Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          nPSTC6H+Nn92UXU7nOlxl9PLcFIXmGm68GmHKEGT+0g=
Subject key identifier:   60:B0:9C:CF:B0:BC:A5:E5:3E:0A:73:7F:34:7B:FE:D7:3B:40:7C:9A
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019676E8240CA7F2311BAC33090A7F790825
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0319
Signing time:             Sun 27 Apr 2025 11:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:47 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: ziylocUGIZVvFlMc9qMkwK8v3iuFNyaVdCktXx/xStQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 11:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:24:0c:a7:f2:31:1b:ac:33:09:0a:7f:79:08:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Apr 27 11:00:47 2025 GMT
            Not After : Apr 28 11:00:47 2025 GMT
        Subject: CN=60b09ccfb0bca5e53e0a737f347bfed73b407c9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:49:2c:15:aa:32:c0:62:92:ad:36:27:6f:5f:
                    d0:f8:99:90:3c:cf:d3:1f:77:b9:a2:ca:8c:63:f0:
                    a8:fc:b5:ca:0e:6d:41:36:5b:0a:32:e4:c2:19:9c:
                    bf:be:4e:fe:59:e1:9c:f6:da:c5:09:4d:e4:dc:ea:
                    02:ff:24:89:35:93:cf:74:56:b5:a5:ef:0b:a2:a0:
                    33:56:ea:64:67:ca:33:c2:5a:69:44:04:1a:70:1a:
                    3d:80:81:74:9c:84:d2:41:7e:f1:8b:ba:c2:d9:14:
                    71:8a:c7:50:02:7e:32:fc:6a:b2:4a:d0:11:8a:62:
                    a7:0d:57:d8:47:7b:99:93:e8:02:47:9b:cc:71:de:
                    00:56:a3:59:c6:dd:5e:1f:1a:31:5e:f6:05:02:8c:
                    2e:91:79:ce:92:1c:2e:ea:8a:9c:ab:a4:db:52:3f:
                    99:93:c1:b8:69:7e:d9:7f:ff:25:8c:56:ab:96:72:
                    54:35:82:3d:17:df:2d:bb:6e:30:32:63:1e:4a:49:
                    ee:38:93:97:79:a8:91:8e:30:c7:92:db:6e:7a:ce:
                    04:36:42:80:7a:57:56:ba:1f:c3:18:cb:ee:f0:33:
                    33:67:59:2e:a5:c7:62:b7:44:91:c1:de:99:e0:75:
                    25:f5:19:c9:f0:8f:1e:19:84:4f:0c:90:2b:9d:34:
                    1b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B0:9C:CF:B0:BC:A5:E5:3E:0A:73:7F:34:7B:FE:D7:3B:40:7C:9A
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:16:10:12:73:58:cb:a7:cf:be:38:d3:a7:15:34:e6:83:a9:
         b9:78:75:46:c7:5c:23:df:fe:19:7f:51:c4:0b:4d:94:ed:cc:
         36:38:b0:4c:7f:37:3e:85:2d:25:b5:46:f4:5a:8a:47:58:df:
         f9:7e:bb:a6:b3:0e:62:e3:a0:26:91:9f:22:5e:c0:61:65:31:
         e9:60:0e:4f:4f:5d:e3:eb:ad:0b:6e:e6:f6:a9:1b:dc:48:4a:
         16:fa:5a:c8:8d:4a:26:9e:73:dd:d6:d7:0c:55:00:18:ca:36:
         5e:17:47:d5:7a:cc:ef:c6:aa:02:1a:35:a8:a8:5a:02:e5:b6:
         fc:70:9a:93:ad:c8:bf:8b:4b:d0:ce:d8:38:48:1d:38:de:40:
         2b:40:29:7c:f2:3b:73:27:00:5b:03:17:96:ea:3c:b6:2b:8d:
         e2:67:91:0b:65:2a:3a:81:fd:fd:71:cb:ac:7a:0f:f5:e4:88:
         cd:5c:2e:71:83:d2:14:20:b3:be:fe:39:49:c2:de:f5:72:a8:
         d8:f8:bd:4e:02:e4:11:28:6c:01:7e:1b:6a:78:65:51:ee:6a:
         db:9b:02:e6:d2:6a:f8:c5:fd:c0:78:ba:80:d9:5a:fa:22:fc:
         c6:d0:21:60:fc:92:0d:2e:eb:b2:51:f5:10:be:cf:27:c6:04:
         50:ae:28:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26CQMp/IxG6wzCQp/eQglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwNDI3MTEwMDQ3WhcNMjUwNDI4MTEwMDQ3WjAzMTEwLwYDVQQD
Eyg2MGIwOWNjZmIwYmNhNWU1M2UwYTczN2YzNDdiZmVkNzNiNDA3YzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkksFaoywGKSrTYnb1/Q+JmQPM/T
H3e5osqMY/Co/LXKDm1BNlsKMuTCGZy/vk7+WeGc9trFCU3k3OoC/ySJNZPPdFa1
pe8LoqAzVupkZ8ozwlppRAQacBo9gIF0nITSQX7xi7rC2RRxisdQAn4y/GqyStAR
imKnDVfYR3uZk+gCR5vMcd4AVqNZxt1eHxoxXvYFAowukXnOkhwu6oqcq6TbUj+Z
k8G4aX7Zf/8ljFarlnJUNYI9F98tu24wMmMeSknuOJOXeaiRjjDHkttues4ENkKA
eldWuh/DGMvu8DMzZ1kupcdit0SRwd6Z4HUl9RnJ8I8eGYRPDJArnTQbuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCwnM+wvKXlPgpzfzR7/tc7QHyaMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmxYQEnNY
y6fPvjjTpxU05oOpuXh1RsdcI9/+GX9RxAtNlO3MNjiwTH83PoUtJbVG9FqKR1jf
+X67prMOYuOgJpGfIl7AYWUx6WAOT09d4+utC27m9qkb3EhKFvpayI1KJp5z3dbX
DFUAGMo2XhdH1XrM78aqAho1qKhaAuW2/HCak63Iv4tL0M7YOEgdON5AK0ApfPI7
cycAWwMXluo8tiuN4meRC2UqOoH9/XHLrHoP9eSIzVwucYPSFCCzvv45ScLe9XKo
2Pi9TgLkEShsAX4banhlUe5q25sC5tJq+MX9wHi6gNla+iL8xtAhYPySDS7rslH1
EL7PJ8YEUK4o8A==
-----END CERTIFICATE-----