Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          bkHivkoabIe8oThxtWwvSdkmAYxhDH0BLnZdc1EZVXQ=
Subject key identifier:   CD:DD:33:09:58:0C:F7:A8:9A:62:07:F1:64:C6:D4:84:09:83:E6:D9
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       0196DE1E08616E9587993369062C5EC7824E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0C26
Signing time:             Sat 17 May 2025 12:00:32 +0000
Manifest this update:     Sat 17 May 2025 12:00:32 +0000
Manifest next update:     Sun 18 May 2025 12:00:32 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: 3Mwg+HEHwusEnrpQI2Hwd7kkrSWPZQEBZW/0uL8m3gU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 May 2025 11:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:de:1e:08:61:6e:95:87:99:33:69:06:2c:5e:c7:82:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: May 17 12:00:32 2025 GMT
            Not After : May 18 12:00:32 2025 GMT
        Subject: CN=cddd3309580cf7a89a6207f164c6d4840983e6d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b0:4f:c5:21:c6:65:b4:61:fe:df:cf:c8:85:
                    10:20:d7:34:f1:1b:46:29:dc:49:a8:e6:43:62:d7:
                    50:df:83:51:54:8e:81:9a:fd:1e:64:3d:5f:25:63:
                    e5:88:c0:bc:91:0d:b2:51:85:0d:86:3e:4c:c8:a0:
                    7a:de:31:e2:c0:a8:e9:5e:05:97:bd:97:bf:dc:7e:
                    75:f6:bf:92:28:43:a7:03:2e:61:1e:c3:52:68:82:
                    6b:72:7b:ac:18:5c:27:7f:a0:48:00:71:2c:59:be:
                    9c:17:48:47:9c:51:97:61:8c:f2:6b:93:c0:7e:fe:
                    f2:b2:28:e8:85:6f:1d:9f:b5:59:51:ec:f7:95:10:
                    67:42:54:82:d3:6f:41:64:9d:29:19:ef:c8:86:b6:
                    a5:36:99:a6:2a:1e:03:31:e5:91:98:08:6a:7b:44:
                    f0:09:e9:9c:a5:d1:af:75:3c:b4:72:95:4a:72:2e:
                    78:47:34:5f:6e:e1:e5:24:7c:63:08:48:64:e0:fe:
                    69:ac:42:61:89:4b:ed:e4:3c:51:25:cb:9f:79:9c:
                    3b:8b:b2:7b:e8:c3:0c:97:a5:c6:63:bd:0a:a9:f1:
                    ca:24:17:b2:ed:af:84:da:c6:b2:9b:11:ca:37:82:
                    8a:6c:bc:e2:71:12:c9:d8:4f:12:55:01:27:2c:a6:
                    c9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:DD:33:09:58:0C:F7:A8:9A:62:07:F1:64:C6:D4:84:09:83:E6:D9
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:25:2f:78:7d:48:2e:6c:35:6d:19:f1:7a:88:f8:3a:a5:f4:
         fd:c9:bf:7e:18:db:93:c5:e3:94:57:a5:0c:a5:fe:1d:f2:1a:
         17:27:cf:07:74:f2:89:0d:a0:ab:ed:da:3a:e4:c3:f8:c0:df:
         ef:41:6c:e5:a6:91:92:b0:ea:4f:59:71:a4:12:7f:f5:45:04:
         8c:a1:4d:f8:78:08:ac:00:0f:74:27:13:94:b1:9c:db:6c:d9:
         95:ad:cd:34:2b:4f:0c:d0:a8:25:45:ea:93:b3:29:02:ea:ec:
         26:db:d2:26:52:25:65:1d:02:cc:fb:7e:88:fe:62:13:d4:29:
         4b:92:7e:2c:49:72:39:1c:9a:3b:e1:af:4f:5f:11:7d:f1:00:
         2d:71:2a:54:c5:08:fd:cd:93:f9:87:90:44:c9:b7:c0:58:ac:
         74:b0:8a:58:cf:1a:84:46:43:00:8a:d5:a2:37:bd:5f:6c:69:
         8a:e0:8c:fd:46:5c:75:6b:49:a4:86:05:33:30:ed:d9:27:c5:
         48:b5:ad:9e:f4:90:86:09:bb:c8:77:a2:0d:dd:b3:8c:d7:13:
         74:bc:83:8a:79:b1:25:33:90:6d:1e:55:9f:18:16:c4:7d:81:
         ea:c5:ad:f3:1d:3e:01:9f:56:24:6f:1d:f7:c7:4d:4e:8c:9c:
         82:8a:08:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbeHghhbpWHmTNpBixex4JOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjUwNTE3MTIwMDMyWhcNMjUwNTE4MTIwMDMyWjAzMTEwLwYDVQQD
EyhjZGRkMzMwOTU4MGNmN2E4OWE2MjA3ZjE2NGM2ZDQ4NDA5ODNlNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbBPxSHGZbRh/t/PyIUQINc08RtG
KdxJqOZDYtdQ34NRVI6Bmv0eZD1fJWPliMC8kQ2yUYUNhj5MyKB63jHiwKjpXgWX
vZe/3H519r+SKEOnAy5hHsNSaIJrcnusGFwnf6BIAHEsWb6cF0hHnFGXYYzya5PA
fv7ysijohW8dn7VZUez3lRBnQlSC029BZJ0pGe/IhralNpmmKh4DMeWRmAhqe0Tw
CemcpdGvdTy0cpVKci54RzRfbuHlJHxjCEhk4P5prEJhiUvt5DxRJcufeZw7i7J7
6MMMl6XGY70KqfHKJBey7a+E2saymxHKN4KKbLzicRLJ2E8SVQEnLKbJgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3dMwlYDPeommIH8WTG1IQJg+bZMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHCUveH1I
Lmw1bRnxeoj4OqX0/cm/fhjbk8XjlFelDKX+HfIaFyfPB3TyiQ2gq+3aOuTD+MDf
70Fs5aaRkrDqT1lxpBJ/9UUEjKFN+HgIrAAPdCcTlLGc22zZla3NNCtPDNCoJUXq
k7MpAursJtvSJlIlZR0CzPt+iP5iE9QpS5J+LElyORyaO+GvT18RffEALXEqVMUI
/c2T+YeQRMm3wFisdLCKWM8ahEZDAIrVoje9X2xpiuCM/UZcdWtJpIYFMzDt2SfF
SLWtnvSQhgm7yHeiDd2zjNcTdLyDinmxJTOQbR5VnxgWxH2B6sWt8x0+AZ9WJG8d
98dNToycgooIzQ==
-----END CERTIFICATE-----