Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          M0WqHxWTiKO073X1XcBHZh+FnPXeMcVpT8khN1y1ltc=
Subject key identifier:   89:96:BC:34:8A:BA:F6:56:92:F1:E7:9C:B5:B0:51:2C:28:FC:67:4D
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       01967642EC7D656E7CE1EA6285E30845335F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          150D
Signing time:             Sun 27 Apr 2025 08:00:19 +0000
Manifest this update:     Sun 27 Apr 2025 08:00:19 +0000
Manifest next update:     Mon 28 Apr 2025 08:00:19 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: H49D6vwC146y622t/iULKEbdn2VLa3jwnn8vHYowLSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:42:ec:7d:65:6e:7c:e1:ea:62:85:e3:08:45:33:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Apr 27 08:00:19 2025 GMT
            Not After : Apr 28 08:00:19 2025 GMT
        Subject: CN=8996bc348abaf65692f1e79cb5b0512c28fc674d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:84:1e:bd:d3:46:b0:e4:ae:94:59:f5:c7:cd:
                    80:43:2b:c2:ef:d4:01:8f:8e:3d:fe:ca:fb:b7:10:
                    d4:e3:35:59:38:c4:d4:28:cd:19:58:93:ad:fc:51:
                    7e:4d:0f:9c:e0:82:7d:70:9f:08:10:43:76:ff:92:
                    40:99:30:10:9e:c0:98:49:99:4c:a0:e5:d7:63:7f:
                    79:90:c1:39:42:df:47:69:67:c1:29:ef:56:f1:66:
                    96:aa:28:7e:30:67:e7:a3:fb:d9:8d:85:b8:04:9e:
                    f8:6d:82:58:31:4b:b4:de:de:86:68:17:d2:99:a5:
                    e1:5d:b0:1e:a0:0f:a1:b4:4c:28:7c:e7:27:c1:28:
                    fb:33:fc:89:1d:45:bd:2d:3e:da:6b:7b:a1:a2:69:
                    70:fa:37:e0:9a:3a:2c:61:c6:3d:9d:85:93:13:2e:
                    b5:70:65:78:58:01:4f:88:1b:1a:6d:17:23:21:d6:
                    0f:a9:6a:19:70:03:ef:f9:8a:7b:65:09:e2:4f:2e:
                    9b:ce:4e:e5:2d:86:53:e8:67:49:45:e1:3e:49:0d:
                    e1:81:e1:2c:38:a0:f3:57:cf:56:0e:29:c0:db:96:
                    33:b4:2a:96:28:6b:f3:be:56:80:74:3a:6c:d7:02:
                    5c:14:67:9d:89:00:5d:46:6f:70:02:0f:b1:a3:ec:
                    64:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:96:BC:34:8A:BA:F6:56:92:F1:E7:9C:B5:B0:51:2C:28:FC:67:4D
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:7e:9d:35:25:58:cc:ed:e5:4c:13:a0:cc:1b:5b:28:68:85:
         34:14:b2:19:24:8c:e3:36:43:d4:ee:e4:26:99:fd:fb:65:60:
         ae:70:90:22:45:b9:24:e7:ed:d5:ea:36:19:07:77:ad:2e:99:
         c2:36:ea:67:58:74:57:ab:60:1b:27:4c:9c:d3:a2:de:29:c3:
         c8:fb:77:ae:84:d7:21:38:33:13:b1:73:49:48:71:44:44:09:
         40:83:7e:92:95:84:91:7f:8e:e1:af:79:a5:ff:97:9d:d2:a2:
         a5:98:7c:d4:f5:9b:0b:a0:70:ea:8a:48:44:6b:f9:e4:08:d0:
         a8:e1:f7:41:a3:f4:5b:2f:27:3d:2e:06:cf:95:ba:69:c6:25:
         e5:68:fc:7e:4d:67:79:fe:f5:fb:24:0e:42:56:6b:4e:0d:1c:
         3d:26:e5:d2:ac:5a:f8:97:66:17:25:33:4d:17:ad:c9:78:da:
         4d:10:62:a0:78:c6:3c:13:fe:8c:ae:6f:9f:d5:ed:45:6e:24:
         70:48:7d:aa:05:63:01:a9:8e:a2:ec:58:d3:a4:6e:56:ce:63:
         92:73:bb:29:7d:83:2f:6d:05:22:74:42:58:cc:85:fc:63:76:
         0d:dc:b8:fe:96:60:eb:2d:ce:ff:67:9f:1a:9f:68:3d:cc:c6:
         55:4c:3c:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2Qux9ZW584epiheMIRTNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwNDI3MDgwMDE5WhcNMjUwNDI4MDgwMDE5WjAzMTEwLwYDVQQD
Eyg4OTk2YmMzNDhhYmFmNjU2OTJmMWU3OWNiNWIwNTEyYzI4ZmM2NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYQevdNGsOSulFn1x82AQyvC79QB
j449/sr7txDU4zVZOMTUKM0ZWJOt/FF+TQ+c4IJ9cJ8IEEN2/5JAmTAQnsCYSZlM
oOXXY395kME5Qt9HaWfBKe9W8WaWqih+MGfno/vZjYW4BJ74bYJYMUu03t6GaBfS
maXhXbAeoA+htEwofOcnwSj7M/yJHUW9LT7aa3uhomlw+jfgmjosYcY9nYWTEy61
cGV4WAFPiBsabRcjIdYPqWoZcAPv+Yp7ZQniTy6bzk7lLYZT6GdJReE+SQ3hgeEs
OKDzV89WDinA25YztCqWKGvzvlaAdDps1wJcFGediQBdRm9wAg+xo+xkRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImWvDSKuvZWkvHnnLWwUSwo/GdNMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPn6dNSVY
zO3lTBOgzBtbKGiFNBSyGSSM4zZD1O7kJpn9+2VgrnCQIkW5JOft1eo2GQd3rS6Z
wjbqZ1h0V6tgGydMnNOi3inDyPt3roTXITgzE7FzSUhxREQJQIN+kpWEkX+O4a95
pf+XndKipZh81PWbC6Bw6opIRGv55AjQqOH3QaP0Wy8nPS4Gz5W6acYl5Wj8fk1n
ef71+yQOQlZrTg0cPSbl0qxa+JdmFyUzTRetyXjaTRBioHjGPBP+jK5vn9XtRW4k
cEh9qgVjAamOouxY06RuVs5jknO7KX2DL20FInRCWMyF/GN2Ddy4/pZg6y3O/2ef
Gp9oPczGVUw8Gg==
-----END CERTIFICATE-----