Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.mft
File:                     IyYoKFK1RzuXS_-ersILA6XyAQ4.mft (raw, json)
Hash identifier:          Do6NAJWA/Uc8G6ByBd7axD498O9ubBmGjgWnHZ2dZlg=
Subject key identifier:   26:F4:E4:8B:F1:31:34:67:1C:24:3E:1A:49:BC:65:47:75:01:26:24
Authority key identifier: 23:26:28:28:52:B5:47:3B:97:4B:FF:9E:AE:C2:0B:03:A5:F2:01:0E
Certificate issuer:       /CN=2326282852b5473b974bff9eaec20b03a5f2010e
Certificate serial:       0196C2A6D03044DF71CE6C86E31FAC36F955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IyYoKFK1RzuXS_-ersILA6XyAQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.mft
Manifest number:          0235
Signing time:             Mon 12 May 2025 04:00:34 +0000
Manifest this update:     Mon 12 May 2025 04:00:34 +0000
Manifest next update:     Tue 13 May 2025 04:00:34 +0000
Files and hashes:         1: IyYoKFK1RzuXS_-ersILA6XyAQ4.crl (hash: 3fiyDMBxq9kug8C9LrbcZP6ND7zkCy8s0/tN255oFPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IyYoKFK1RzuXS_-ersILA6XyAQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:a6:d0:30:44:df:71:ce:6c:86:e3:1f:ac:36:f9:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2326282852b5473b974bff9eaec20b03a5f2010e
        Validity
            Not Before: May 12 04:00:34 2025 GMT
            Not After : May 13 04:00:34 2025 GMT
        Subject: CN=26f4e48bf13134671c243e1a49bc654775012624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7a:83:fa:d7:35:19:7d:cb:ee:c3:35:44:45:
                    83:87:9c:e4:56:eb:93:06:73:e9:bc:4e:79:20:8c:
                    6b:65:ec:e8:c3:4a:96:2a:f0:5b:b1:71:87:37:51:
                    2b:f0:79:42:68:d8:c5:63:7e:ef:f4:f9:cd:52:d7:
                    78:08:4c:82:91:96:1e:68:87:24:1d:b1:27:50:a7:
                    f5:0d:2f:51:ca:2b:68:d3:6d:63:e5:38:b2:92:37:
                    3c:99:2b:15:cc:8a:62:c2:bd:e1:62:0f:a2:a7:ae:
                    68:5f:42:0c:80:3e:d6:e2:56:f0:7b:36:cc:80:40:
                    70:0c:50:3f:25:ff:0f:47:2a:27:37:09:a8:b7:27:
                    a5:a4:b9:c4:6b:22:48:d9:f7:80:b1:47:21:8b:fe:
                    9f:db:39:60:9d:c8:d0:7a:d6:72:46:0a:a9:36:88:
                    94:7d:f7:8e:7e:f3:ac:0d:96:fd:a6:4d:b6:fe:30:
                    b0:fa:26:80:29:55:f1:de:f7:05:46:b1:b8:64:4c:
                    3c:f2:3b:20:53:5f:80:66:42:26:75:44:92:21:dc:
                    d1:49:50:0a:7b:57:7e:11:27:3f:cf:f6:9a:5c:5e:
                    cc:9d:ea:02:cb:87:bb:62:3f:f3:64:3f:1b:38:45:
                    5a:0a:78:a1:dd:83:b7:02:92:fd:c6:91:93:2b:75:
                    42:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F4:E4:8B:F1:31:34:67:1C:24:3E:1A:49:BC:65:47:75:01:26:24
            X509v3 Authority Key Identifier:
