Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          1jn7cPlhtWOBSj6g0lhEeKwte6xPZXrVYbpFOd88c5k=
Subject key identifier:   1D:F9:04:E5:87:8D:BD:1A:F7:EF:1A:68:7A:35:04:14:A7:EA:FD:5F
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       01976F2CBEF95D85D8118ACA74A0D057AB31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          1220
Signing time:             Sat 14 Jun 2025 16:01:32 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:32 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:32 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: XZzuOhAsO+vEKW9reNP3QvMu1iEOSXr7l62sA6Njm6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:be:f9:5d:85:d8:11:8a:ca:74:a0:d0:57:ab:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Jun 14 16:01:32 2025 GMT
            Not After : Jun 15 16:01:32 2025 GMT
        Subject: CN=1df904e5878dbd1af7ef1a687a350414a7eafd5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:69:0e:9b:56:bc:66:31:f7:80:13:01:eb:3a:
                    92:eb:c1:c8:a9:6f:c3:10:71:02:0d:cb:1d:47:bb:
                    3e:15:bf:1a:f0:e4:17:b3:cb:d4:ec:84:46:5f:0c:
                    4b:d5:ca:de:8f:29:0d:41:b0:50:af:18:8e:7a:d2:
                    f8:3d:cb:de:9f:c7:5b:28:01:c1:ae:ff:f2:7b:a4:
                    d4:11:b6:62:2a:4e:78:e4:b8:36:74:86:89:fc:a1:
                    67:1f:35:41:c8:31:c4:16:72:75:69:f7:1b:26:0a:
                    b3:07:91:4b:bf:45:70:21:ae:56:2d:43:a4:02:04:
                    03:e8:13:51:78:84:5a:fa:c4:79:b6:31:c2:dc:52:
                    a5:c7:8d:a0:78:ae:24:f0:e5:09:9e:de:30:66:00:
                    d2:f3:a3:8b:68:c1:b7:2c:49:2e:02:76:4f:3a:4c:
                    9c:4f:5e:57:75:32:b3:06:8e:ad:d7:88:70:45:2b:
                    ce:5c:a3:5a:8d:d9:6a:26:7d:69:34:ab:10:6c:e1:
                    cb:a8:e3:db:6c:9b:80:a6:9c:16:c9:23:a4:e1:b0:
                    e3:eb:e2:b4:dd:fb:95:e6:13:51:ad:ea:b3:0a:ff:
                    b1:20:da:cd:1b:92:2e:01:d7:19:71:68:b3:20:49:
                    5b:36:95:b1:2e:bd:61:41:b6:11:67:a0:54:fd:4b:
                    f9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:F9:04:E5:87:8D:BD:1A:F7:EF:1A:68:7A:35:04:14:A7:EA:FD:5F
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:d2:b5:78:db:46:35:c9:4a:93:5b:9f:f2:70:25:33:f9:54:
         4c:ec:3e:3f:1c:7b:88:7e:2c:87:c6:4f:12:cf:f4:44:b3:ed:
         29:18:f2:54:53:5e:f9:00:5f:5b:51:ae:77:b6:98:e4:6c:86:
         f6:53:bf:bd:f6:a4:a5:ab:d4:14:91:e4:4b:47:f1:5f:05:ca:
         66:06:06:77:5c:91:7f:18:0c:1b:d3:a9:0a:84:b0:f0:3e:59:
         d4:7c:fc:61:69:72:ba:7b:67:d5:76:10:7e:b3:e1:4c:6b:78:
         d3:66:e4:be:d6:15:d8:e7:4a:b8:e6:aa:7e:9a:be:bd:a5:4d:
         d6:e4:fe:9d:3f:13:62:a6:8d:81:6c:76:da:1d:92:a3:ab:0f:
         53:eb:89:95:c2:18:2f:08:7f:cf:f2:c8:11:23:b6:e8:dc:a3:
         e9:5d:0a:dd:fa:b1:fa:3f:72:5d:69:c1:48:14:b2:d2:6c:9e:
         c2:c2:33:cf:ae:2a:3d:b2:e2:1f:e2:c7:c9:7d:55:fd:2c:cf:
         d7:66:06:21:bb:99:0b:10:2a:83:a4:0c:1d:5d:ec:e3:ff:cb:
         08:db:04:de:c5:c9:2a:fc:fa:8b:4e:18:2e:94:fd:b4:27:15:
         b9:2f:d5:04:63:1e:79:fc:3f:b8:1e:fb:74:2d:9e:b7:95:10:
         d2:f2:78:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLL75XYXYEYrKdKDQV6sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjUwNjE0MTYwMTMyWhcNMjUwNjE1MTYwMTMyWjAzMTEwLwYDVQQD
EygxZGY5MDRlNTg3OGRiZDFhZjdlZjFhNjg3YTM1MDQxNGE3ZWFmZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGkOm1a8ZjH3gBMB6zqS68HIqW/D
EHECDcsdR7s+Fb8a8OQXs8vU7IRGXwxL1crejykNQbBQrxiOetL4Pcven8dbKAHB
rv/ye6TUEbZiKk545Lg2dIaJ/KFnHzVByDHEFnJ1afcbJgqzB5FLv0VwIa5WLUOk
AgQD6BNReIRa+sR5tjHC3FKlx42geK4k8OUJnt4wZgDS86OLaMG3LEkuAnZPOkyc
T15XdTKzBo6t14hwRSvOXKNajdlqJn1pNKsQbOHLqOPbbJuAppwWySOk4bDj6+K0
3fuV5hNRreqzCv+xINrNG5IuAdcZcWizIElbNpWxLr1hQbYRZ6BU/Uv5BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB35BOWHjb0a9+8aaHo1BBSn6v1fMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALdK1eNtG
NclKk1uf8nAlM/lUTOw+Pxx7iH4sh8ZPEs/0RLPtKRjyVFNe+QBfW1Gud7aY5GyG
9lO/vfakpavUFJHkS0fxXwXKZgYGd1yRfxgMG9OpCoSw8D5Z1Hz8YWlyuntn1XYQ
frPhTGt402bkvtYV2OdKuOaqfpq+vaVN1uT+nT8TYqaNgWx22h2So6sPU+uJlcIY
Lwh/z/LIESO26Nyj6V0K3fqx+j9yXWnBSBSy0myewsIzz64qPbLiH+LHyX1V/SzP
12YGIbuZCxAqg6QMHV3s4//LCNsE3sXJKvz6i04YLpT9tCcVuS/VBGMeefw/uB77
dC2et5UQ0vJ4uA==
-----END CERTIFICATE-----