Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
File:                     rRIanMsoPqIejQoHCi4LakDph30.mft (raw, json)
Hash identifier:          W1Mj6CqlqSm3jxhkmllgT4SZaYesN0M68cb3viR1/wQ=
Subject key identifier:   CD:C2:62:F5:ED:0D:24:0F:24:E0:82:98:81:5B:CD:A4:93:D1:A1:46
Authority key identifier: AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D
Certificate issuer:       /CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
Certificate serial:       01976F2BE473811F276EFF281E3EEF596B10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 16:00:36 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:36 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:36 +0000
Files and hashes:         1: rRIanMsoPqIejQoHCi4LakDph30.crl (hash: g6cnaJNhy8ufOgC8qUEBdNZzouEgaPkxH+6ioSdsjOc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:e4:73:81:1f:27:6e:ff:28:1e:3e:ef:59:6b:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
        Validity
            Not Before: Jun 14 16:00:36 2025 GMT
            Not After : Jun 15 16:00:36 2025 GMT
        Subject: CN=cdc262f5ed0d240f24e08298815bcda493d1a146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:91:ef:af:58:0d:44:49:3c:40:0b:be:13:cc:
                    7f:9b:f1:51:aa:f3:2c:74:8d:c6:d7:27:30:56:cb:
                    27:08:bf:e1:9b:d1:79:5e:60:99:56:7f:d9:e4:17:
                    64:35:60:bd:8c:c0:08:54:f3:28:77:13:dc:3f:a0:
                    ab:50:7b:eb:0e:8c:c7:71:2f:73:6b:a5:04:38:90:
                    15:5f:e2:6e:9b:0c:cd:52:6a:1c:5e:18:d5:49:47:
                    46:a3:12:a8:6e:df:01:bf:cb:48:5d:3e:50:93:2d:
                    fd:de:69:95:b6:2b:71:49:66:7e:85:48:c6:52:0f:
                    a0:3a:69:9f:38:71:de:b0:cf:73:ee:87:32:b8:99:
                    27:f4:33:58:6d:db:64:60:dc:fb:d5:28:bb:85:28:
                    6e:eb:9e:0c:8d:da:14:8c:4d:c6:a0:5b:46:86:7f:
                    ab:31:e7:17:04:25:14:a8:7a:f3:b6:bc:71:ce:39:
                    85:76:27:01:7f:58:b1:d0:48:df:c1:01:8b:e3:1a:
                    4a:92:bf:c6:6f:f6:1d:8e:85:ea:57:99:b7:5c:a8:
                    31:80:9f:93:df:0c:1c:ab:8a:93:a8:cd:f0:df:89:
                    91:14:37:ef:5d:f9:5b:82:a4:b0:c4:09:92:8e:72:
                    16:6e:33:ef:ab:91:b5:93:9d:e5:c1:26:e7:e1:47:
                    23:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:C2:62:F5:ED:0D:24:0F:24:E0:82:98:81:5B:CD:A4:93:D1:A1:46
            X509v3 Authority Key Identifier:
                keyid:AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:0b:79:d9:b5:3a:4c:d8:cf:04:b6:fc:e3:61:8e:f0:21:fb:
         97:83:dd:41:60:73:72:bb:c9:eb:62:58:e4:8e:0c:71:a3:1e:
         60:eb:d0:9b:b4:c8:6e:ea:79:e4:36:98:24:21:2d:a1:e9:33:
         46:17:30:35:68:fc:2d:a2:6f:bf:0c:d2:e0:cf:ce:b6:90:48:
         e7:8c:73:3b:f7:c0:9a:b7:d2:c7:18:ee:2b:99:97:65:d8:bf:
         c9:e6:d5:9d:42:36:6d:08:57:0f:ff:89:66:88:11:6c:c1:b3:
         8f:7c:24:4d:f4:1a:fc:c7:2b:90:dc:c3:a2:24:58:cf:4d:6c:
         ca:97:7e:52:98:d1:e1:d1:aa:9b:8a:c1:20:46:52:34:9a:c6:
         45:22:6c:bc:3f:54:92:d1:51:f2:df:1c:e0:fd:76:d7:51:ff:
         ac:e9:11:86:a7:ba:b5:e4:66:a0:ab:09:33:e6:db:87:d2:ef:
         67:ed:bc:13:80:5b:db:95:53:92:cc:7b:88:fe:6b:dd:ed:4d:
         4e:03:dd:e0:b1:d9:03:e8:6e:ae:e7:70:5a:bb:45:e4:90:3f:
         3c:3d:1f:4b:51:28:ff:28:92:b6:03:74:86:b2:e7:61:53:2d:
         11:2d:82:3b:6f:cf:b7:54:00:d2:b8:e9:c4:0b:46:79:25:61:
         03:1c:ed:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK+RzgR8nbv8oHj7vWWsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTIxYTljY2IyODNlYTIxZThkMGEwNzBhMmUwYjZhNDBl
OTg3N2QwHhcNMjUwNjE0MTYwMDM2WhcNMjUwNjE1MTYwMDM2WjAzMTEwLwYDVQQD
EyhjZGMyNjJmNWVkMGQyNDBmMjRlMDgyOTg4MTViY2RhNDkzZDFhMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZHvr1gNREk8QAu+E8x/m/FRqvMs
dI3G1ycwVssnCL/hm9F5XmCZVn/Z5BdkNWC9jMAIVPModxPcP6CrUHvrDozHcS9z
a6UEOJAVX+JumwzNUmocXhjVSUdGoxKobt8Bv8tIXT5Qky393mmVtitxSWZ+hUjG
Ug+gOmmfOHHesM9z7ocyuJkn9DNYbdtkYNz71Si7hShu654MjdoUjE3GoFtGhn+r
MecXBCUUqHrztrxxzjmFdicBf1ix0EjfwQGL4xpKkr/Gb/YdjoXqV5m3XKgxgJ+T
3wwcq4qTqM3w34mRFDfvXflbgqSwxAmSjnIWbjPvq5G1k53lwSbn4UcjOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3CYvXtDSQPJOCCmIFbzaST0aFGMB8GA1UdIwQY
MBaAFK0SGpzLKD6iHo0KBwouC2pA6Yd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYt
NTlkZjczZDNiYjkxLzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYtNTlkZjczZDNiYjkx
LzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEAt52bU6
TNjPBLb842GO8CH7l4PdQWBzcrvJ62JY5I4McaMeYOvQm7TIbup55DaYJCEtoekz
RhcwNWj8LaJvvwzS4M/OtpBI54xzO/fAmrfSxxjuK5mXZdi/yebVnUI2bQhXD/+J
ZogRbMGzj3wkTfQa/McrkNzDoiRYz01sypd+UpjR4dGqm4rBIEZSNJrGRSJsvD9U
ktFR8t8c4P1211H/rOkRhqe6teRmoKsJM+bbh9LvZ+28E4Bb25VTksx7iP5r3e1N
TgPd4LHZA+hurudwWrtF5JA/PD0fS1Eo/yiStgN0hrLnYVMtES2CO2/Pt1QA0rjp
xAtGeSVhAxztuw==
-----END CERTIFICATE-----