                keyid:23:26:28:28:52:B5:47:3B:97:4B:FF:9E:AE:C2:0B:03:A5:F2:01:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyYoKFK1RzuXS_-ersILA6XyAQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8901b4-a821-4fc6-943a-f769e5426d20/1/IyYoKFK1RzuXS_-ersILA6XyAQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:3e:d9:85:ec:b8:f0:a6:ad:5b:97:89:02:99:e6:5e:ed:f5:
         4c:ba:72:cc:4a:c6:6e:71:27:ea:16:79:a9:a2:64:3d:cd:20:
         ac:bb:4c:e2:d9:04:60:1c:4c:e6:49:ff:c8:86:32:77:eb:10:
         74:61:07:94:11:36:20:07:da:ed:dc:43:bb:cd:0b:e6:28:9f:
         59:b2:43:50:91:a5:c5:5f:b7:1e:fa:49:9b:a3:87:b9:c4:10:
         41:c5:16:8f:5d:3f:f8:2a:dd:03:94:f5:03:97:9f:c5:41:d4:
         8a:d2:76:13:06:24:db:4b:92:6b:d4:ac:b6:ef:c2:34:cd:2d:
         00:c3:bc:3f:ae:4b:16:4d:2a:4c:0f:36:dc:c7:58:13:f9:a1:
         e5:1c:2c:c9:98:11:bf:1e:9d:17:91:36:00:c4:77:dd:fb:c7:
         23:4d:c7:12:f6:27:5c:e1:3f:ac:6e:91:11:11:12:20:02:45:
         82:78:88:a8:bf:f3:ea:62:bf:a8:7b:cd:f2:eb:ba:71:bc:5a:
         2f:40:f4:74:30:07:66:e8:a1:f7:06:1d:b1:03:ee:82:6e:1f:
         f0:d6:72:ec:1c:f4:b7:89:ac:a6:5a:a1:e4:ae:cf:57:df:7f:
         4d:5d:e1:b8:7d:88:bb:c2:07:2c:3a:29:78:1b:38:25:63:47:
         ac:5a:54:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCptAwRN9xzmyG4x+sNvlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjYyODI4NTJiNTQ3M2I5NzRiZmY5ZWFlYzIwYjAzYTVm
MjAxMGUwHhcNMjUwNTEyMDQwMDM0WhcNMjUwNTEzMDQwMDM0WjAzMTEwLwYDVQQD
EygyNmY0ZTQ4YmYxMzEzNDY3MWMyNDNlMWE0OWJjNjU0Nzc1MDEyNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43qD+tc1GX3L7sM1REWDh5zkVuuT
BnPpvE55IIxrZezow0qWKvBbsXGHN1Er8HlCaNjFY37v9PnNUtd4CEyCkZYeaIck
HbEnUKf1DS9Ryito021j5Tiykjc8mSsVzIpiwr3hYg+ip65oX0IMgD7W4lbwezbM
gEBwDFA/Jf8PRyonNwmotyelpLnEayJI2feAsUchi/6f2zlgncjQetZyRgqpNoiU
ffeOfvOsDZb9pk22/jCw+iaAKVXx3vcFRrG4ZEw88jsgU1+AZkImdUSSIdzRSVAK
e1d+ESc/z/aaXF7MneoCy4e7Yj/zZD8bOEVaCnih3YO3ApL9xpGTK3VC2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCb05IvxMTRnHCQ+Gkm8ZUd1ASYkMB8GA1UdIwQY
MBaAFCMmKChStUc7l0v/nq7CCwOl8gEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlZb0tGSzFSenVYU18tZXJzSUxBNlh5QVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84OTAxYjQtYTgyMS00ZmM2LTk0M2Et
Zjc2OWU1NDI2ZDIwLzEvSXlZb0tGSzFSenVYU18tZXJzSUxBNlh5QVE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84OTAxYjQtYTgyMS00ZmM2LTk0M2EtZjc2OWU1NDI2ZDIw
LzEvSXlZb0tGSzFSenVYU18tZXJzSUxBNlh5QVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuz7Zhey4
8KatW5eJApnmXu31TLpyzErGbnEn6hZ5qaJkPc0grLtM4tkEYBxM5kn/yIYyd+sQ
dGEHlBE2IAfa7dxDu80L5iifWbJDUJGlxV+3HvpJm6OHucQQQcUWj10/+CrdA5T1
A5efxUHUitJ2EwYk20uSa9Sstu/CNM0tAMO8P65LFk0qTA823MdYE/mh5RwsyZgR
vx6dF5E2AMR33fvHI03HEvYnXOE/rG6RERESIAJFgniIqL/z6mK/qHvN8uu6cbxa
L0D0dDAHZuih9wYdsQPugm4f8NZy7Bz0t4msplqh5K7PV99/TV3huH2Iu8IHLDop
eBs4JWNHrFpU5Q==
-----END CERTIFICATE-----