Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          RqgAnflRNxJVZoP4x499h+fSi81pKFi/moRsIHQozxM=
Subject key identifier:   4E:4E:AF:B1:44:69:01:97:E0:B7:60:E8:32:E3:8C:33:BB:B0:3C:E2
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       01989ECCEA159F570726E812B66B4C6A72F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0BA4
Signing time:             Tue 12 Aug 2025 15:01:25 +0000
Manifest this update:     Tue 12 Aug 2025 15:01:25 +0000
Manifest next update:     Wed 13 Aug 2025 15:01:25 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: DULcdSGUC/lui0MInxWmRc+ujr7OPA0AS1OVxw3FKJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 15:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:cc:ea:15:9f:57:07:26:e8:12:b6:6b:4c:6a:72:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Aug 12 15:01:25 2025 GMT
            Not After : Aug 13 15:01:25 2025 GMT
        Subject: CN=4e4eafb144690197e0b760e832e38c33bbb03ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c3:01:e3:b1:fe:4e:e6:e5:0a:1a:6c:32:c5:
                    ac:62:ab:87:78:fb:43:d2:9b:45:ba:d6:c8:0e:02:
                    ed:db:a2:fa:90:b1:8e:d2:fa:0e:3f:7e:e1:51:45:
                    6e:42:1e:21:19:47:75:e3:91:6f:f7:a9:40:45:24:
                    89:c5:62:8a:7e:2e:29:9f:34:80:e6:b1:c2:0c:70:
                    1e:d6:c1:f8:aa:56:30:fe:b1:da:4a:11:5a:d5:25:
                    0f:83:48:63:93:66:4f:20:07:a1:28:36:87:a3:18:
                    b0:f4:a5:55:ff:0c:69:c0:18:d8:63:7f:b2:19:8b:
                    ab:35:5d:7f:3d:b1:16:9b:6c:01:db:4c:bb:cc:df:
                    ad:5e:ef:c7:2e:10:16:68:c6:45:0f:ce:48:c7:a7:
                    41:d2:db:ad:2a:f5:2b:2f:84:d6:54:6b:48:86:bb:
                    5d:65:e8:14:05:ba:e8:f8:c4:ca:9d:68:ef:1b:aa:
                    2f:a3:e0:9a:dc:f2:fd:e4:0b:bc:10:98:59:40:4a:
                    ac:f1:74:01:bd:e8:1c:7f:69:2b:30:c3:ab:fc:ea:
                    9f:af:c7:ab:df:aa:80:0e:4f:2a:a2:b9:8e:2b:eb:
                    e4:70:24:f2:66:d3:c2:e8:cb:51:32:3f:0c:06:32:
                    5a:48:67:89:64:2d:89:38:01:71:24:ff:88:92:72:
                    6d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:4E:AF:B1:44:69:01:97:E0:B7:60:E8:32:E3:8C:33:BB:B0:3C:E2
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:46:5d:0f:1d:e5:ff:d4:fb:62:29:80:27:60:70:d1:6b:2a:
         87:4e:29:3f:dd:e9:8a:79:82:3e:9b:e3:9b:72:13:99:0a:13:
         53:c6:9c:46:ee:81:a0:ac:7a:4a:ff:d1:e1:72:ee:69:31:d0:
         ed:2d:bf:2d:75:5c:b9:df:ef:4f:88:ec:ba:4a:70:98:2f:36:
         a5:49:39:3b:86:29:2d:29:74:67:e4:18:53:cf:09:49:ec:1a:
         6b:cf:a8:2c:f1:80:bc:a7:72:40:ed:16:b6:c1:0f:8c:c1:39:
         0f:94:ac:f1:c2:7c:86:27:09:72:36:20:94:c2:b1:cd:90:20:
         55:13:65:ec:f3:9a:a9:f2:11:11:6f:b3:40:07:17:fa:34:bb:
         cb:87:20:68:1f:4f:ee:d1:c8:ca:26:16:8e:c2:bc:1c:7c:69:
         12:4f:49:31:eb:30:40:70:b7:27:c9:e3:62:41:c0:b3:6f:b8:
         dc:7b:ad:ee:42:4a:d9:5f:7e:1d:22:40:ab:11:cd:fa:5f:25:
         17:4e:7a:ad:cf:bb:dc:1a:fe:f7:ce:74:0b:3d:88:2f:69:35:
         30:ac:de:a3:3f:57:48:20:00:9e:18:f9:c3:a7:56:07:6b:97:
         89:ae:05:5d:7b:9b:d9:cc:b6:98:d7:97:c4:21:32:96:6e:81:
         ef:d1:04:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiezOoVn1cHJugStmtManL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwODEyMTUwMTI1WhcNMjUwODEzMTUwMTI1WjAzMTEwLwYDVQQD
Eyg0ZTRlYWZiMTQ0NjkwMTk3ZTBiNzYwZTgzMmUzOGMzM2JiYjAzY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMMB47H+TublChpsMsWsYquHePtD
0ptFutbIDgLt26L6kLGO0voOP37hUUVuQh4hGUd145Fv96lARSSJxWKKfi4pnzSA
5rHCDHAe1sH4qlYw/rHaShFa1SUPg0hjk2ZPIAehKDaHoxiw9KVV/wxpwBjYY3+y
GYurNV1/PbEWm2wB20y7zN+tXu/HLhAWaMZFD85Ix6dB0tutKvUrL4TWVGtIhrtd
ZegUBbro+MTKnWjvG6ovo+Ca3PL95Au8EJhZQEqs8XQBvegcf2krMMOr/Oqfr8er
36qADk8qormOK+vkcCTyZtPC6MtRMj8MBjJaSGeJZC2JOAFxJP+IknJtFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5Or7FEaQGX4Ldg6DLjjDO7sDziMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUZdDx3l
/9T7YimAJ2Bw0Wsqh04pP93pinmCPpvjm3ITmQoTU8acRu6BoKx6Sv/R4XLuaTHQ
7S2/LXVcud/vT4jsukpwmC82pUk5O4YpLSl0Z+QYU88JSewaa8+oLPGAvKdyQO0W
tsEPjME5D5Ss8cJ8hicJcjYglMKxzZAgVRNl7POaqfIREW+zQAcX+jS7y4cgaB9P
7tHIyiYWjsK8HHxpEk9JMeswQHC3J8njYkHAs2+43Hut7kJK2V9+HSJAqxHN+l8l
F056rc+73Br+9850Cz2IL2k1MKzeoz9XSCAAnhj5w6dWB2uXia4FXXub2cy2mNeX
xCEylm6B79EEww==
-----END CERTIFICATE-----