Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          /e64ACyidHiwkWyU+uObq+J4gz67aGrc8vDcgyLbnDU=
Subject key identifier:   79:F4:74:A8:84:26:91:CA:76:DD:F5:E2:73:1B:CC:61:53:4B:F5:51
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       01976E8726636808077652C071664C29A48C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          1221
Signing time:             Sat 14 Jun 2025 13:00:40 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:40 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:40 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: h+KvSWp6esDmkmd/2pYhSFhBi76S9Lttg7WqJMmRXsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:26:63:68:08:07:76:52:c0:71:66:4c:29:a4:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Jun 14 13:00:40 2025 GMT
            Not After : Jun 15 13:00:40 2025 GMT
        Subject: CN=79f474a8842691ca76ddf5e2731bcc61534bf551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:13:8b:37:45:f5:ad:6c:09:53:b7:65:91:d1:
                    13:2d:4a:dd:6e:86:90:fc:b8:6d:0f:26:fe:d8:51:
                    41:e2:de:95:9d:56:d2:d9:88:95:af:91:60:d5:c2:
                    27:68:34:61:e4:ba:81:02:82:7e:ee:6e:2e:13:4e:
                    dc:73:e3:ec:9c:24:0a:03:43:b3:29:c3:7c:a2:48:
                    98:46:b1:52:f1:60:11:a9:e9:4a:b3:2e:06:af:a2:
                    ab:9b:8c:47:bb:ac:18:af:32:1e:d9:86:7f:c8:fd:
                    e4:32:f5:f4:d3:85:47:65:7e:f9:95:a6:8c:55:90:
                    71:72:ac:3b:b8:c7:9e:68:9f:99:1e:68:99:c7:3a:
                    86:e4:7c:41:65:bc:86:5c:83:68:81:29:e6:5c:24:
                    88:f9:9e:16:32:33:c6:0f:34:c9:99:fe:73:db:c8:
                    58:ef:e2:cd:d7:4c:67:c7:88:7f:51:a4:63:79:fb:
                    ee:c3:bb:53:dc:e8:f2:7e:da:8f:4d:dd:ad:24:af:
                    55:06:c4:0b:ca:fa:16:b9:93:f1:c8:35:0e:53:e7:
                    bd:cc:42:6e:51:dd:d2:82:39:e0:b6:51:00:5d:7c:
                    6f:94:da:3a:47:8c:87:98:70:f9:79:78:06:65:f0:
                    cb:94:06:3d:14:9c:fa:60:02:1e:e1:95:1c:6b:33:
                    08:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F4:74:A8:84:26:91:CA:76:DD:F5:E2:73:1B:CC:61:53:4B:F5:51
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:85:6b:5d:8f:e8:b4:85:3e:c6:a8:de:68:9f:fc:80:8c:dd:
         d9:3e:1c:df:f2:ad:8b:02:04:8b:dd:fa:a8:67:05:9f:1f:13:
         90:41:cc:f4:1d:f8:fc:3e:07:33:35:58:7f:9a:9c:ed:26:75:
         50:19:61:a6:1b:7b:93:4c:67:87:e2:be:e4:3c:f2:78:80:98:
         ca:3d:b7:6f:71:6c:cb:ef:43:c2:1f:be:c6:16:7b:6c:ad:d5:
         8d:e0:7b:1e:65:94:d3:80:42:8b:d9:5e:ba:c6:da:02:c1:55:
         ba:35:12:46:e7:6e:d3:75:05:87:2f:3d:2a:9c:35:e7:81:c1:
         15:65:3b:b2:64:43:8c:5a:ca:d1:70:07:cb:51:5b:ad:06:d6:
         d7:a7:62:6c:7b:a6:ac:86:5f:5f:58:6d:28:6c:86:d3:83:b5:
         a7:55:f2:67:2f:32:33:d4:4e:11:57:0b:f1:a2:fb:95:a4:e8:
         48:97:a0:40:65:2d:87:d0:e4:1c:a2:26:0f:69:07:5a:3c:a0:
         66:a8:a7:95:ae:0b:c9:9d:91:bd:42:0c:dc:4e:f1:d3:56:61:
         51:1c:26:c2:ce:a5:23:a8:85:60:e9:4d:ea:28:d3:3a:6e:68:
         a1:dd:58:3f:8a:28:76:dd:04:dd:21:ba:61:ba:39:19:95:29:
         96:dd:24:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhyZjaAgHdlLAcWZMKaSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUwNjE0MTMwMDQwWhcNMjUwNjE1MTMwMDQwWjAzMTEwLwYDVQQD
Eyg3OWY0NzRhODg0MjY5MWNhNzZkZGY1ZTI3MzFiY2M2MTUzNGJmNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBOLN0X1rWwJU7dlkdETLUrdboaQ
/LhtDyb+2FFB4t6VnVbS2YiVr5Fg1cInaDRh5LqBAoJ+7m4uE07cc+PsnCQKA0Oz
KcN8okiYRrFS8WARqelKsy4Gr6Krm4xHu6wYrzIe2YZ/yP3kMvX004VHZX75laaM
VZBxcqw7uMeeaJ+ZHmiZxzqG5HxBZbyGXINogSnmXCSI+Z4WMjPGDzTJmf5z28hY
7+LN10xnx4h/UaRjefvuw7tT3OjyftqPTd2tJK9VBsQLyvoWuZPxyDUOU+e9zEJu
Ud3SgjngtlEAXXxvlNo6R4yHmHD5eXgGZfDLlAY9FJz6YAIe4ZUcazMIKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn0dKiEJpHKdt314nMbzGFTS/VRMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYVrXY/o
tIU+xqjeaJ/8gIzd2T4c3/KtiwIEi936qGcFnx8TkEHM9B34/D4HMzVYf5qc7SZ1
UBlhpht7k0xnh+K+5DzyeICYyj23b3Fsy+9Dwh++xhZ7bK3VjeB7HmWU04BCi9le
usbaAsFVujUSRudu03UFhy89Kpw154HBFWU7smRDjFrK0XAHy1FbrQbW16dibHum
rIZfX1htKGyG04O1p1XyZy8yM9ROEVcL8aL7laToSJegQGUth9DkHKImD2kHWjyg
Zqinla4LyZ2RvUIM3E7x01ZhURwmws6lI6iFYOlN6ijTOm5ood1YP4oodt0E3SG6
Ybo5GZUplt0kEA==
-----END CERTIFICATE-----