Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          MNlJmGmct0RZetQlTgOZ+lWNfIlKZwYtfWTR2SMmKQg=
Subject key identifier:   2A:EC:D4:7F:B1:D3:D5:89:74:70:E5:48:B6:4F:FA:68:C3:EC:3E:35
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       0198D65F9498BEA764C6FD179D53453D72FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:00:44 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:44 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:44 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: VK1x98hN+fUQUiX//63CHug1s/PB6RbWTKr0+8vj0rs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:94:98:be:a7:64:c6:fd:17:9d:53:45:3d:72:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Aug 23 10:00:44 2025 GMT
            Not After : Aug 24 10:00:44 2025 GMT
        Subject: CN=2aecd47fb1d3d5897470e548b64ffa68c3ec3e35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a7:1d:1b:8d:2c:05:c9:b5:13:da:4c:00:50:
                    e5:d6:a1:30:e4:8b:f3:f0:0d:66:21:ad:47:5e:bb:
                    6d:9c:53:71:c5:c7:e7:28:dd:a9:fd:9b:f8:8b:50:
                    8d:ce:51:23:a4:e9:25:3a:74:bd:cf:60:ca:ba:f3:
                    69:9d:eb:70:c5:f8:fa:44:bf:e3:cf:a7:34:0d:62:
                    f5:48:ac:36:28:f9:cb:24:60:d8:c5:63:e1:d1:2d:
                    25:87:73:97:7b:41:6a:f7:a2:96:62:33:32:79:2d:
                    0a:8b:45:2b:fc:51:98:e7:5f:54:18:74:c8:de:c8:
                    1e:6c:b2:4b:82:4f:e6:41:a3:ef:f0:cd:2e:f5:0b:
                    4a:90:97:66:a5:d9:d3:91:b5:51:36:5a:cc:61:f5:
                    03:3a:9a:eb:b8:92:32:8c:36:7e:44:d0:ac:d5:8c:
                    86:a4:43:17:ab:bf:2f:4c:7e:2b:12:d2:a2:68:4a:
                    b4:78:d4:77:8c:56:4d:26:07:68:5d:18:e9:aa:b5:
                    83:63:a0:fa:92:33:54:4e:2a:79:49:b9:fc:21:80:
                    e9:ce:08:7a:73:22:38:2a:a0:6b:8b:3a:26:e8:01:
                    11:49:7e:9b:b9:14:5f:5d:7e:d0:bb:56:4f:51:ca:
                    8e:01:1a:32:ef:5d:33:1a:83:66:25:85:6b:99:cc:
                    49:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EC:D4:7F:B1:D3:D5:89:74:70:E5:48:B6:4F:FA:68:C3:EC:3E:35
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:19:c8:5f:e4:14:04:59:8f:41:24:e4:f8:91:38:2a:9a:b0:
         f0:c1:86:20:d9:fa:4b:f0:ec:5c:89:35:38:2d:ea:b2:7f:64:
         fc:e5:06:6f:ca:4e:87:a2:fe:6b:20:6e:41:17:fd:7c:18:52:
         79:21:5a:1d:6e:99:8b:1b:93:5c:36:37:0b:d4:1b:4d:34:c9:
         ca:b3:d3:37:e3:0b:29:35:37:fc:ba:42:ef:25:23:ad:f3:cc:
         5d:7f:03:e9:ed:47:74:e9:01:c7:bd:25:a9:3b:a7:2d:e0:a7:
         c8:47:a3:ba:92:7b:62:f2:ba:e8:df:e1:e0:83:63:a0:6b:90:
         1f:b2:65:72:9b:21:ad:cd:0f:ee:22:80:1b:09:55:38:b4:39:
         3d:ff:b8:da:0d:e1:c5:2b:fb:f4:f9:78:e3:bc:0e:89:a4:43:
         e6:a0:40:d1:a5:2b:5b:bc:11:b8:d0:fe:b7:f8:50:f6:30:47:
         d2:0d:c2:1c:9e:29:58:40:7d:fd:47:50:ef:6c:a5:d1:2a:14:
         38:6f:77:a2:7b:36:94:b8:5a:da:6b:51:2a:76:8d:38:75:e7:
         f3:5a:a3:ff:c3:89:53:ef:2a:a5:65:5b:7a:3a:25:f1:40:f7:
         01:7b:42:90:0f:45:c9:dd:47:96:ab:62:6a:20:1f:c1:a8:89:
         a9:6d:4c:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX5SYvqdkxv0XnVNFPXL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwODIzMTAwMDQ0WhcNMjUwODI0MTAwMDQ0WjAzMTEwLwYDVQQD
EygyYWVjZDQ3ZmIxZDNkNTg5NzQ3MGU1NDhiNjRmZmE2OGMzZWMzZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6cdG40sBcm1E9pMAFDl1qEw5Ivz
8A1mIa1HXrttnFNxxcfnKN2p/Zv4i1CNzlEjpOklOnS9z2DKuvNpnetwxfj6RL/j
z6c0DWL1SKw2KPnLJGDYxWPh0S0lh3OXe0Fq96KWYjMyeS0Ki0Ur/FGY519UGHTI
3sgebLJLgk/mQaPv8M0u9QtKkJdmpdnTkbVRNlrMYfUDOprruJIyjDZ+RNCs1YyG
pEMXq78vTH4rEtKiaEq0eNR3jFZNJgdoXRjpqrWDY6D6kjNUTip5Sbn8IYDpzgh6
cyI4KqBrizom6AERSX6buRRfXX7Qu1ZPUcqOARoy710zGoNmJYVrmcxJOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrs1H+x09WJdHDlSLZP+mjD7D41MB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJBnIX+QU
BFmPQSTk+JE4Kpqw8MGGINn6S/DsXIk1OC3qsn9k/OUGb8pOh6L+ayBuQRf9fBhS
eSFaHW6ZixuTXDY3C9QbTTTJyrPTN+MLKTU3/LpC7yUjrfPMXX8D6e1HdOkBx70l
qTunLeCnyEejupJ7YvK66N/h4INjoGuQH7Jlcpshrc0P7iKAGwlVOLQ5Pf+42g3h
xSv79Pl447wOiaRD5qBA0aUrW7wRuND+t/hQ9jBH0g3CHJ4pWEB9/UdQ72yl0SoU
OG93ons2lLha2mtRKnaNOHXn81qj/8OJU+8qpWVbejol8UD3AXtCkA9Fyd1Hlqti
aiAfwaiJqW1M8w==
-----END CERTIFICATE-----