Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          iX6xxJUHo+lCs9sley8fEuTLFktvZ2Zdu8gr5xcNGmw=
Subject key identifier:   9C:B9:3F:E0:A3:2E:46:97:72:A7:91:1E:3D:2B:81:DA:D6:D7:7A:5F
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       01974C692EFF9554F76784403D0907D90E85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          0687
Signing time:             Sat 07 Jun 2025 22:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:51 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: eoCjZooV84LGCr+kvxA4EhlMsPagIzKrFBLdIxg5jSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:2e:ff:95:54:f7:67:84:40:3d:09:07:d9:0e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Jun  7 22:00:51 2025 GMT
            Not After : Jun  8 22:00:51 2025 GMT
        Subject: CN=9cb93fe0a32e469772a7911e3d2b81dad6d77a5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:68:fa:96:1d:30:83:e1:de:f2:88:2c:fd:04:
                    3e:74:1b:e3:e4:8e:af:52:0c:ae:05:c5:12:3c:cf:
                    9b:d9:7d:86:bf:4f:cc:2c:d7:9e:f1:ac:96:d4:0d:
                    6e:e7:b9:7f:9b:e6:ed:fa:0a:99:50:a0:a2:e8:4a:
                    2e:75:2a:66:15:a8:d9:0a:f7:8d:75:e1:4c:a4:8d:
                    ec:9b:d3:bd:00:8a:42:00:62:ff:69:3b:75:4f:77:
                    ae:1a:13:28:b5:2a:42:98:fc:28:00:ee:66:57:da:
                    f1:48:df:2e:a3:5b:a1:63:de:ec:e7:ec:23:1f:07:
                    d2:8a:f9:ee:65:7e:d0:60:c9:1c:24:03:79:a5:9a:
                    28:56:8d:4a:88:2a:28:2a:0f:a1:de:9d:81:81:61:
                    37:f0:81:b8:d5:b6:18:c4:f1:55:52:e4:b8:c1:99:
                    60:da:8c:44:fd:58:d1:d8:c8:4a:ea:d4:91:50:59:
                    98:e9:3a:c9:f6:71:26:2a:2f:02:c9:94:0b:f2:c0:
                    41:00:3d:9e:ec:5b:94:33:13:96:cb:a7:a3:14:77:
                    01:cc:f9:8a:20:2c:50:4e:65:47:ee:90:c8:ab:b2:
                    4f:73:d3:c3:24:e5:4d:c8:3d:3e:7e:08:52:8a:0a:
                    cd:05:16:53:8a:a7:e8:be:e4:f3:1e:95:92:78:80:
                    55:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B9:3F:E0:A3:2E:46:97:72:A7:91:1E:3D:2B:81:DA:D6:D7:7A:5F
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:68:e3:15:29:23:fc:c3:fc:7b:e2:c6:d8:1b:a4:d6:19:e2:
         8d:0a:98:17:f4:25:b0:f2:4a:2a:23:3c:43:a4:ae:a4:96:64:
         8b:b4:12:5f:a2:cf:e1:a6:d0:cb:f3:e7:e2:4d:0f:7b:a4:1a:
         ec:e0:0e:b1:a4:58:79:c7:ad:9b:b3:5f:5c:46:02:b1:95:72:
         0d:28:d0:2b:d8:bb:bf:e8:3e:3e:44:87:61:28:2c:c8:38:90:
         65:a3:15:86:11:37:77:f8:ec:53:1e:11:a8:ad:aa:59:63:a3:
         2e:94:4c:46:8f:74:e1:a3:03:3c:4b:90:29:b5:dd:93:43:62:
         2a:f3:c6:02:ec:bc:1f:62:77:aa:2e:09:08:9f:17:e0:bb:45:
         d0:19:f1:3f:e3:26:e6:71:c3:95:74:b0:9b:7c:eb:91:ac:a1:
         a0:64:d5:9e:3b:62:11:0a:f3:0a:8d:7d:e4:91:35:d5:a2:ad:
         01:02:1f:82:6e:90:16:b6:95:e5:f6:62:d0:aa:8c:0e:ea:ea:
         3f:c7:3f:97:50:55:63:e9:16:27:eb:4f:3a:ba:3a:e2:d0:65:
         f6:2b:cd:fa:ec:fa:85:d7:5c:2f:4e:10:11:6c:97:30:f7:81:
         90:13:ea:90:95:f4:b3:8a:43:3f:ad:60:05:ac:52:38:76:2e:
         a0:59:d7:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaS7/lVT3Z4RAPQkH2Q6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjUwNjA3MjIwMDUxWhcNMjUwNjA4MjIwMDUxWjAzMTEwLwYDVQQD
Eyg5Y2I5M2ZlMGEzMmU0Njk3NzJhNzkxMWUzZDJiODFkYWQ2ZDc3YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGj6lh0wg+He8ogs/QQ+dBvj5I6v
UgyuBcUSPM+b2X2Gv0/MLNee8ayW1A1u57l/m+bt+gqZUKCi6EoudSpmFajZCveN
deFMpI3sm9O9AIpCAGL/aTt1T3euGhMotSpCmPwoAO5mV9rxSN8uo1uhY97s5+wj
HwfSivnuZX7QYMkcJAN5pZooVo1KiCooKg+h3p2BgWE38IG41bYYxPFVUuS4wZlg
2oxE/VjR2MhK6tSRUFmY6TrJ9nEmKi8CyZQL8sBBAD2e7FuUMxOWy6ejFHcBzPmK
ICxQTmVH7pDIq7JPc9PDJOVNyD0+fghSigrNBRZTiqfovuTzHpWSeIBV4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJy5P+CjLkaXcqeRHj0rgdrW13pfMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGjjFSkj
/MP8e+LG2Buk1hnijQqYF/QlsPJKKiM8Q6SupJZki7QSX6LP4abQy/Pn4k0Pe6Qa
7OAOsaRYecetm7NfXEYCsZVyDSjQK9i7v+g+PkSHYSgsyDiQZaMVhhE3d/jsUx4R
qK2qWWOjLpRMRo904aMDPEuQKbXdk0NiKvPGAuy8H2J3qi4JCJ8X4LtF0BnxP+Mm
5nHDlXSwm3zrkayhoGTVnjtiEQrzCo195JE11aKtAQIfgm6QFraV5fZi0KqMDurq
P8c/l1BVY+kWJ+tPOro64tBl9ivN+uz6hddcL04QEWyXMPeBkBPqkJX0s4pDP61g
BaxSOHYuoFnXGA==
-----END CERTIFICATE-----