Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          1vezXoeYOpMEVLATqO93kBfRcrQqyW+WOepUXYNa7Sk=
Subject key identifier:   A9:31:AB:9A:27:DD:FE:4E:ED:76:7C:BE:EF:6D:68:8B:2B:98:65:3D
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       0198499BE0ADF195A122C1798FCADA6CB49D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0D09
Signing time:             Sun 27 Jul 2025 02:00:09 +0000
Manifest this update:     Sun 27 Jul 2025 02:00:09 +0000
Manifest next update:     Mon 28 Jul 2025 02:00:09 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: XpF/FJ4D95vIwh6YCK9NfGV4bOyTbd0xEMukn3slYRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 02:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:9b:e0:ad:f1:95:a1:22:c1:79:8f:ca:da:6c:b4:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Jul 27 02:00:09 2025 GMT
            Not After : Jul 28 02:00:09 2025 GMT
        Subject: CN=a931ab9a27ddfe4eed767cbeef6d688b2b98653d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:67:25:40:cf:4d:fb:e9:b9:e8:fa:23:bc:42:
                    79:f3:df:0f:4b:fe:70:c2:29:5c:aa:37:d6:90:a0:
                    be:87:2d:b1:43:df:7f:3a:dd:23:9c:f4:7f:e9:0d:
                    9f:0f:a0:d2:de:41:b3:f7:c5:c7:cb:9b:61:9b:08:
                    21:fd:e8:d6:e3:ba:4f:8c:4a:82:ed:06:49:4e:4b:
                    50:98:d3:20:9a:7c:ff:ab:1e:36:40:85:10:68:2d:
                    70:cf:6f:65:bf:8a:43:a0:fd:62:27:99:52:bf:7a:
                    bd:4a:cd:a8:af:7f:40:0c:0c:7c:89:b7:c3:39:fb:
                    b8:b4:43:f4:be:9f:cf:0b:1c:9b:da:1b:e1:0c:c1:
                    4a:71:5c:40:86:ef:2b:b2:59:f9:93:89:01:6f:86:
                    87:80:86:ce:83:e2:c4:a6:0e:5c:63:97:98:36:aa:
                    cb:c6:8e:11:26:66:74:59:9e:3c:d9:38:a3:32:0f:
                    95:8e:a0:7d:b9:f5:1f:fd:89:b0:91:6f:0e:08:fc:
                    f6:32:82:f2:41:d0:eb:c3:09:0b:d6:57:27:51:70:
                    92:49:27:c3:c9:e5:c2:ba:32:f4:a2:34:f2:14:1e:
                    77:40:d0:e9:a0:ec:b5:21:fa:4c:bc:9a:b1:ee:75:
                    6c:4a:c3:34:e5:c6:19:ee:72:b3:ae:ce:d5:d7:89:
                    26:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:31:AB:9A:27:DD:FE:4E:ED:76:7C:BE:EF:6D:68:8B:2B:98:65:3D
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4c:26:d0:5d:ac:94:a2:72:52:0b:30:11:b2:94:68:5c:5b:
         4a:d2:19:be:b8:c4:4a:09:f5:ee:33:d1:f6:d5:9d:83:74:8c:
         a6:de:bf:18:25:76:2e:91:97:79:7f:8a:56:0e:40:23:d9:ea:
         46:f2:bc:16:16:ed:c0:8b:99:ad:10:c6:05:1a:24:b3:bb:b6:
         b8:b9:6a:3b:b0:71:ca:d1:b5:d2:a6:e1:6b:eb:8d:53:ee:14:
         94:1d:a6:9a:9d:37:7a:eb:78:16:1c:f0:aa:3d:a3:1d:e1:6f:
         7c:2c:e6:06:c0:81:4b:2c:11:da:62:b1:a0:cf:1c:aa:6d:14:
         da:1d:71:85:d0:6b:e0:22:d5:ab:06:ec:da:4a:5c:ac:a2:d5:
         df:d2:ba:c1:9f:fe:8e:fe:6b:58:6f:f7:36:f7:c9:eb:80:1c:
         ab:72:43:5a:59:8a:80:83:2a:d8:d8:11:d5:e4:64:f2:1e:4b:
         72:b5:bd:b2:2d:93:2f:ee:95:6f:f5:bd:eb:b2:e1:5f:8f:ab:
         fd:a4:81:58:9e:c1:c9:09:c8:9f:3a:93:bd:ab:76:33:6a:3a:
         eb:22:73:9f:d9:23:76:06:3b:b6:1c:4a:0b:fe:d5:2f:19:83:
         1d:c8:fe:f6:07:61:30:89:da:d5:7e:cb:31:d5:47:f4:cc:be:
         74:0f:05:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJm+Ct8ZWhIsF5j8rabLSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUwNzI3MDIwMDA5WhcNMjUwNzI4MDIwMDA5WjAzMTEwLwYDVQQD
EyhhOTMxYWI5YTI3ZGRmZTRlZWQ3NjdjYmVlZjZkNjg4YjJiOTg2NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGclQM9N++m56PojvEJ5898PS/5w
wilcqjfWkKC+hy2xQ99/Ot0jnPR/6Q2fD6DS3kGz98XHy5thmwgh/ejW47pPjEqC
7QZJTktQmNMgmnz/qx42QIUQaC1wz29lv4pDoP1iJ5lSv3q9Ss2or39ADAx8ibfD
Ofu4tEP0vp/PCxyb2hvhDMFKcVxAhu8rsln5k4kBb4aHgIbOg+LEpg5cY5eYNqrL
xo4RJmZ0WZ482TijMg+VjqB9ufUf/YmwkW8OCPz2MoLyQdDrwwkL1lcnUXCSSSfD
yeXCujL0ojTyFB53QNDpoOy1IfpMvJqx7nVsSsM05cYZ7nKzrs7V14kmywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkxq5on3f5O7XZ8vu9taIsrmGU9MB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEwm0F2s
lKJyUgswEbKUaFxbStIZvrjESgn17jPR9tWdg3SMpt6/GCV2LpGXeX+KVg5AI9nq
RvK8FhbtwIuZrRDGBRoks7u2uLlqO7BxytG10qbha+uNU+4UlB2mmp03eut4Fhzw
qj2jHeFvfCzmBsCBSywR2mKxoM8cqm0U2h1xhdBr4CLVqwbs2kpcrKLV39K6wZ/+
jv5rWG/3NvfJ64Acq3JDWlmKgIMq2NgR1eRk8h5LcrW9si2TL+6Vb/W967LhX4+r
/aSBWJ7ByQnInzqTvat2M2o66yJzn9kjdgY7thxKC/7VLxmDHcj+9gdhMIna1X7L
MdVH9My+dA8F+A==
-----END CERTIFICATE-----