Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          t1NKZPUcG3o+kYGMUr0DfhZe+wl1PdH+dKIdlRWi8Ns=
Subject key identifier:   F2:0F:0B:C5:D1:02:CB:39:28:21:6D:B7:18:E5:7F:63:ED:89:DE:83
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       01967F0F3911ED91D9EF3149E529F118CBAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          0FDF
Signing time:             Tue 29 Apr 2025 01:00:26 +0000
Manifest this update:     Tue 29 Apr 2025 01:00:26 +0000
Manifest next update:     Wed 30 Apr 2025 01:00:26 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: CbLaN3oJD0JcVdNtVGROAnZE/Hk8FieImDN6+HoSxts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:0f:39:11:ed:91:d9:ef:31:49:e5:29:f1:18:cb:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Apr 29 01:00:26 2025 GMT
            Not After : Apr 30 01:00:26 2025 GMT
        Subject: CN=f20f0bc5d102cb3928216db718e57f63ed89de83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:18:15:a5:28:94:26:3d:7e:ac:8a:86:12:bd:
                    f2:5c:da:b3:b6:19:7f:ce:ff:97:88:51:61:3e:80:
                    16:c0:de:8c:6b:8d:b6:f1:5c:a5:87:c3:c4:45:b1:
                    d8:5e:5b:c6:ff:06:5b:71:b4:74:36:56:0f:fe:5e:
                    24:6b:12:50:26:1b:84:11:70:60:68:1d:5f:c8:06:
                    e1:1d:05:72:66:82:aa:51:04:2a:01:1b:16:12:6a:
                    f0:e8:44:bd:98:eb:93:86:32:00:ed:de:f8:89:d1:
                    c2:20:42:36:f8:ca:5e:7b:71:4b:48:84:5b:6d:ab:
                    2d:fb:f1:a3:1c:7a:b4:d9:17:df:d5:c2:e8:7a:90:
                    d0:49:ee:cf:01:96:ea:d6:2d:5b:1b:bd:5d:b6:ee:
                    d8:c7:70:b6:1f:f5:17:a4:69:ef:5e:6e:df:66:00:
                    5d:d3:92:af:54:d1:c2:d6:74:9a:a3:a3:56:81:2c:
                    ba:ed:ea:52:d3:5f:bf:9b:91:3e:a7:21:2d:09:a6:
                    29:fd:ef:50:47:a7:c0:0e:e2:25:56:f5:7e:01:d0:
                    0a:47:42:04:0e:33:a5:e8:cd:ba:fb:6e:9f:cb:19:
                    5f:81:a7:7f:1d:85:53:c0:4a:e0:85:4d:b0:12:6a:
                    81:82:27:82:83:ef:67:a1:d5:bc:4a:80:3f:30:88:
                    02:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:0F:0B:C5:D1:02:CB:39:28:21:6D:B7:18:E5:7F:63:ED:89:DE:83
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:31:1e:46:68:19:d6:c6:84:09:1d:07:2a:f2:61:75:04:97:
         c3:b7:b5:19:dd:33:1c:c3:e8:4f:53:a2:78:85:94:1e:37:0b:
         ba:be:ff:f4:04:6a:18:7f:ee:81:ad:98:93:bb:e4:7e:b6:0f:
         eb:58:51:7d:b1:b3:e8:d7:21:6a:51:35:09:34:de:7b:21:5c:
         c1:87:bb:78:38:be:d9:d2:2f:90:96:77:da:f6:a9:7c:c1:d7:
         68:c6:53:29:60:0c:21:d0:64:e9:43:30:49:a7:11:90:39:85:
         28:46:a8:12:68:2e:d4:00:5e:61:30:05:3c:5d:f4:63:f7:c1:
         2a:2b:b7:f2:73:d2:5a:d8:ff:02:e2:7e:6a:4e:93:04:9c:c5:
         c3:aa:f9:91:65:e3:db:b2:a0:24:6b:e6:c0:bb:b5:66:75:d9:
         67:af:e0:17:49:fe:23:92:27:e8:5f:3d:6c:da:dd:c5:e9:fe:
         1f:c3:9e:d9:44:a5:84:ee:38:77:81:ba:e8:3f:90:b4:d7:da:
         a2:4e:cc:dd:9c:ce:10:74:ad:b4:51:c5:fe:5f:23:23:07:ef:
         6a:a0:8d:38:91:65:4d:c3:57:9a:95:22:de:78:4f:4c:76:0d:
         30:b0:19:75:71:df:18:ac:9e:00:41:87:44:64:fb:a6:cc:89:
         7f:19:ab:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/DzkR7ZHZ7zFJ5SnxGMuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjUwNDI5MDEwMDI2WhcNMjUwNDMwMDEwMDI2WjAzMTEwLwYDVQQD
EyhmMjBmMGJjNWQxMDJjYjM5MjgyMTZkYjcxOGU1N2Y2M2VkODlkZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xgVpSiUJj1+rIqGEr3yXNqzthl/
zv+XiFFhPoAWwN6Ma4228Vylh8PERbHYXlvG/wZbcbR0NlYP/l4kaxJQJhuEEXBg
aB1fyAbhHQVyZoKqUQQqARsWEmrw6ES9mOuThjIA7d74idHCIEI2+Mpee3FLSIRb
bast+/GjHHq02Rff1cLoepDQSe7PAZbq1i1bG71dtu7Yx3C2H/UXpGnvXm7fZgBd
05KvVNHC1nSao6NWgSy67epS01+/m5E+pyEtCaYp/e9QR6fADuIlVvV+AdAKR0IE
DjOl6M26+26fyxlfgad/HYVTwErghU2wEmqBgieCg+9nodW8SoA/MIgCvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIPC8XRAss5KCFttxjlf2Ptid6DMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjEeRmgZ
1saECR0HKvJhdQSXw7e1Gd0zHMPoT1OieIWUHjcLur7/9ARqGH/uga2Yk7vkfrYP
61hRfbGz6NchalE1CTTeeyFcwYe7eDi+2dIvkJZ32vapfMHXaMZTKWAMIdBk6UMw
SacRkDmFKEaoEmgu1ABeYTAFPF30Y/fBKiu38nPSWtj/AuJ+ak6TBJzFw6r5kWXj
27KgJGvmwLu1ZnXZZ6/gF0n+I5In6F89bNrdxen+H8Oe2USlhO44d4G66D+QtNfa
ok7M3ZzOEHSttFHF/l8jIwfvaqCNOJFlTcNXmpUi3nhPTHYNMLAZdXHfGKyeAEGH
RGT7psyJfxmr2Q==
-----END CERTIFICATE-----