Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          gVpPJgQRQIFKaiBHC8BxN4JQtDmEzHZmffp68fLHAXc=
Subject key identifier:   0E:4D:EE:E3:E7:44:E1:AD:20:2D:B6:5A:E4:66:37:C1:9B:6F:93:42
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       01988B0F1136ECBCE2EEC15C629B689C2F66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 19:01:17 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:17 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:17 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: 546XElo9k3akk4kHXwCsOyFldC4JgHKvHXkI+ay9JU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:11:36:ec:bc:e2:ee:c1:5c:62:9b:68:9c:2f:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Aug  8 19:01:17 2025 GMT
            Not After : Aug  9 19:01:17 2025 GMT
        Subject: CN=0e4deee3e744e1ad202db65ae46637c19b6f9342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:4c:70:8d:65:90:52:27:24:23:2e:8e:d3:0b:
                    a5:cd:d6:67:9d:f9:13:84:66:0d:7b:34:2c:46:10:
                    1d:a9:ca:d6:4a:d4:41:28:0e:00:13:0f:17:0f:59:
                    ac:4b:54:c0:db:9e:4a:1d:a7:32:78:9b:25:0e:a6:
                    0b:a8:6c:e6:98:3c:24:03:59:12:e4:0a:43:60:1e:
                    f9:01:06:9f:f0:56:e7:6b:62:65:71:f4:e9:cb:9f:
                    dd:0f:85:f1:c2:34:4a:f1:f6:2b:76:aa:b3:be:65:
                    9b:b9:90:22:e5:12:d2:68:41:0f:4c:a8:f0:68:ac:
                    96:59:05:0f:dd:72:bc:56:76:76:01:6b:5f:68:2c:
                    ce:a0:a2:9b:7d:96:3c:8b:8b:99:48:a6:11:a8:85:
                    61:6b:3f:17:5e:5c:4d:c4:5e:19:81:7b:96:42:99:
                    eb:43:d5:3d:13:95:a0:de:7a:8b:26:a4:89:33:6b:
                    95:bc:a2:ff:08:eb:fb:e9:ce:3b:a6:5c:af:cd:a9:
                    45:b2:f5:a0:65:5a:0a:ee:76:c6:34:39:fe:71:fe:
                    ed:0d:17:18:b7:56:41:ff:2d:9f:27:25:da:27:95:
                    92:96:27:ca:8b:fe:a3:d2:bb:13:d2:c1:45:63:1d:
                    27:6f:7d:aa:31:e3:41:fe:6c:1b:25:09:b3:ce:5a:
                    3d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4D:EE:E3:E7:44:E1:AD:20:2D:B6:5A:E4:66:37:C1:9B:6F:93:42
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:f0:67:0a:86:21:08:67:a0:ce:53:e0:ef:fc:3d:eb:31:20:
         cd:cd:2c:90:09:6c:f9:36:0a:e2:87:75:6b:ce:b9:68:ba:75:
         ab:39:0f:cf:39:e5:35:9f:e1:03:c2:13:f7:d3:fe:8e:6c:61:
         52:7a:94:84:eb:fe:42:5a:95:3a:b0:d9:16:1d:e5:4f:87:2a:
         ed:ad:4f:ea:35:e0:bf:37:81:32:0b:2d:23:94:75:1a:08:f0:
         e9:4f:52:b3:0f:e2:e0:f7:b4:86:ab:20:07:c6:06:1e:a3:1f:
         e1:44:83:7a:a5:a7:bb:74:53:ae:16:6f:6e:c4:69:46:cd:e2:
         49:7e:07:eb:66:53:05:10:9c:10:02:33:7e:48:5d:65:6d:ea:
         3b:13:14:b6:1a:cc:1c:ff:f0:69:0a:0b:ea:a9:56:48:d7:aa:
         35:4a:8a:7a:e4:2b:2c:f7:bd:6f:0d:b7:13:f5:1d:b2:f8:71:
         07:c8:4e:4c:a0:99:80:38:c7:3c:9e:9d:2e:6e:90:e9:49:09:
         f6:48:3d:b7:67:6b:3e:6b:d5:8c:b4:e0:db:34:12:b9:ba:c2:
         7b:bf:7a:ab:30:2a:08:27:49:24:dc:29:74:34:9a:30:93:22:
         04:c9:e4:aa:1b:22:82:9a:f1:1a:75:f8:5c:d4:cf:6e:c0:2e:
         52:e4:ea:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDxE27Lzi7sFcYptonC9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwODA4MTkwMTE3WhcNMjUwODA5MTkwMTE3WjAzMTEwLwYDVQQD
EygwZTRkZWVlM2U3NDRlMWFkMjAyZGI2NWFlNDY2MzdjMTliNmY5MzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkExwjWWQUickIy6O0wulzdZnnfkT
hGYNezQsRhAdqcrWStRBKA4AEw8XD1msS1TA255KHacyeJslDqYLqGzmmDwkA1kS
5ApDYB75AQaf8Fbna2JlcfTpy5/dD4XxwjRK8fYrdqqzvmWbuZAi5RLSaEEPTKjw
aKyWWQUP3XK8VnZ2AWtfaCzOoKKbfZY8i4uZSKYRqIVhaz8XXlxNxF4ZgXuWQpnr
Q9U9E5Wg3nqLJqSJM2uVvKL/COv76c47plyvzalFsvWgZVoK7nbGNDn+cf7tDRcY
t1ZB/y2fJyXaJ5WSlifKi/6j0rsT0sFFYx0nb32qMeNB/mwbJQmzzlo9pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5N7uPnROGtIC22WuRmN8Gbb5NCMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvBnCoYh
CGegzlPg7/w96zEgzc0skAls+TYK4od1a865aLp1qzkPzznlNZ/hA8IT99P+jmxh
UnqUhOv+QlqVOrDZFh3lT4cq7a1P6jXgvzeBMgstI5R1Ggjw6U9Ssw/i4Pe0hqsg
B8YGHqMf4USDeqWnu3RTrhZvbsRpRs3iSX4H62ZTBRCcEAIzfkhdZW3qOxMUthrM
HP/waQoL6qlWSNeqNUqKeuQrLPe9bw23E/UdsvhxB8hOTKCZgDjHPJ6dLm6Q6UkJ
9kg9t2drPmvVjLTg2zQSubrCe796qzAqCCdJJNwpdDSaMJMiBMnkqhsigprxGnX4
XNTPbsAuUuTq6w==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:10 2025 by rpki-client