Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          /TqOlT6oQu19lDQTcSLWlzH+SWzx3LpV6ABc7GAHZ9U=
Subject key identifier:   A3:FC:BA:1A:16:F8:B0:FA:95:60:CC:DA:16:53:54:5E:2B:39:20:89
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       0197488CA2CF5DCC9324247A5AC69FE6DD7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 04:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:05 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: BDYDzlDphZGC7hT165bSNA0VNZUqPMtddUorhGtGDUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:a2:cf:5d:cc:93:24:24:7a:5a:c6:9f:e6:dd:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Jun  7 04:01:05 2025 GMT
            Not After : Jun  8 04:01:05 2025 GMT
        Subject: CN=a3fcba1a16f8b0fa9560ccda1653545e2b392089
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a9:a1:53:eb:c6:a2:eb:29:a7:47:2a:6b:0e:
                    c4:ff:13:80:35:b4:e1:a1:39:67:37:b7:64:0a:a2:
                    d6:0d:f2:f3:c4:2d:47:1d:c5:26:bb:1a:9a:77:4d:
                    f6:e2:67:72:a0:5c:ee:cd:14:77:4d:d9:32:4a:8b:
                    c7:e0:47:4e:e0:20:a9:55:95:3d:4f:b7:68:43:47:
                    f8:fd:0c:5f:00:76:a4:8c:e2:56:78:d2:c5:18:4c:
                    26:fc:a1:23:ec:0c:8f:de:34:34:e0:88:02:bf:1f:
                    9b:af:f6:fd:6d:70:38:9b:25:7b:c8:37:45:cd:08:
                    3d:a5:46:fe:80:aa:a1:62:81:72:a4:ad:0e:92:da:
                    37:c0:21:63:ec:67:c7:f3:55:f2:40:93:a8:e1:d1:
                    f2:7f:50:53:a8:6f:1c:c6:0e:8d:0c:a9:48:1c:95:
                    8a:d8:20:67:c6:52:ee:2e:de:c3:f5:66:78:e2:46:
                    16:65:f4:75:a5:bf:90:ab:54:ad:85:be:74:72:6f:
                    d4:20:43:49:c3:df:2f:d9:be:ed:48:2b:09:41:3b:
                    9c:e9:01:ae:3e:1f:08:1d:8c:df:70:62:09:c5:ed:
                    0f:25:92:df:10:bd:91:e1:dc:1a:13:37:bd:6a:c0:
                    05:76:55:71:6e:4a:e6:34:ef:2d:04:29:7f:0e:19:
                    be:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:FC:BA:1A:16:F8:B0:FA:95:60:CC:DA:16:53:54:5E:2B:39:20:89
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:7f:7d:26:1e:4d:9e:f1:0f:29:d4:5e:2e:4f:df:00:c0:c3:
         49:36:25:2f:a6:8d:57:05:dc:cd:79:f0:17:d8:0a:56:09:dd:
         cc:33:48:38:c1:20:7b:54:ac:71:ea:ec:ad:cb:e1:80:d8:46:
         e6:fa:c5:d3:a3:b1:c4:a4:50:71:6a:ca:2a:1b:4c:e1:80:75:
         7f:ef:76:d7:e4:bb:64:24:72:21:ef:6c:4b:7d:60:15:e9:f8:
         13:a2:3a:77:3a:40:39:65:c7:94:59:0b:3e:f3:65:5a:40:0c:
         e3:0d:49:d1:50:0e:c4:90:34:84:8c:05:5a:64:39:04:22:ea:
         1b:f7:25:7d:ff:7c:68:c9:a2:e8:91:d6:6d:ea:59:b8:4d:06:
         4c:25:3d:51:7e:31:45:62:45:26:e4:b9:1f:9c:fd:6e:f6:3e:
         7b:2a:cb:1e:6f:67:95:71:50:fe:df:d1:3b:ab:d8:9d:0e:4f:
         24:7a:49:82:de:87:12:75:ef:1e:14:86:6a:0c:16:26:e7:f4:
         fa:e6:5b:43:b3:18:1e:b4:3b:e4:7b:59:f6:62:95:13:67:e1:
         d6:78:9e:8a:1f:fb:da:ed:d2:c7:01:ac:ac:c5:7e:7f:3a:90:
         1b:9e:b3:84:c4:64:6c:f1:ff:5c:a6:66:1b:bd:b7:e7:70:2b:
         bd:cc:9a:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKLPXcyTJCR6Wsaf5t1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUwNjA3MDQwMTA1WhcNMjUwNjA4MDQwMTA1WjAzMTEwLwYDVQQD
EyhhM2ZjYmExYTE2ZjhiMGZhOTU2MGNjZGExNjUzNTQ1ZTJiMzkyMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KmhU+vGouspp0cqaw7E/xOANbTh
oTlnN7dkCqLWDfLzxC1HHcUmuxqad0324mdyoFzuzRR3TdkySovH4EdO4CCpVZU9
T7doQ0f4/QxfAHakjOJWeNLFGEwm/KEj7AyP3jQ04IgCvx+br/b9bXA4myV7yDdF
zQg9pUb+gKqhYoFypK0Okto3wCFj7GfH81XyQJOo4dHyf1BTqG8cxg6NDKlIHJWK
2CBnxlLuLt7D9WZ44kYWZfR1pb+Qq1Sthb50cm/UIENJw98v2b7tSCsJQTuc6QGu
Ph8IHYzfcGIJxe0PJZLfEL2R4dwaEze9asAFdlVxbkrmNO8tBCl/Dhm+JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKP8uhoW+LD6lWDM2hZTVF4rOSCJMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArH99Jh5N
nvEPKdReLk/fAMDDSTYlL6aNVwXczXnwF9gKVgndzDNIOMEge1SscersrcvhgNhG
5vrF06OxxKRQcWrKKhtM4YB1f+921+S7ZCRyIe9sS31gFen4E6I6dzpAOWXHlFkL
PvNlWkAM4w1J0VAOxJA0hIwFWmQ5BCLqG/clff98aMmi6JHWbepZuE0GTCU9UX4x
RWJFJuS5H5z9bvY+eyrLHm9nlXFQ/t/RO6vYnQ5PJHpJgt6HEnXvHhSGagwWJuf0
+uZbQ7MYHrQ75HtZ9mKVE2fh1nieih/72u3SxwGsrMV+fzqQG56zhMRkbPH/XKZm
G72353ArvcyaCw==
-----END CERTIFICATE-----