Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
File:                     2V_Z-7sug4agu3amyEH8aKfD65g.mft (raw, json)
Hash identifier:          pFvxXEw+ocZPvVhN4bDxe9KVgBJ4Z84O/U0OSoIytiI=
Subject key identifier:   25:F5:94:B6:05:FA:D9:51:35:40:3E:81:41:00:19:7F:02:21:A3:AB
Authority key identifier: D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98
Certificate issuer:       /CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
Certificate serial:       019680C6DAD1536F890E15B9BB188A4AE9EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
Manifest number:          0166
Signing time:             Tue 29 Apr 2025 09:00:37 +0000
Manifest this update:     Tue 29 Apr 2025 09:00:37 +0000
Manifest next update:     Wed 30 Apr 2025 09:00:37 +0000
Files and hashes:         1: 2V_Z-7sug4agu3amyEH8aKfD65g.crl (hash: dJcYgoG/IZNkALrdjFA+TuCIijCL8ho4SFFdTz8qONE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:c6:da:d1:53:6f:89:0e:15:b9:bb:18:8a:4a:e9:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
        Validity
            Not Before: Apr 29 09:00:37 2025 GMT
            Not After : Apr 30 09:00:37 2025 GMT
        Subject: CN=25f594b605fad95135403e814100197f0221a3ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:cc:c8:39:dc:dd:6c:67:45:6f:4b:e1:de:b8:
                    bc:6d:82:03:9a:16:7b:bb:97:6f:7c:49:4f:28:17:
                    10:35:44:ac:a0:d5:9f:cb:a1:8d:65:10:91:18:cb:
                    17:17:09:4f:21:63:a6:cb:a9:1a:df:70:db:30:33:
                    bf:f0:ca:74:cd:0a:27:2b:9a:a0:e2:3f:0b:d2:66:
                    93:1c:4a:00:48:50:82:9e:af:13:0c:7a:08:e7:cb:
                    7d:7a:1c:f5:9b:9a:5d:75:2d:49:8f:47:c8:90:87:
                    f2:76:f2:6e:ef:35:bb:87:5a:4e:02:b6:9d:7d:79:
                    e4:53:5f:9d:9d:00:80:4a:39:cd:9a:42:fe:3e:55:
                    72:67:06:69:be:5b:2b:ec:42:39:47:8e:0b:3d:27:
                    6d:f0:63:89:26:9d:2b:a5:06:6e:b8:f6:af:8d:23:
                    3d:5e:89:e4:b7:8c:5c:77:02:31:a0:75:65:bc:11:
                    28:68:76:cb:6c:6f:66:c1:ed:4b:ca:3f:d2:03:f6:
                    05:d7:f7:d1:b1:b6:7c:d9:28:79:59:a7:86:36:22:
                    1a:3d:a8:19:b2:29:d2:e3:5a:d5:ac:8f:e6:d7:e6:
                    9e:a6:5a:d4:0e:14:bf:39:e6:d5:64:bd:c0:9c:42:
                    9f:1b:85:b4:20:60:7d:88:f4:d5:b3:70:07:21:58:
                    63:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F5:94:B6:05:FA:D9:51:35:40:3E:81:41:00:19:7F:02:21:A3:AB
            X509v3 Authority Key Identifier:
                keyid:D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:ce:3c:f1:9f:0c:9d:c4:40:19:2a:96:cb:31:ae:7a:24:67:
         f7:d1:ed:83:07:15:10:d9:0b:cc:07:df:7b:1c:20:b4:09:75:
         21:43:0e:03:01:bf:40:66:c9:38:8e:23:ea:0c:46:16:da:83:
         06:83:04:e3:d6:c0:de:2b:e7:8f:1a:a7:17:8b:a6:43:c2:1f:
         74:8d:cf:24:fd:04:d6:90:6e:ff:3e:fa:b7:45:00:d0:e7:df:
         ff:fd:59:d9:3a:4e:9f:86:85:c4:01:5b:06:d3:d2:33:41:42:
         79:ef:c1:07:80:c5:3b:a6:58:61:f2:b8:9e:c2:8f:9c:c1:60:
         71:db:06:60:92:d9:f3:91:4b:33:49:ef:ef:25:37:c6:25:fe:
         97:45:64:31:f7:dd:e1:b6:54:ad:42:a2:ae:4f:3d:7d:0e:26:
         03:de:54:fe:ce:66:8b:e6:b7:c1:94:7f:31:b8:7c:05:83:71:
         ef:85:55:34:36:ac:48:5f:32:cd:08:4e:a6:1a:92:ab:36:95:
         3b:2a:4d:95:d2:83:52:83:1f:e1:c2:32:09:a6:ad:ea:66:e4:
         4b:6a:3d:12:69:f2:55:9f:74:09:df:b0:29:7c:61:8e:32:03:
         7b:d1:a8:5d:57:5f:fa:27:de:9d:0b:b4:6f:6d:a4:06:42:f1:
         82:23:46:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxtrRU2+JDhW5uxiKSunqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWZkOWZiYmIyZTgzODZhMGJiNzZhNmM4NDFmYzY4YTdj
M2ViOTgwHhcNMjUwNDI5MDkwMDM3WhcNMjUwNDMwMDkwMDM3WjAzMTEwLwYDVQQD
EygyNWY1OTRiNjA1ZmFkOTUxMzU0MDNlODE0MTAwMTk3ZjAyMjFhM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApczIOdzdbGdFb0vh3ri8bYIDmhZ7
u5dvfElPKBcQNUSsoNWfy6GNZRCRGMsXFwlPIWOmy6ka33DbMDO/8Mp0zQonK5qg
4j8L0maTHEoASFCCnq8TDHoI58t9ehz1m5pddS1Jj0fIkIfydvJu7zW7h1pOArad
fXnkU1+dnQCASjnNmkL+PlVyZwZpvlsr7EI5R44LPSdt8GOJJp0rpQZuuPavjSM9
Xonkt4xcdwIxoHVlvBEoaHbLbG9mwe1Lyj/SA/YF1/fRsbZ82Sh5WaeGNiIaPagZ
sinS41rVrI/m1+aeplrUDhS/OebVZL3AnEKfG4W0IGB9iPTVs3AHIVhjpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCX1lLYF+tlRNUA+gUEAGX8CIaOrMB8GA1UdIwQY
MBaAFNlf2fu7LoOGoLt2pshB/Ginw+uYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgt
MzIwZGYyZWIwZmQyLzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgtMzIwZGYyZWIwZmQy
LzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEc488Z8M
ncRAGSqWyzGueiRn99HtgwcVENkLzAffexwgtAl1IUMOAwG/QGbJOI4j6gxGFtqD
BoME49bA3ivnjxqnF4umQ8IfdI3PJP0E1pBu/z76t0UA0Off//1Z2TpOn4aFxAFb
BtPSM0FCee/BB4DFO6ZYYfK4nsKPnMFgcdsGYJLZ85FLM0nv7yU3xiX+l0VkMffd
4bZUrUKirk89fQ4mA95U/s5mi+a3wZR/Mbh8BYNx74VVNDasSF8yzQhOphqSqzaV
OypNldKDUoMf4cIyCaat6mbkS2o9EmnyVZ90Cd+wKXxhjjIDe9GoXVdf+ifenQu0
b22kBkLxgiNGdw==
-----END CERTIFICATE-----