Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          8QzvnlHZnVfjVEDlDWFuJwb6tIqXhWmM7o5RrVJqRQg=
Subject key identifier:   BA:30:B7:51:6C:CC:88:1A:13:8B:D6:F0:37:96:24:A3:18:E5:23:EB
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       0197B77CD0F38C350998153F77D638B1AC05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          09C2
Signing time:             Sat 28 Jun 2025 17:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:39 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: /USojouOG8X6ImqMtDFOszyack/EYYyaOXYCUEPG3bI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:d0:f3:8c:35:09:98:15:3f:77:d6:38:b1:ac:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Jun 28 17:01:39 2025 GMT
            Not After : Jun 29 17:01:39 2025 GMT
        Subject: CN=ba30b7516ccc881a138bd6f0379624a318e523eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d8:87:cf:01:0f:60:17:1a:f0:a9:9f:c9:97:
                    3b:5f:55:c2:1c:5e:7e:15:41:00:9b:b1:10:d4:14:
                    32:0c:7c:ff:10:5e:94:0b:4c:71:fb:e3:42:0e:cd:
                    fd:36:31:2a:85:0c:3d:08:b7:4e:2a:14:52:31:53:
                    20:48:24:79:63:21:41:54:7a:46:10:c4:17:53:a0:
                    86:24:de:8f:b3:60:8d:a8:22:00:fd:5f:ab:98:ab:
                    2f:59:23:7e:eb:2d:7f:ce:46:9e:c7:1d:e0:5f:54:
                    05:5a:70:75:26:c4:cf:0b:85:49:05:93:37:10:20:
                    ee:1c:b9:f6:81:c8:9a:9d:52:f0:88:23:c0:79:f0:
                    02:0b:fc:4b:9d:65:84:6b:9c:7f:44:f3:44:3a:69:
                    18:37:66:2e:48:a1:a3:ef:90:da:84:2a:3b:d2:d8:
                    d6:be:c4:dd:6e:e1:36:7b:4c:79:87:2b:bf:77:61:
                    e2:48:ff:19:72:21:34:b3:10:73:b7:ef:85:9d:0f:
                    ea:b8:a6:cd:9b:24:d0:b4:83:7e:f0:90:79:33:8b:
                    79:af:1e:67:96:31:12:67:ec:ac:81:84:ff:8a:c3:
                    df:82:3b:1c:bb:a8:f5:ad:8e:ca:a0:cb:a3:9c:37:
                    4a:4f:67:c8:b0:42:51:aa:be:d2:56:3d:e1:cf:1e:
                    4c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:30:B7:51:6C:CC:88:1A:13:8B:D6:F0:37:96:24:A3:18:E5:23:EB
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:5c:b5:f3:6d:9e:c0:2e:fb:59:27:76:ce:17:be:54:40:f8:
         09:02:be:ab:40:43:ee:40:d8:dc:88:f7:5e:c4:c8:65:24:82:
         f2:e4:89:68:da:91:29:e7:c6:ac:07:e7:d0:5f:77:a7:bd:d6:
         48:14:ed:5a:82:b5:08:b3:1b:51:cc:2b:f4:32:c8:ed:69:9b:
         6a:35:2b:9f:64:f7:0e:56:0a:c2:13:f7:6b:35:9b:59:21:46:
         82:de:af:1c:44:9d:c8:68:dc:15:2c:93:8d:5c:80:39:b2:58:
         9f:13:46:e0:9e:a3:59:a4:fd:35:b0:08:76:ea:b8:be:d8:f8:
         0a:ee:23:ff:cc:ee:9f:58:0f:26:25:d6:6c:ac:6f:d9:c9:09:
         fe:e6:28:6e:d8:ef:c9:b7:6a:66:7a:d4:d0:2e:ad:f2:2e:8b:
         44:8d:fa:37:7b:38:d1:f1:3d:18:38:dd:24:c0:0e:af:80:68:
         c7:76:fe:60:2f:a4:cb:63:3a:b4:b4:58:59:19:5d:30:ac:a7:
         0f:45:d9:af:a6:a0:3d:f2:a7:02:39:ee:87:c1:94:c3:76:18:
         0b:bf:7f:75:28:dd:f8:88:b6:66:9f:d6:c1:e1:fc:65:20:db:
         cb:0a:14:ad:b3:2f:b5:29:96:f7:1e:e5:91:6a:c9:86:97:78:
         bf:b1:39:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fNDzjDUJmBU/d9Y4sawFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUwNjI4MTcwMTM5WhcNMjUwNjI5MTcwMTM5WjAzMTEwLwYDVQQD
EyhiYTMwYjc1MTZjY2M4ODFhMTM4YmQ2ZjAzNzk2MjRhMzE4ZTUyM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidiHzwEPYBca8KmfyZc7X1XCHF5+
FUEAm7EQ1BQyDHz/EF6UC0xx++NCDs39NjEqhQw9CLdOKhRSMVMgSCR5YyFBVHpG
EMQXU6CGJN6Ps2CNqCIA/V+rmKsvWSN+6y1/zkaexx3gX1QFWnB1JsTPC4VJBZM3
ECDuHLn2gcianVLwiCPAefACC/xLnWWEa5x/RPNEOmkYN2YuSKGj75DahCo70tjW
vsTdbuE2e0x5hyu/d2HiSP8ZciE0sxBzt++FnQ/quKbNmyTQtIN+8JB5M4t5rx5n
ljESZ+ysgYT/isPfgjscu6j1rY7KoMujnDdKT2fIsEJRqr7SVj3hzx5MIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLowt1FszIgaE4vW8DeWJKMY5SPrMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbVy1822e
wC77WSd2zhe+VED4CQK+q0BD7kDY3Ij3XsTIZSSC8uSJaNqRKefGrAfn0F93p73W
SBTtWoK1CLMbUcwr9DLI7WmbajUrn2T3DlYKwhP3azWbWSFGgt6vHESdyGjcFSyT
jVyAObJYnxNG4J6jWaT9NbAIduq4vtj4Cu4j/8zun1gPJiXWbKxv2ckJ/uYobtjv
ybdqZnrU0C6t8i6LRI36N3s40fE9GDjdJMAOr4Box3b+YC+ky2M6tLRYWRldMKyn
D0XZr6agPfKnAjnuh8GUw3YYC79/dSjd+Ii2Zp/WweH8ZSDbywoUrbMvtSmW9x7l
kWrJhpd4v7E5MA==
-----END CERTIFICATE-----