Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          JgwdaIeIw2V4y/ejAyb5yqLjei+jlugNuBccZszGbws=
Subject key identifier:   A1:F5:AD:E9:AA:92:0E:C4:62:9B:DC:2F:1B:14:8F:C0:06:A1:5F:E7
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       0197B6A0A5E23F92F589F406A0F8BE09155A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0A53
Signing time:             Sat 28 Jun 2025 13:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:10 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: GM9OBBl7LP9Q+/pg/tfqnOq9eNIkeI096JYh7kbisfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:a5:e2:3f:92:f5:89:f4:06:a0:f8:be:09:15:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: Jun 28 13:01:10 2025 GMT
            Not After : Jun 29 13:01:10 2025 GMT
        Subject: CN=a1f5ade9aa920ec4629bdc2f1b148fc006a15fe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f5:50:bf:30:3f:32:bb:7b:44:f8:a3:98:7a:
                    f6:14:00:7e:13:f3:f4:71:b9:d8:6f:5f:69:96:8f:
                    9e:83:b6:ae:41:0a:21:68:b9:8a:3e:77:0d:b6:70:
                    a0:54:9a:d3:47:24:74:0f:f7:04:b6:37:9f:f9:34:
                    0f:bc:f2:62:c3:ab:69:18:7b:6e:21:28:19:92:92:
                    e0:e6:68:27:2a:80:76:1d:21:04:10:59:17:81:b0:
                    e5:23:8b:a6:f7:50:76:28:5f:2d:a2:17:46:f5:1c:
                    4f:e3:44:59:6e:4c:f8:43:d9:4f:a9:d1:be:ed:db:
                    32:42:e1:52:73:11:17:1d:1f:58:7f:d9:27:1b:39:
                    a7:1d:46:b6:58:f8:87:02:a6:ba:b2:d0:4f:fa:e0:
                    93:bd:5c:73:be:90:de:d0:62:83:74:29:1e:ac:c6:
                    6d:09:9a:a1:d1:2b:ad:f4:85:4f:78:e1:2d:a9:2f:
                    2a:01:93:3f:90:1b:de:4c:55:b9:20:68:4e:1d:33:
                    e5:85:2c:3f:39:2e:5a:a0:17:6d:e5:23:fc:2c:2d:
                    9e:47:e4:fa:72:10:ea:9d:37:8d:47:82:51:f1:03:
                    27:50:f4:62:e0:72:7d:07:1c:cc:c1:d4:26:a9:14:
                    ae:09:c7:8b:78:6d:a0:34:50:a3:06:99:e9:98:b3:
                    3d:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F5:AD:E9:AA:92:0E:C4:62:9B:DC:2F:1B:14:8F:C0:06:A1:5F:E7
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:e1:6c:e7:83:13:84:a7:d5:90:f3:de:04:d0:ae:c0:be:e8:
         d4:5e:5c:c4:0b:8b:66:67:74:2f:58:e7:41:af:d5:8b:75:32:
         47:21:69:4c:1c:2f:f1:ca:1e:69:c3:e3:db:a5:6d:4c:18:ad:
         7f:bf:54:e7:fd:c3:9b:a4:ef:c6:86:50:56:af:49:6d:8a:19:
         86:69:3c:d4:10:dc:24:2a:76:40:30:a1:f3:2f:b4:f5:ef:96:
         6c:d1:2c:5f:f5:8e:df:0c:7c:3b:6a:b9:82:f0:e2:80:d9:a3:
         39:04:5f:78:a2:73:48:e5:10:8e:f7:25:d7:9f:32:82:48:67:
         24:04:7f:99:d3:c2:86:e7:05:60:39:0a:3f:f2:be:8b:95:92:
         f2:cf:5e:81:d4:52:74:bd:59:9a:f5:13:a9:52:e7:54:a0:a3:
         c8:fe:71:b8:16:81:da:46:f0:44:15:d0:8b:e0:d6:34:d2:df:
         c2:86:e4:35:49:5b:ef:45:e2:75:74:ea:50:cb:c4:51:1e:b9:
         f7:61:e1:d7:5b:d2:fc:1c:77:8c:68:47:4c:32:90:80:52:fa:
         d7:aa:15:6e:61:08:dc:7a:8b:74:10:a3:a9:66:a5:1d:6e:21:
         94:02:26:3d:12:19:c6:58:03:fb:75:22:d7:c5:13:71:28:ba:
         66:9d:75:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oKXiP5L1ifQGoPi+CRVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjUwNjI4MTMwMTEwWhcNMjUwNjI5MTMwMTEwWjAzMTEwLwYDVQQD
EyhhMWY1YWRlOWFhOTIwZWM0NjI5YmRjMmYxYjE0OGZjMDA2YTE1ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfVQvzA/Mrt7RPijmHr2FAB+E/P0
cbnYb19plo+eg7auQQohaLmKPncNtnCgVJrTRyR0D/cEtjef+TQPvPJiw6tpGHtu
ISgZkpLg5mgnKoB2HSEEEFkXgbDlI4um91B2KF8tohdG9RxP40RZbkz4Q9lPqdG+
7dsyQuFScxEXHR9Yf9knGzmnHUa2WPiHAqa6stBP+uCTvVxzvpDe0GKDdCkerMZt
CZqh0Sut9IVPeOEtqS8qAZM/kBveTFW5IGhOHTPlhSw/OS5aoBdt5SP8LC2eR+T6
chDqnTeNR4JR8QMnUPRi4HJ9BxzMwdQmqRSuCceLeG2gNFCjBpnpmLM9TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKH1remqkg7EYpvcLxsUj8AGoV/nMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuFs54MT
hKfVkPPeBNCuwL7o1F5cxAuLZmd0L1jnQa/Vi3UyRyFpTBwv8coeacPj26VtTBit
f79U5/3Dm6TvxoZQVq9JbYoZhmk81BDcJCp2QDCh8y+09e+WbNEsX/WO3wx8O2q5
gvDigNmjOQRfeKJzSOUQjvcl158ygkhnJAR/mdPChucFYDkKP/K+i5WS8s9egdRS
dL1ZmvUTqVLnVKCjyP5xuBaB2kbwRBXQi+DWNNLfwobkNUlb70XidXTqUMvEUR65
92Hh11vS/Bx3jGhHTDKQgFL616oVbmEI3HqLdBCjqWalHW4hlAImPRIZxlgD+3Ui
18UTcSi6Zp11RA==
-----END CERTIFICATE-----