Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
File:                     2nVBcltyi1qJ87-vIPh2VWPC8_s.mft (raw, json)
Hash identifier:          SmwkbVj5CA5Jzt5klCeAZqyrW29CINQJtDeM6bujK74=
Subject key identifier:   22:85:F4:FE:D5:07:B4:25:24:BE:8D:98:55:79:02:CE:9E:51:10:84
Authority key identifier: DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB
Certificate issuer:       /CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
Certificate serial:       01976D3D9E71DC9F99DB558C456F773A24C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 07:00:44 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:44 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:44 +0000
Files and hashes:         1: 2nVBcltyi1qJ87-vIPh2VWPC8_s.crl (hash: GcBBJqQRAPVcfVR56p+enmvmCFDfUCjOzGJndKQgCF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:9e:71:dc:9f:99:db:55:8c:45:6f:77:3a:24:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
        Validity
            Not Before: Jun 14 07:00:44 2025 GMT
            Not After : Jun 15 07:00:44 2025 GMT
        Subject: CN=2285f4fed507b42524be8d98557902ce9e511084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ae:98:0c:67:9e:15:49:45:a6:45:95:4b:cc:
                    9a:48:0c:af:8e:78:7e:35:ce:4c:f4:1a:56:da:06:
                    67:43:52:08:f3:89:e4:14:1c:3d:e7:92:31:2d:d3:
                    d5:fc:f7:5d:78:dd:24:fa:1d:34:f6:d1:49:ba:10:
                    2a:88:f1:c7:e5:70:4b:c2:f7:26:7c:1c:84:d4:44:
                    60:66:80:0d:ae:be:70:84:f6:a4:4c:df:e8:18:72:
                    ac:84:bc:d0:17:0d:91:12:41:74:50:9c:36:81:ee:
                    f6:27:0b:5d:2f:75:7f:01:07:80:b8:42:78:a1:39:
                    1a:58:c0:fb:08:51:ed:4e:2c:26:5a:31:81:0c:ed:
                    8f:b3:1e:52:44:f5:73:17:6d:df:43:78:6d:96:21:
                    c0:7e:f3:34:a0:d8:6b:70:6a:21:99:75:0e:b6:ba:
                    22:60:86:eb:24:34:ea:4c:6d:74:60:89:e3:86:5b:
                    70:47:ec:d1:23:5c:63:db:99:39:bf:1c:97:d6:35:
                    1d:4b:a2:83:fe:a7:dc:ae:ac:2d:e9:45:8b:96:4c:
                    d3:ae:83:bc:6e:e7:b1:7c:4a:c1:9e:22:4e:4b:51:
                    53:35:6a:5e:e7:fc:f3:37:ce:87:9c:b4:07:25:0a:
                    41:44:3f:fc:54:9a:a6:c8:fd:eb:64:2c:cc:06:66:
                    8b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:85:F4:FE:D5:07:B4:25:24:BE:8D:98:55:79:02:CE:9E:51:10:84
            X509v3 Authority Key Identifier:
                keyid:DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:af:22:ac:31:d4:2e:7f:b5:99:c4:37:ba:6c:b0:df:2c:dd:
         bf:3d:ac:b5:f2:57:39:40:3c:74:92:6e:46:45:2e:41:80:cc:
         8a:0d:41:c6:51:1a:e2:74:e5:67:a0:18:ba:79:2b:a1:a3:a8:
         d4:dc:92:e4:60:f4:f2:4c:f8:c1:58:70:89:53:24:83:fe:c2:
         08:d5:ff:d0:c3:e5:de:af:ec:0d:34:29:9d:39:ad:41:9c:db:
         87:ef:cd:5a:c0:3c:b7:57:9f:4c:d2:f8:bd:91:6d:8c:18:8b:
         1d:c7:77:81:e5:ac:dd:07:32:eb:19:dd:3a:48:a1:c8:8b:f9:
         55:33:d3:2d:81:c0:51:8f:2d:91:ed:36:91:b2:55:cd:d0:86:
         51:96:55:ca:c3:c8:47:50:b7:e0:3a:50:80:a7:26:8a:4b:e6:
         20:a5:47:e3:ee:0a:36:47:af:8b:8c:0b:3e:57:61:85:03:66:
         9a:43:89:0f:14:68:f4:ae:63:00:6a:60:2d:5d:df:04:d1:6f:
         12:78:7e:2c:e8:bf:91:2b:8a:4e:d3:6e:5b:0f:b6:69:00:ce:
         9a:46:1c:b2:79:e4:7a:5a:80:19:cd:cd:77:d9:99:28:42:80:
         a7:37:aa:43:d7:ed:f8:a7:45:cd:4c:6e:a8:52:ba:1b:37:13:
         ed:6c:78:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPZ5x3J+Z21WMRW93OiTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzU0MTcyNWI3MjhiNWE4OWYzYmZhZjIwZjg3NjU1NjNj
MmYzZmIwHhcNMjUwNjE0MDcwMDQ0WhcNMjUwNjE1MDcwMDQ0WjAzMTEwLwYDVQQD
EygyMjg1ZjRmZWQ1MDdiNDI1MjRiZThkOTg1NTc5MDJjZTllNTExMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq6YDGeeFUlFpkWVS8yaSAyvjnh+
Nc5M9BpW2gZnQ1II84nkFBw955IxLdPV/PddeN0k+h009tFJuhAqiPHH5XBLwvcm
fByE1ERgZoANrr5whPakTN/oGHKshLzQFw2REkF0UJw2ge72JwtdL3V/AQeAuEJ4
oTkaWMD7CFHtTiwmWjGBDO2Psx5SRPVzF23fQ3htliHAfvM0oNhrcGohmXUOtroi
YIbrJDTqTG10YInjhltwR+zRI1xj25k5vxyX1jUdS6KD/qfcrqwt6UWLlkzTroO8
buexfErBniJOS1FTNWpe5/zzN86HnLQHJQpBRD/8VJqmyP3rZCzMBmaLVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKF9P7VB7QlJL6NmFV5As6eURCEMB8GA1UdIwQY
MBaAFNp1QXJbcotaifO/ryD4dlVjwvP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMt
ZGI4ZmQ1MDdkMWI2LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMtZGI4ZmQ1MDdkMWI2
LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh68irDHU
Ln+1mcQ3umyw3yzdvz2stfJXOUA8dJJuRkUuQYDMig1BxlEa4nTlZ6AYunkroaOo
1NyS5GD08kz4wVhwiVMkg/7CCNX/0MPl3q/sDTQpnTmtQZzbh+/NWsA8t1efTNL4
vZFtjBiLHcd3geWs3Qcy6xndOkihyIv5VTPTLYHAUY8tke02kbJVzdCGUZZVysPI
R1C34DpQgKcmikvmIKVH4+4KNkevi4wLPldhhQNmmkOJDxRo9K5jAGpgLV3fBNFv
Enh+LOi/kSuKTtNuWw+2aQDOmkYcsnnkelqAGc3Nd9mZKEKApzeqQ9ft+KdFzUxu
qFK6GzcT7Wx4PA==
-----END CERTIFICATE-----