Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          M5Mr89Qj4XijFZepfnr7m0eoKZqXv6Ks/k/+8Rx7CNk=
Subject key identifier:   C9:6F:40:1E:1E:7D:3B:6F:A7:F9:FF:A8:A9:CC:53:BC:78:9E:3E:31
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019780FBB733F1EB6D75B96FADDC70D25E7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0870
Signing time:             Wed 18 Jun 2025 03:01:09 +0000
Manifest this update:     Wed 18 Jun 2025 03:01:09 +0000
Manifest next update:     Thu 19 Jun 2025 03:01:09 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: 1x9QqhI6A1+XbAaZAmeBKKaRTDvfyZnZQrEN3i6jXNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:80:fb:b7:33:f1:eb:6d:75:b9:6f:ad:dc:70:d2:5e:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Jun 18 03:01:09 2025 GMT
            Not After : Jun 19 03:01:09 2025 GMT
        Subject: CN=c96f401e1e7d3b6fa7f9ffa8a9cc53bc789e3e31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:67:70:0c:8f:21:f4:2d:42:3c:5f:e7:c3:04:
                    70:58:d9:63:7b:b2:fc:87:28:ce:16:ae:c2:33:08:
                    bb:b3:0d:0b:85:10:5c:f2:32:d8:83:a0:cb:9d:c1:
                    76:8a:9e:bf:da:d2:78:6d:4d:ed:8f:cf:a4:3e:7d:
                    75:b5:7c:47:b6:1f:9f:62:f0:33:20:6a:2d:5a:09:
                    56:a7:a0:62:52:f8:94:10:ec:25:b7:38:17:58:40:
                    df:89:d9:ad:05:72:9c:87:44:1f:58:38:08:6a:28:
                    3a:15:90:13:fe:63:41:c2:f6:a5:fb:75:4e:71:81:
                    1d:08:4c:c9:af:d6:fc:fa:15:63:df:57:fd:d8:d7:
                    c4:68:ab:b7:6a:d5:da:68:ea:da:8e:ef:a0:b5:97:
                    cc:3f:60:0a:28:be:15:74:a6:13:63:fe:d8:03:8e:
                    f4:25:67:94:1c:15:f0:eb:57:b1:2f:ec:89:bb:41:
                    98:e3:fc:cb:20:9c:01:42:96:68:d2:59:20:f7:12:
                    2f:e3:6d:f3:ad:fa:a2:83:44:d1:51:1a:de:51:99:
                    02:13:3b:31:0d:90:08:42:00:3e:d2:a5:d8:a6:d9:
                    2b:c6:6b:cd:ca:8f:c2:bc:42:8c:02:e4:59:73:a2:
                    5a:65:6f:87:04:9b:5f:55:dd:ab:bb:40:3c:cb:51:
                    88:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:6F:40:1E:1E:7D:3B:6F:A7:F9:FF:A8:A9:CC:53:BC:78:9E:3E:31
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:a6:68:27:03:3d:3f:52:c7:26:9a:13:a2:71:0a:23:20:b1:
         85:45:e1:4c:35:72:52:bf:d9:c6:13:9c:22:c9:48:9f:cc:8d:
         70:8f:42:c2:ca:fd:83:08:f2:76:84:c5:44:e2:90:a2:98:f2:
         eb:54:b9:a1:e6:ff:c5:ab:6c:7d:7a:47:69:6e:b2:7d:df:ef:
         9e:c0:99:36:b0:76:43:56:6c:7c:39:33:3b:89:5f:9b:f2:6b:
         f4:fe:30:39:13:9a:7d:18:7d:cb:4d:49:6d:67:df:bb:40:a6:
         22:80:fc:9c:0c:2a:b9:79:11:95:27:70:6b:fc:d1:60:10:bc:
         52:88:58:be:f2:19:d2:4f:c0:8f:61:ac:01:56:97:86:38:c2:
         df:df:bd:5b:1d:77:9e:06:e6:b5:d3:c2:69:a6:00:0a:09:0e:
         aa:ef:50:19:70:04:d4:7d:94:bf:e3:4e:27:94:2a:b0:2b:50:
         b6:f2:5c:92:06:b5:c7:99:f6:26:f2:e1:16:2d:e1:59:41:02:
         d9:c2:44:3c:85:b7:93:2e:be:f0:7c:a8:08:42:dd:8e:a2:ea:
         9a:c0:b9:a7:bb:b6:ea:e5:02:03:80:b6:ce:84:bf:ac:f1:aa:
         fc:2a:a4:90:dc:ba:e6:74:9e:14:f5:10:ee:2d:a3:a5:2e:69:
         06:8a:31:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeA+7cz8ettdblvrdxw0l5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwNjE4MDMwMTA5WhcNMjUwNjE5MDMwMTA5WjAzMTEwLwYDVQQD
EyhjOTZmNDAxZTFlN2QzYjZmYTdmOWZmYThhOWNjNTNiYzc4OWUzZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWdwDI8h9C1CPF/nwwRwWNlje7L8
hyjOFq7CMwi7sw0LhRBc8jLYg6DLncF2ip6/2tJ4bU3tj8+kPn11tXxHth+fYvAz
IGotWglWp6BiUviUEOwltzgXWEDfidmtBXKch0QfWDgIaig6FZAT/mNBwval+3VO
cYEdCEzJr9b8+hVj31f92NfEaKu3atXaaOraju+gtZfMP2AKKL4VdKYTY/7YA470
JWeUHBXw61exL+yJu0GY4/zLIJwBQpZo0lkg9xIv423zrfqig0TRURreUZkCEzsx
DZAIQgA+0qXYptkrxmvNyo/CvEKMAuRZc6JaZW+HBJtfVd2ru0A8y1GIEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlvQB4efTtvp/n/qKnMU7x4nj4xMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKZoJwM9
P1LHJpoTonEKIyCxhUXhTDVyUr/ZxhOcIslIn8yNcI9Cwsr9gwjydoTFROKQopjy
61S5oeb/xatsfXpHaW6yfd/vnsCZNrB2Q1ZsfDkzO4lfm/Jr9P4wOROafRh9y01J
bWffu0CmIoD8nAwquXkRlSdwa/zRYBC8UohYvvIZ0k/Aj2GsAVaXhjjC39+9Wx13
ngbmtdPCaaYACgkOqu9QGXAE1H2Uv+NOJ5QqsCtQtvJckga1x5n2JvLhFi3hWUEC
2cJEPIW3ky6+8HyoCELdjqLqmsC5p7u26uUCA4C2zoS/rPGq/CqkkNy65nSeFPUQ
7i2jpS5pBooxUw==
-----END CERTIFICATE-----