Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          t628qqvuUw9nT3290lPl0U91ZM/TavGad8SxiKLjRXg=
Subject key identifier:   43:18:68:2E:BE:D4:97:18:D9:C1:BA:89:26:D8:50:D0:7E:BA:E0:F6
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019882431C9BACB9E6E597E4DC440CB8ACBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0428
Signing time:             Thu 07 Aug 2025 02:01:32 +0000
Manifest this update:     Thu 07 Aug 2025 02:01:32 +0000
Manifest next update:     Fri 08 Aug 2025 02:01:32 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: KElZvEGO5Jd+kJhHDdyoVoUrDcmNmnyC+AfCJdhDods=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 02:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:43:1c:9b:ac:b9:e6:e5:97:e4:dc:44:0c:b8:ac:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Aug  7 02:01:32 2025 GMT
            Not After : Aug  8 02:01:32 2025 GMT
        Subject: CN=4318682ebed49718d9c1ba8926d850d07ebae0f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:5f:9e:80:ae:c6:25:7e:39:91:2b:f9:f9:
                    c0:5c:a8:b8:03:f1:07:76:05:eb:bf:b0:89:a5:1e:
                    a6:cf:ab:ab:5b:39:d3:fc:d5:9d:62:63:e0:90:7b:
                    43:77:34:02:24:f7:a8:35:c8:55:21:e1:9a:aa:54:
                    05:e2:e1:a6:bf:b9:1d:7f:22:2b:0e:50:9b:76:ed:
                    50:8b:c7:4b:0c:74:76:36:ca:bd:71:19:83:67:26:
                    ac:84:2b:eb:08:86:55:aa:50:65:43:18:33:36:a9:
                    2f:d0:5e:e3:72:51:9d:18:42:5d:1c:37:fa:98:14:
                    89:76:a0:55:e8:d3:21:61:88:6c:c4:88:ff:fe:53:
                    1f:8a:5d:80:b7:2c:cb:ee:2e:7e:17:27:cf:1f:37:
                    7e:09:61:a6:01:6a:5b:27:25:f5:58:c3:7b:13:2d:
                    e7:3b:91:9e:b2:5f:67:0f:1e:81:df:e7:65:da:c7:
                    49:f6:af:df:46:01:a1:a1:e0:e4:4b:0f:19:41:c3:
                    81:fe:77:a2:f5:2b:b2:09:aa:df:5d:8f:2e:66:1f:
                    ab:83:33:0f:7f:26:1a:1b:c0:e8:2b:dd:44:11:4c:
                    73:e9:fb:75:37:c8:27:0e:b0:fc:ac:0a:88:72:97:
                    0a:b7:9f:f3:9d:d9:db:c2:cf:46:4c:80:2b:4e:74:
                    df:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:18:68:2E:BE:D4:97:18:D9:C1:BA:89:26:D8:50:D0:7E:BA:E0:F6
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:b5:f2:2a:38:ca:61:3a:0d:b5:0d:78:bb:54:9f:42:3f:1b:
         dc:d7:a3:d2:ec:a3:e1:0f:89:da:23:0a:56:3e:1b:a8:96:76:
         f1:be:05:8d:dc:0a:93:35:16:bd:89:85:72:1f:ae:fa:72:c9:
         41:fe:e2:7e:91:fb:6c:00:19:9d:48:20:dc:52:e7:7c:5e:97:
         03:56:5e:ce:db:bb:51:10:71:26:31:99:fe:4c:73:71:e0:a8:
         4b:22:9d:f7:64:c0:98:36:02:93:db:60:3f:ee:47:24:d8:9d:
         53:33:1d:a5:45:78:58:6f:eb:94:57:da:74:8e:cb:ba:58:86:
         5f:b8:32:8f:76:9e:76:5d:60:66:4d:62:db:6f:b9:f5:6e:a2:
         a2:bb:50:64:4d:89:f0:be:02:4f:58:61:1e:1d:54:c3:b6:98:
         8f:b3:e5:64:65:55:e9:07:d6:b0:db:49:5e:6f:e7:1c:b1:44:
         01:ea:5e:cd:d3:b4:44:7e:51:46:83:d0:db:99:e8:27:13:c4:
         ec:0f:36:ca:b2:9d:89:d4:bf:32:7d:87:a2:e4:e4:fb:92:d6:
         13:d1:8f:9e:f4:a4:9f:62:fd:77:47:70:c4:16:17:cb:a4:81:
         56:dd:0e:f3:97:d9:99:a5:01:f2:74:f9:13:02:c1:24:46:da:
         d6:2e:01:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCQxybrLnm5Zfk3EQMuKy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwODA3MDIwMTMyWhcNMjUwODA4MDIwMTMyWjAzMTEwLwYDVQQD
Eyg0MzE4NjgyZWJlZDQ5NzE4ZDljMWJhODkyNmQ4NTBkMDdlYmFlMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvFfnoCuxiV+OZEr+fnAXKi4A/EH
dgXrv7CJpR6mz6urWznT/NWdYmPgkHtDdzQCJPeoNchVIeGaqlQF4uGmv7kdfyIr
DlCbdu1Qi8dLDHR2Nsq9cRmDZyashCvrCIZVqlBlQxgzNqkv0F7jclGdGEJdHDf6
mBSJdqBV6NMhYYhsxIj//lMfil2AtyzL7i5+FyfPHzd+CWGmAWpbJyX1WMN7Ey3n
O5Gesl9nDx6B3+dl2sdJ9q/fRgGhoeDkSw8ZQcOB/nei9SuyCarfXY8uZh+rgzMP
fyYaG8DoK91EEUxz6ft1N8gnDrD8rAqIcpcKt5/zndnbws9GTIArTnTftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMYaC6+1JcY2cG6iSbYUNB+uuD2MB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrXyKjjK
YToNtQ14u1SfQj8b3Nej0uyj4Q+J2iMKVj4bqJZ28b4FjdwKkzUWvYmFch+u+nLJ
Qf7ifpH7bAAZnUgg3FLnfF6XA1Zeztu7URBxJjGZ/kxzceCoSyKd92TAmDYCk9tg
P+5HJNidUzMdpUV4WG/rlFfadI7LuliGX7gyj3aedl1gZk1i22+59W6iortQZE2J
8L4CT1hhHh1Uw7aYj7PlZGVV6QfWsNtJXm/nHLFEAepezdO0RH5RRoPQ25noJxPE
7A82yrKdidS/Mn2HouTk+5LWE9GPnvSkn2L9d0dwxBYXy6SBVt0O85fZmaUB8nT5
EwLBJEba1i4BOQ==
-----END CERTIFICATE-----