8epYOniQD+cz
GH3g0C2oXAlqdXbBphkaLLtyzz7fJXvbsD1GUQ5o4QHSQj8brdt5LT6pOETfgrR+
FMy+RsIqiE4VlFMlOa97WBSZcw2+boDfwYSda72fdP6lzDj1QkhgZfTAG4TayyOr
TplhqOS/Y4hODtOjefOEaHFl5AY1n0ppUFc3k9zifChrwDNhN85CK4YipYR75q+W
9RshF3IahGCRyVXRGtL6KogjrhNiyI11NvDpKPAN438b/wwovg6U0+D0v3C/taYB
r8wnekMPlf6VBGj/FskDMfUkPorHYTzsarKIcUc430Unw3aJ6B4b+oTbCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKFQo4vc1KmGqtRRVprV7xDesmaMB8GA1UdIwQY
MBaAFA2R39RWg0KJwf0DoP7xtSpe/R2RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDct
OGJjY2UzMDNiOTE5LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDctOGJjY2UzMDNiOTE5
LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKmZBUAt
x1RBqN73t3DzrvsznV50PDvIU/Q7R8K0LRsJKu6CCG7WyPVG0Y5/3iI5YqFHWhxf
IjbK/QWGXcVb7rqvn7LPZ0b+TqeenrwzaWXsL89+RAcgfRrtf91sK+3c9SZae7sd
BUZDNYzG0ndBwMbNeBu8EjbszpQOzmTcvGL5MO2gehoP/KvDJXuv2zk1MQUb76pI
eW1upX7dLrotrIDFy+PTpjmRXN4IIc4RZG0EtnwHJl6H9uv4ul8e++O2Lo47eUVJ
7AB6CKdwuq7+piCqrMpHJHlWbLETxxG053ELxCBmLBzwfJ+v2L/BmHuVDO6Qak5z
vn3plTxPP8SJPA==
-----END CERTIFICATE-----