Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          3klUubC9RR2isRlie8Oj9J2uBIZjqjtUlV0A86V7iEs=
Subject key identifier:   FD:E3:5F:95:37:B8:5F:24:A9:E3:BC:C3:13:E9:51:8F:84:8F:7C:0C
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       0198D66048D3782F6A2498364AF5A37202B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:01:30 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:30 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:30 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: TEgnbjBq6eMRq5NYq9or+ddhzo0nqp50+3flYw+YGAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:48:d3:78:2f:6a:24:98:36:4a:f5:a3:72:02:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Aug 23 10:01:30 2025 GMT
            Not After : Aug 24 10:01:30 2025 GMT
        Subject: CN=fde35f9537b85f24a9e3bcc313e9518f848f7c0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:00:2c:d3:ec:72:75:87:25:cd:85:21:c6:0a:
                    9e:0b:72:fb:87:65:bb:a7:9c:7b:27:7f:14:36:66:
                    18:99:32:f1:62:13:5f:04:ef:f8:65:e1:05:d1:ce:
                    d8:e1:08:fb:98:eb:56:52:47:22:62:06:c8:ab:b0:
                    3a:d4:cd:35:ec:30:43:d5:dd:82:1d:96:d4:af:b8:
                    fa:02:69:45:05:f2:84:3f:08:b1:76:16:68:81:9a:
                    aa:ec:02:b0:36:8e:2c:57:41:4a:cd:c5:85:5d:83:
                    e2:30:b6:b3:fe:c7:72:75:ae:d0:3b:e5:f8:d9:c9:
                    ab:62:14:b7:c7:75:0b:d2:a5:02:bf:2c:25:a3:d2:
                    e9:5d:1d:ce:50:1e:04:c0:23:fb:f2:3d:8a:db:0e:
                    a6:68:ef:10:de:4d:bf:64:d3:06:9a:46:52:ea:9b:
                    d2:b6:b8:7b:d1:c4:8e:33:56:46:4e:30:76:41:87:
                    39:e2:75:65:75:0c:ee:41:5e:a6:1c:ca:f9:64:f4:
                    21:9d:84:e7:b7:43:5f:c6:b3:82:b3:bf:74:8d:af:
                    85:32:1b:49:28:6a:40:2f:18:16:15:2d:cf:78:5a:
                    8a:b2:86:ff:19:21:84:d6:8d:1f:9d:1e:69:82:16:
                    2e:5a:d3:ec:65:30:63:45:65:cf:1f:d8:e1:d2:75:
                    f0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:E3:5F:95:37:B8:5F:24:A9:E3:BC:C3:13:E9:51:8F:84:8F:7C:0C
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:33:43:3c:ee:9f:19:f8:2a:75:d2:c5:06:f2:e6:47:65:37:
         86:31:84:fb:1b:69:67:f7:42:ee:07:ba:43:21:00:91:83:d5:
         a1:d6:e0:d1:ea:0d:b1:b9:65:00:e7:ff:58:d1:39:03:8c:6d:
         c1:24:dd:2d:9c:6f:be:5d:a0:4b:42:63:2e:5f:72:10:83:2a:
         5c:f8:0a:a9:d2:da:75:76:75:ee:c7:a3:77:2b:76:47:ee:5d:
         61:84:c6:64:7b:3c:96:5e:3e:04:6b:c0:b4:2f:9e:15:d8:dc:
         9a:9a:27:32:1b:ce:a2:b5:02:1a:76:57:48:c2:d6:df:61:c9:
         46:12:6c:e8:db:63:75:c0:26:d1:62:6b:4c:5c:94:bc:ca:bd:
         54:25:6b:53:53:b1:c8:a2:99:58:7d:69:cd:1d:55:bc:7a:f3:
         68:c6:1c:18:40:d4:ad:d5:23:97:05:ba:5a:6a:60:65:bb:0d:
         00:fa:c2:2e:91:67:d8:a0:fb:6f:95:04:06:97:4f:00:e3:e5:
         48:ac:c7:e1:7f:85:ed:5e:ce:e3:01:96:03:38:1b:1e:c7:1f:
         bc:c7:e6:3d:5b:16:ae:06:91:ae:f7:3b:81:05:d9:4a:c6:34:
         37:73:6d:5c:4f:13:76:df:ac:6f:95:e9:e2:2e:15:09:9b:1c:
         b8:5c:77:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYEjTeC9qJJg2SvWjcgK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUwODIzMTAwMTMwWhcNMjUwODI0MTAwMTMwWjAzMTEwLwYDVQQD
EyhmZGUzNWY5NTM3Yjg1ZjI0YTllM2JjYzMxM2U5NTE4Zjg0OGY3YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAAs0+xydYclzYUhxgqeC3L7h2W7
p5x7J38UNmYYmTLxYhNfBO/4ZeEF0c7Y4Qj7mOtWUkciYgbIq7A61M017DBD1d2C
HZbUr7j6AmlFBfKEPwixdhZogZqq7AKwNo4sV0FKzcWFXYPiMLaz/sdyda7QO+X4
2cmrYhS3x3UL0qUCvywlo9LpXR3OUB4EwCP78j2K2w6maO8Q3k2/ZNMGmkZS6pvS
trh70cSOM1ZGTjB2QYc54nVldQzuQV6mHMr5ZPQhnYTnt0NfxrOCs790ja+FMhtJ
KGpALxgWFS3PeFqKsob/GSGE1o0fnR5pghYuWtPsZTBjRWXPH9jh0nXwVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3jX5U3uF8kqeO8wxPpUY+Ej3wMMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDNDPO6f
GfgqddLFBvLmR2U3hjGE+xtpZ/dC7ge6QyEAkYPVodbg0eoNsbllAOf/WNE5A4xt
wSTdLZxvvl2gS0JjLl9yEIMqXPgKqdLadXZ17sejdyt2R+5dYYTGZHs8ll4+BGvA
tC+eFdjcmponMhvOorUCGnZXSMLW32HJRhJs6NtjdcAm0WJrTFyUvMq9VCVrU1Ox
yKKZWH1pzR1VvHrzaMYcGEDUrdUjlwW6WmpgZbsNAPrCLpFn2KD7b5UEBpdPAOPl
SKzH4X+F7V7O4wGWAzgbHscfvMfmPVsWrgaRrvc7gQXZSsY0N3NtXE8Tdt+sb5Xp
4i4VCZscuFx3Sg==
-----END CERTIFICATE-----