Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
File:                     Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft (raw, json)
Hash identifier:          +Oa5cIta2FFQUz+DuqC2hRtkTLe0IPVtcde0LBUU+R0=
Subject key identifier:   D9:C6:39:BB:15:F7:EA:6B:3D:BA:16:45:71:D8:4C:02:9C:F2:5D:8E
Authority key identifier: 67:70:C9:B9:40:57:48:D2:65:48:FD:5F:CA:7A:64:A0:38:D5:81:2D
Certificate issuer:       /CN=6770c9b9405748d26548fd5fca7a64a038d5812d
Certificate serial:       01964E23783C8FB59F09442F7D43CFC80600
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
Manifest number:          103C
Signing time:             Sat 19 Apr 2025 13:01:09 +0000
Manifest this update:     Sat 19 Apr 2025 13:01:09 +0000
Manifest next update:     Sun 20 Apr 2025 13:01:09 +0000
Files and hashes:         1: Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl (hash: 3mECgwKTpHQf8VQC0sUdmciSmHhs1y3o7ZVBJYyiCio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:78:3c:8f:b5:9f:09:44:2f:7d:43:cf:c8:06:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6770c9b9405748d26548fd5fca7a64a038d5812d
        Validity
            Not Before: Apr 19 13:01:09 2025 GMT
            Not After : Apr 20 13:01:09 2025 GMT
        Subject: CN=d9c639bb15f7ea6b3dba164571d84c029cf25d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c1:78:80:c0:27:f8:79:c6:b1:f4:d7:b3:72:
                    96:15:a2:71:0a:0a:ad:ad:3d:60:0e:26:68:7e:8f:
                    91:a2:65:d0:d2:54:68:fe:32:d3:f3:12:e1:53:14:
                    f9:5b:8d:a4:46:e6:36:b9:6d:cc:00:f8:63:21:e0:
                    14:af:e1:b0:8d:95:cd:33:8e:0f:3c:f5:70:b7:36:
                    ec:0f:54:bb:0f:52:66:aa:ac:79:58:e0:26:f3:5b:
                    03:18:2f:a3:6f:b5:1a:4e:31:1d:af:c5:75:63:08:
                    0f:b0:87:dc:96:65:ad:ef:9f:c4:c0:ec:e7:48:98:
                    f7:6a:c5:c8:5d:af:58:44:ee:a4:b0:17:86:2f:9f:
                    1d:5e:01:cf:dc:e7:ce:14:4d:c5:f7:33:75:17:30:
                    99:38:65:72:67:9c:6a:df:8f:07:ef:ff:57:30:5b:
                    ba:6b:a9:3c:37:25:9c:d8:b9:62:2e:fc:56:39:62:
                    2c:bc:20:c3:61:cf:bf:6a:fb:6c:f4:4b:71:f7:63:
                    49:32:97:43:e5:a5:94:30:ed:ce:f8:12:81:1e:52:
                    f0:2e:20:05:6b:ba:22:94:a4:d9:11:82:81:53:0c:
                    3a:97:e4:86:df:da:14:d1:af:f5:12:79:80:49:7a:
                    b1:b7:eb:b2:90:c7:c8:e8:e9:8e:b9:69:3d:9c:7b:
                    e3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:C6:39:BB:15:F7:EA:6B:3D:BA:16:45:71:D8:4C:02:9C:F2:5D:8E
