Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
File:                     K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft (raw, json)
Hash identifier:          AIvz9sp+z6jJZOBPsBaHfbtCXuM1UZdmuu0LBeH0Kvo=
Subject key identifier:   FF:B0:E0:24:98:F7:07:CC:61:78:3E:CE:34:5B:01:99:3C:BF:23:8B
Authority key identifier: 2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F
Certificate issuer:       /CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
Certificate serial:       01965725FB25D60AF4A90DF1901668392473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
Manifest number:          0618
Signing time:             Mon 21 Apr 2025 07:00:28 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:28 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:28 +0000
Files and hashes:         1: K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl (hash: T17Yf8f38eC7E6WF/7ZMC0YzJMGbKWAwTbLT8AHgYHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:25:fb:25:d6:0a:f4:a9:0d:f1:90:16:68:39:24:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
        Validity
            Not Before: Apr 21 07:00:28 2025 GMT
            Not After : Apr 22 07:00:28 2025 GMT
        Subject: CN=ffb0e02498f707cc61783ece345b01993cbf238b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f2:75:be:56:0e:9e:df:cb:23:b4:1a:32:8e:
                    ab:9b:2f:33:3d:28:8e:6e:ab:17:d9:18:6e:1c:18:
                    ef:69:1c:60:ab:64:13:b5:de:b2:8a:07:1f:db:08:
                    2c:45:73:61:4e:5c:26:00:c7:68:ac:79:c3:08:19:
                    7a:0a:88:02:8a:56:68:4d:45:cb:3e:ab:c5:d9:78:
                    d2:4c:3c:71:b3:76:4d:08:e4:bd:95:4c:16:ea:bd:
                    f2:96:25:0f:5d:d3:be:b4:1d:aa:6a:c1:83:20:12:
                    e4:4b:cf:1b:99:ff:fa:0b:bd:db:28:7e:fa:f3:bf:
                    0b:c5:24:8a:53:b1:05:7e:c8:3d:09:b0:78:2c:3a:
                    9f:d4:6e:6f:81:60:ab:36:84:09:2e:b0:28:03:0b:
                    95:64:6a:74:42:fb:fa:f9:70:48:d0:4a:2c:c1:5f:
                    9b:27:3b:10:08:9a:c6:63:3f:e3:64:ab:d9:74:53:
                    64:94:42:2d:0a:02:ee:1f:7d:f4:09:ce:c3:ee:a2:
                    f6:31:43:43:1a:aa:da:ac:5a:5a:21:c0:95:29:83:
                    a4:15:2e:84:27:e3:60:92:17:d2:09:15:ae:30:c8:
                    84:77:b1:73:dc:5a:fa:32:69:14:b2:bc:86:6c:31:
                    9b:8c:8c:8e:2a:b4:1b:01:5c:b0:46:d6:b1:28:01:
                    96:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B0:E0:24:98:F7:07:CC:61:78:3E:CE:34:5B:01:99:3C:BF:23:8B
            X509v3 Authority Key Identifier:
                keyid:2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:17:5a:89:8c:34:13:f6:de:d1:a2:cb:1d:74:3f:20:7d:62:
         e4:6e:89:e7:9f:09:a8:68:fa:40:eb:0d:9e:1d:84:0d:b8:2f:
         8c:c6:d5:8d:24:2e:c1:36:97:58:95:00:1b:b7:bb:bb:90:ed:
         bd:5b:f1:4f:14:3d:8f:16:29:95:3c:84:65:96:34:b0:9f:ee:
         27:4f:ad:7f:10:03:38:0b:c7:39:2d:a9:4b:30:f7:df:49:80:
         b1:c9:f4:b3:ce:51:e4:f5:02:ed:bb:38:25:fd:e1:c0:dd:c2:
         c2:08:d7:74:ee:8e:8d:3b:ef:29:d0:a3:8e:c6:9c:45:3f:f7:
         4b:f2:c5:49:70:ab:fd:8d:8c:6d:1b:78:ba:b2:2e:af:17:3c:
         26:0c:80:81:51:33:3f:98:56:31:28:9a:ba:0d:4a:12:46:b9:
         8f:5d:85:c3:0f:e8:77:03:eb:4a:99:46:26:42:04:f9:da:10:
         38:c6:91:cf:84:a1:40:cd:63:d3:ec:f5:0a:8a:f7:16:9a:2b:
         de:af:97:14:0c:e0:91:30:cb:1e:1e:8e:51:b1:54:fe:47:df:
         7e:5c:95:01:72:83:df:de:e3:10:8d:3a:6d:9b:bc:9e:58:5a:
         3b:90:a0:76:0b:d4:4d:61:c3:9c:65:e8:bb:51:15:63:03:0e:
         6b:0c:9b:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJfsl1gr0qQ3xkBZoOSRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNTdiMGRiMDAxNmZlNjI1MDk1ZGYwYzZlNTdmZTA3ZjFj
ZjI4OWYwHhcNMjUwNDIxMDcwMDI4WhcNMjUwNDIyMDcwMDI4WjAzMTEwLwYDVQQD
EyhmZmIwZTAyNDk4ZjcwN2NjNjE3ODNlY2UzNDViMDE5OTNjYmYyMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/J1vlYOnt/LI7QaMo6rmy8zPSiO
bqsX2RhuHBjvaRxgq2QTtd6yigcf2wgsRXNhTlwmAMdorHnDCBl6CogCilZoTUXL
PqvF2XjSTDxxs3ZNCOS9lUwW6r3yliUPXdO+tB2qasGDIBLkS88bmf/6C73bKH76
878LxSSKU7EFfsg9CbB4LDqf1G5vgWCrNoQJLrAoAwuVZGp0Qvv6+XBI0EoswV+b
JzsQCJrGYz/jZKvZdFNklEItCgLuH330Cc7D7qL2MUNDGqrarFpaIcCVKYOkFS6E
J+NgkhfSCRWuMMiEd7Fz3Fr6MmkUsryGbDGbjIyOKrQbAVywRtaxKAGW1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+w4CSY9wfMYXg+zjRbAZk8vyOLMB8GA1UdIwQY
MBaAFCtXsNsAFv5iUJXfDG5X/gfxzyifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgt
ZjQ0ZjM1YjdhOTVkLzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgtZjQ0ZjM1YjdhOTVk
LzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBdaiYw0
E/be0aLLHXQ/IH1i5G6J558JqGj6QOsNnh2EDbgvjMbVjSQuwTaXWJUAG7e7u5Dt
vVvxTxQ9jxYplTyEZZY0sJ/uJ0+tfxADOAvHOS2pSzD330mAscn0s85R5PUC7bs4
Jf3hwN3CwgjXdO6OjTvvKdCjjsacRT/3S/LFSXCr/Y2MbRt4urIurxc8JgyAgVEz
P5hWMSiaug1KEka5j12Fww/odwPrSplGJkIE+doQOMaRz4ShQM1j0+z1Cor3Fpor
3q+XFAzgkTDLHh6OUbFU/kffflyVAXKD397jEI06bZu8nlhaO5CgdgvUTWHDnGXo
u1EVYwMOawybvg==
-----END CERTIFICATE-----