Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
File:                     2ggpHPxyjQF2DsQngQlqxrTHSl0.mft (raw, json)
Hash identifier:          HK+edyfDcP+4xZTH2giCXetakV1FUU3uMoX0H9u1OdA=
Subject key identifier:   2C:D2:FB:5F:5A:97:70:DF:22:1A:63:76:0B:F3:94:EA:E7:96:46:77
Authority key identifier: DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D
Certificate issuer:       /CN=da08291cfc728d01760ec42781096ac6b4c74a5d
Certificate serial:       0196876DCA3B9A8881AE5E3444ACFCDB018E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
Manifest number:          1515
Signing time:             Wed 30 Apr 2025 16:00:41 +0000
Manifest this update:     Wed 30 Apr 2025 16:00:41 +0000
Manifest next update:     Thu 01 May 2025 16:00:41 +0000
Files and hashes:         1: 2ggpHPxyjQF2DsQngQlqxrTHSl0.crl (hash: eMt2GOeOHRz94niv6Z31YS3DS60N5c18+IuXGRK+SDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6d:ca:3b:9a:88:81:ae:5e:34:44:ac:fc:db:01:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da08291cfc728d01760ec42781096ac6b4c74a5d
        Validity
            Not Before: Apr 30 16:00:41 2025 GMT
            Not After : May  1 16:00:41 2025 GMT
        Subject: CN=2cd2fb5f5a9770df221a63760bf394eae7964677
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:35:d5:8c:24:da:a9:cd:7e:de:ff:be:4c:df:
                    d9:d6:f2:c5:94:57:1a:b1:56:be:5b:33:f6:8f:46:
                    5f:78:26:dc:f0:54:57:77:13:51:26:b5:63:38:d2:
                    cf:4f:6e:ee:1a:de:fc:8b:b4:18:30:17:67:ef:8d:
                    08:b1:3e:a9:c6:4b:3c:8c:2f:db:e5:bc:a0:09:f9:
                    7f:15:75:a2:c5:4c:92:59:7c:07:77:11:d8:6b:f7:
                    f1:10:75:75:40:12:96:da:17:99:1f:a4:eb:4f:f1:
                    52:b9:b1:8b:c2:3f:f4:1b:d6:f8:2c:df:f4:34:ae:
                    16:b4:93:67:e1:27:b3:dc:64:9f:2e:1e:be:e5:4a:
                    44:a3:55:96:33:21:5d:9d:4b:ac:1c:c4:3a:f5:29:
                    a1:a8:79:f6:4b:fb:30:5b:24:18:bf:e8:6e:58:a2:
                    77:8b:20:49:dd:59:13:c2:aa:9b:01:db:f5:09:a9:
                    09:1b:dc:56:d3:cb:f4:8f:c8:80:9c:5e:1c:d4:bb:
                    48:18:ad:a7:24:24:ca:24:a3:7f:6c:de:8b:3c:66:
                    81:33:5b:23:0e:1c:4c:68:26:3d:6a:1f:f4:5e:25:
                    f2:59:2f:ac:a5:99:7e:3e:95:a5:fe:ac:69:a6:d6:
                    85:e6:74:8a:0c:bb:e4:29:91:0c:f7:cd:34:16:a5:
                    66:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:D2:FB:5F:5A:97:70:DF:22:1A:63:76:0B:F3:94:EA:E7:96:46:77
            X509v3 Authority Key Identifier:
                keyid:DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:93:4b:09:3a:50:f6:d0:98:4b:80:87:5f:66:74:57:60:16:
         6b:86:de:3b:5d:26:6f:98:3e:34:fe:d5:80:0f:cf:e3:b6:8b:
         16:89:67:03:2a:d7:ee:02:da:19:25:d2:5c:88:30:4c:1b:73:
         59:ed:a2:e9:91:e3:dc:47:a4:6d:d1:45:b0:1c:b6:b9:f4:02:
         1d:0f:4f:5a:17:b3:29:fa:7d:89:ce:1c:7c:53:38:b6:a6:92:
         81:f1:f6:20:1a:00:38:09:66:78:39:01:0f:15:03:3a:58:c1:
         39:d5:82:6c:e6:80:16:37:2a:d7:f6:c3:63:02:d7:59:a1:07:
         33:86:70:ca:ee:3f:1a:db:9d:50:b4:2f:63:3a:47:2e:d1:1a:
         c4:af:5a:be:9b:05:89:91:30:2c:85:ae:64:b1:f2:c8:8c:17:
         66:5f:ab:45:ca:0a:f2:a6:e3:c0:d6:a1:15:19:2a:c4:6b:91:
         00:e6:49:24:29:a8:84:9f:38:14:b5:25:dd:e0:5f:8b:5a:e2:
         db:8f:34:0a:2f:3c:4d:66:ec:6b:28:86:be:44:83:9f:3f:36:
         13:9a:3b:12:da:0e:36:19:fb:cb:94:c8:21:05:f8:1b:9a:6e:
         b6:25:af:2c:1d:7b:05:2b:f5:b1:b3:c7:1e:86:64:c1:10:7d:
         40:f0:0e:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbco7moiBrl40RKz82wGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDgyOTFjZmM3MjhkMDE3NjBlYzQyNzgxMDk2YWM2YjRj
NzRhNWQwHhcNMjUwNDMwMTYwMDQxWhcNMjUwNTAxMTYwMDQxWjAzMTEwLwYDVQQD
EygyY2QyZmI1ZjVhOTc3MGRmMjIxYTYzNzYwYmYzOTRlYWU3OTY0Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DXVjCTaqc1+3v++TN/Z1vLFlFca
sVa+WzP2j0ZfeCbc8FRXdxNRJrVjONLPT27uGt78i7QYMBdn740IsT6pxks8jC/b
5bygCfl/FXWixUySWXwHdxHYa/fxEHV1QBKW2heZH6TrT/FSubGLwj/0G9b4LN/0
NK4WtJNn4Sez3GSfLh6+5UpEo1WWMyFdnUusHMQ69SmhqHn2S/swWyQYv+huWKJ3
iyBJ3VkTwqqbAdv1CakJG9xW08v0j8iAnF4c1LtIGK2nJCTKJKN/bN6LPGaBM1sj
DhxMaCY9ah/0XiXyWS+spZl+PpWl/qxpptaF5nSKDLvkKZEM9800FqVm4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzS+19al3DfIhpjdgvzlOrnlkZ3MB8GA1UdIwQY
MBaAFNoIKRz8co0Bdg7EJ4EJasa0x0pdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgt
YjA1Y2ZmYjE4N2ZhLzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgtYjA1Y2ZmYjE4N2Zh
LzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpNLCTpQ
9tCYS4CHX2Z0V2AWa4beO10mb5g+NP7VgA/P47aLFolnAyrX7gLaGSXSXIgwTBtz
We2i6ZHj3EekbdFFsBy2ufQCHQ9PWhezKfp9ic4cfFM4tqaSgfH2IBoAOAlmeDkB
DxUDOljBOdWCbOaAFjcq1/bDYwLXWaEHM4Zwyu4/GtudULQvYzpHLtEaxK9avpsF
iZEwLIWuZLHyyIwXZl+rRcoK8qbjwNahFRkqxGuRAOZJJCmohJ84FLUl3eBfi1ri
2480Ci88TWbsayiGvkSDnz82E5o7EtoONhn7y5TIIQX4G5putiWvLB17BSv1sbPH
HoZkwRB9QPAOEw==
-----END CERTIFICATE-----