            X509v3 Authority Key Identifier:
                keyid:67:70:C9:B9:40:57:48:D2:65:48:FD:5F:CA:7A:64:A0:38:D5:81:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:35:e9:e2:59:f7:a7:96:c0:c7:ad:f8:ea:f6:00:a3:b5:1f:
         b4:f2:d4:b0:83:64:9b:63:db:01:97:39:9c:8f:f6:04:7a:aa:
         02:40:4c:e8:f8:32:76:8e:c9:16:85:de:b1:92:8c:ae:14:1d:
         6b:b2:ee:11:44:e2:d1:23:d7:88:1c:b5:27:d8:b0:6f:d2:5f:
         a2:3a:27:82:51:72:a7:ff:7d:26:d8:b9:02:ca:83:f9:73:6a:
         23:8a:80:ac:46:9c:b0:ab:fe:b3:b0:90:8e:bc:0c:ff:13:20:
         2f:85:d6:07:9c:8e:f7:79:00:58:76:5a:06:a0:da:e7:6e:d7:
         9e:f8:71:00:00:2a:df:78:0b:11:39:cf:2b:e8:f7:30:7d:e6:
         37:2a:7c:6b:40:c5:ed:97:bc:9b:a9:f2:01:af:56:9c:63:62:
         d2:14:c9:03:e7:e3:41:b2:2d:c8:44:07:bc:07:90:77:c5:ec:
         9a:32:ea:12:fc:e7:13:a3:02:e7:3c:86:d3:11:7a:1f:01:94:
         54:3a:24:cc:09:d2:f5:25:09:68:c3:2a:98:22:42:70:01:45:
         66:39:b4:6f:ab:ae:51:ff:bb:09:ae:59:04:58:38:3b:44:8f:
         f5:24:3f:55:9e:db:25:35:44:6f:30:b6:c8:bd:a5:8f:2d:4e:
         40:ef:96:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOI3g8j7WfCUQvfUPPyAYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzBjOWI5NDA1NzQ4ZDI2NTQ4ZmQ1ZmNhN2E2NGEwMzhk
NTgxMmQwHhcNMjUwNDE5MTMwMTA5WhcNMjUwNDIwMTMwMTA5WjAzMTEwLwYDVQQD
EyhkOWM2MzliYjE1ZjdlYTZiM2RiYTE2NDU3MWQ4NGMwMjljZjI1ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusF4gMAn+HnGsfTXs3KWFaJxCgqt
rT1gDiZofo+RomXQ0lRo/jLT8xLhUxT5W42kRuY2uW3MAPhjIeAUr+GwjZXNM44P
PPVwtzbsD1S7D1Jmqqx5WOAm81sDGC+jb7UaTjEdr8V1YwgPsIfclmWt75/EwOzn
SJj3asXIXa9YRO6ksBeGL58dXgHP3OfOFE3F9zN1FzCZOGVyZ5xq348H7/9XMFu6
a6k8NyWc2LliLvxWOWIsvCDDYc+/avts9Etx92NJMpdD5aWUMO3O+BKBHlLwLiAF
a7oilKTZEYKBUww6l+SG39oU0a/1EnmASXqxt+uykMfI6OmOuWk9nHvj1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnGObsV9+prPboWRXHYTAKc8l2OMB8GA1UdIwQY
MBaAFGdwyblAV0jSZUj9X8p6ZKA41YEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85YTU2YzUtYjI4Yy00M2M5LWE0NjUt
MTQ4ODc4NzZhYTBlLzEvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85YTU2YzUtYjI4Yy00M2M5LWE0NjUtMTQ4ODc4NzZhYTBl
LzEvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjXp4ln3
p5bAx6346vYAo7UftPLUsINkm2PbAZc5nI/2BHqqAkBM6Pgydo7JFoXesZKMrhQd
a7LuEUTi0SPXiBy1J9iwb9JfojonglFyp/99Jti5AsqD+XNqI4qArEacsKv+s7CQ
jrwM/xMgL4XWB5yO93kAWHZaBqDa527XnvhxAAAq33gLETnPK+j3MH3mNyp8a0DF
7Ze8m6nyAa9WnGNi0hTJA+fjQbItyEQHvAeQd8XsmjLqEvznE6MC5zyG0xF6HwGU
VDokzAnS9SUJaMMqmCJCcAFFZjm0b6uuUf+7Ca5ZBFg4O0SP9SQ/VZ7bJTVEbzC2
yL2ljy1OQO+Www==
-----END CERTIFICATE-----