Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          QbM5C1QEFOnZaKh5ZVpSWSppHnsK3XCQIeC9K32Rs8U=
Subject key identifier:   AC:74:82:B9:61:0A:99:AF:84:0C:31:FC:49:34:74:8C:96:A3:B8:FE
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       01976D3E93027A3698ACD18D93F1CB6EA67D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 07:01:46 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:46 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:46 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: 9mzmnfcXlzGmL+ZdGpBNJInNTYH+nLczeEH8A+EAb2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:93:02:7a:36:98:ac:d1:8d:93:f1:cb:6e:a6:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Jun 14 07:01:46 2025 GMT
            Not After : Jun 15 07:01:46 2025 GMT
        Subject: CN=ac7482b9610a99af840c31fc4934748c96a3b8fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:73:ba:0e:26:fc:41:cd:52:46:58:f4:5a:81:
                    b1:ac:90:ce:a8:ba:b6:b4:83:ea:29:d7:2b:47:1a:
                    63:9d:e5:ed:11:3f:d2:e9:d4:da:e2:fa:4c:55:76:
                    19:f0:be:fc:25:f3:fb:3f:01:e9:39:50:58:be:60:
                    b7:5e:ea:ba:5b:99:11:0a:4d:d9:d7:d2:15:07:73:
                    98:da:ad:b2:19:53:6b:7e:40:e9:ee:d1:c0:45:d4:
                    de:cb:85:64:10:7a:ef:42:47:c3:b2:7f:d5:d8:b3:
                    c3:4f:24:e4:1c:e5:59:78:4e:59:04:4f:cc:e6:92:
                    7c:ab:eb:ff:1b:e0:ec:8e:4b:08:90:ba:43:71:fa:
                    91:de:11:7b:ba:3c:93:86:34:b4:d0:53:6f:35:f9:
                    0a:48:1d:e5:77:41:82:42:4b:88:6c:46:47:21:7e:
                    1a:4b:a6:f9:d9:25:b0:c1:97:9b:2c:2e:ab:89:fa:
                    c1:b0:35:48:05:46:df:37:77:a4:d7:16:d3:df:b0:
                    08:95:12:7e:74:28:a5:22:ec:e5:2c:5d:75:e8:e9:
                    d0:8a:e9:7f:77:64:3b:19:f3:3c:af:fe:7f:28:f7:
                    82:42:ef:2b:d3:59:c5:81:fc:ea:6d:04:06:f3:69:
                    cf:82:75:05:0f:ef:e9:37:71:f5:06:2d:e5:e7:28:
                    1d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:74:82:B9:61:0A:99:AF:84:0C:31:FC:49:34:74:8C:96:A3:B8:FE
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:13:9a:f1:96:5a:15:11:19:19:17:87:fd:85:2a:f0:a3:c7:
         4d:b3:56:06:04:8c:2e:42:a0:9a:0a:96:fd:b7:3b:48:07:9f:
         4f:b1:6a:f2:53:a7:50:7c:d6:3f:fb:dd:88:4c:9f:60:aa:3b:
         d8:19:52:9e:8b:61:65:f1:df:a9:9a:60:79:b9:da:26:3e:be:
         e3:1b:b7:ba:d8:74:6d:4c:a5:a6:bc:16:81:97:27:dd:ab:3a:
         a9:ac:52:5d:22:eb:33:6b:19:2f:35:07:a8:5d:49:df:0b:74:
         16:04:07:bf:02:d3:d4:8a:60:12:51:71:be:45:29:0e:a0:8e:
         7d:1b:fe:f3:6d:bc:dd:14:fd:24:5e:e3:a0:46:27:c3:c4:6d:
         92:17:bc:fe:73:e2:8e:56:02:b6:a6:85:44:2c:56:01:11:83:
         14:5e:6b:b9:df:59:ab:12:be:29:7a:a8:16:17:78:7b:62:5e:
         92:21:b9:79:36:0c:47:48:ba:c7:b3:3d:1e:aa:44:a7:31:bb:
         78:34:2b:38:ac:6a:42:e1:fe:0d:75:6e:fc:5c:92:15:45:21:
         a5:a1:5a:c8:33:7e:8f:d6:98:33:a0:d7:97:72:dc:69:17:a1:
         13:af:28:73:7c:1f:18:72:30:4a:49:b0:18:d9:26:13:fc:e7:
         3a:e6:bd:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPpMCejaYrNGNk/HLbqZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUwNjE0MDcwMTQ2WhcNMjUwNjE1MDcwMTQ2WjAzMTEwLwYDVQQD
EyhhYzc0ODJiOTYxMGE5OWFmODQwYzMxZmM0OTM0NzQ4Yzk2YTNiOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHO6Dib8Qc1SRlj0WoGxrJDOqLq2
tIPqKdcrRxpjneXtET/S6dTa4vpMVXYZ8L78JfP7PwHpOVBYvmC3Xuq6W5kRCk3Z
19IVB3OY2q2yGVNrfkDp7tHARdTey4VkEHrvQkfDsn/V2LPDTyTkHOVZeE5ZBE/M
5pJ8q+v/G+DsjksIkLpDcfqR3hF7ujyThjS00FNvNfkKSB3ld0GCQkuIbEZHIX4a
S6b52SWwwZebLC6rifrBsDVIBUbfN3ek1xbT37AIlRJ+dCilIuzlLF116OnQiul/
d2Q7GfM8r/5/KPeCQu8r01nFgfzqbQQG82nPgnUFD+/pN3H1Bi3l5ygdgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKx0grlhCpmvhAwx/Ek0dIyWo7j+MB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxOa8ZZa
FREZGReH/YUq8KPHTbNWBgSMLkKgmgqW/bc7SAefT7Fq8lOnUHzWP/vdiEyfYKo7
2BlSnothZfHfqZpgebnaJj6+4xu3uth0bUylprwWgZcn3as6qaxSXSLrM2sZLzUH
qF1J3wt0FgQHvwLT1IpgElFxvkUpDqCOfRv+82283RT9JF7joEYnw8Rtkhe8/nPi
jlYCtqaFRCxWARGDFF5rud9ZqxK+KXqoFhd4e2JekiG5eTYMR0i6x7M9HqpEpzG7
eDQrOKxqQuH+DXVu/FySFUUhpaFayDN+j9aYM6DXl3LcaRehE68oc3wfGHIwSkmw
GNkmE/znOua9og==
-----END CERTIFICATE-----