Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          rOM2fJ4IA5g1fVsuIraxAjmOHdejG8NbO+OxyD2veXY=
Subject key identifier:   8E:96:09:BA:7A:CB:B4:12:FA:F6:17:FF:97:0B:19:51:7F:46:0A:9A
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       01974E58203824DE4D630D39D6A4FCAF01C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0AC9
Signing time:             Sun 08 Jun 2025 07:01:27 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:27 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:27 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: WoAyK8I3My/iVAZY7rGkfF5HV0X4gsYGiYCxSPP0E30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:58:20:38:24:de:4d:63:0d:39:d6:a4:fc:af:01:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Jun  8 07:01:27 2025 GMT
            Not After : Jun  9 07:01:27 2025 GMT
        Subject: CN=8e9609ba7acbb412faf617ff970b19517f460a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9f:2c:ae:f9:1b:09:6f:e3:5a:21:cb:af:a8:
                    2f:db:f1:bf:b9:27:ae:04:95:ec:87:c8:2c:dd:9e:
                    31:33:49:cd:c3:d5:78:79:64:7b:3a:c9:35:3e:65:
                    ef:eb:c2:9b:9c:1c:9a:20:9f:44:b2:0b:27:16:eb:
                    c1:ef:ff:22:51:61:ea:2d:db:e8:ff:52:a5:26:8e:
                    7f:8d:a9:bb:b5:c7:08:96:a7:7e:b0:cb:d1:f9:68:
                    14:99:58:73:3f:aa:d1:c4:b8:2f:67:80:ba:15:b8:
                    88:9d:bd:04:f4:f3:9c:c4:4c:09:de:50:9c:a4:06:
                    e5:7c:41:7b:40:52:0a:ee:b3:82:18:15:a6:89:8a:
                    1a:f3:17:ff:6a:5d:01:f7:c4:43:ce:67:0a:95:ba:
                    ac:73:7b:17:04:25:c2:3c:7f:a0:ab:d8:47:b7:e4:
                    d3:e5:83:27:85:43:fe:72:9e:0a:c9:20:22:85:e5:
                    6d:e2:00:12:6d:60:25:a5:ed:e1:99:5e:cf:4c:40:
                    93:7f:cb:42:a9:3c:ce:be:60:48:b1:bc:94:f0:d2:
                    d7:f1:02:f5:73:f0:61:58:c6:4a:94:c0:5a:9e:19:
                    86:b6:b3:40:88:06:e5:c6:ba:e2:b1:d0:d6:4a:5b:
                    4f:31:0d:77:75:e1:fe:eb:0d:4d:77:62:94:25:f1:
                    7d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:96:09:BA:7A:CB:B4:12:FA:F6:17:FF:97:0B:19:51:7F:46:0A:9A
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:51:0e:fd:8d:ee:4e:b0:fe:0e:74:1d:3d:14:5c:2b:c9:45:
         23:94:e2:bb:ce:35:47:b8:ea:9f:75:e9:38:3c:64:1c:e6:90:
         9b:b3:6a:71:da:29:67:03:4c:c9:77:3e:91:d1:fe:59:19:26:
         f4:77:37:7b:ec:db:66:6a:f5:4f:e4:45:f0:2a:8e:e2:ca:1a:
         5b:3a:38:44:47:fa:8d:e8:e4:99:ef:25:d6:c5:ff:f9:c7:a6:
         c8:3c:ce:1b:5b:95:48:2f:b3:2b:41:49:41:c8:bd:ec:b8:35:
         09:32:63:c8:35:51:0c:57:1e:54:96:78:27:95:59:2c:d2:ea:
         12:d5:62:56:0d:64:ad:3a:8f:84:b9:96:c9:65:46:eb:e1:4e:
         7b:e2:ee:8b:63:bb:05:9d:6f:13:73:3e:1e:d0:79:72:35:ea:
         80:56:46:6a:1f:e4:1a:43:da:ff:ea:67:97:97:4d:b0:7d:e8:
         9b:5c:a8:80:a5:34:7d:3b:fc:4e:23:bf:49:c4:43:1d:2c:1f:
         d6:4e:fd:63:5c:a6:47:f7:23:ad:5f:68:32:d8:2c:05:17:4a:
         2a:a8:d2:87:22:e5:4d:cb:84:7f:a5:6f:3f:a9:7b:80:d1:d2:
         88:1e:ec:52:65:49:77:db:b5:9b:20:6d:79:8e:b0:d2:7e:61:
         a4:43:c6:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOWCA4JN5NYw051qT8rwHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwNjA4MDcwMTI3WhcNMjUwNjA5MDcwMTI3WjAzMTEwLwYDVQQD
Eyg4ZTk2MDliYTdhY2JiNDEyZmFmNjE3ZmY5NzBiMTk1MTdmNDYwYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu58srvkbCW/jWiHLr6gv2/G/uSeu
BJXsh8gs3Z4xM0nNw9V4eWR7Osk1PmXv68KbnByaIJ9EsgsnFuvB7/8iUWHqLdvo
/1KlJo5/jam7tccIlqd+sMvR+WgUmVhzP6rRxLgvZ4C6FbiInb0E9POcxEwJ3lCc
pAblfEF7QFIK7rOCGBWmiYoa8xf/al0B98RDzmcKlbqsc3sXBCXCPH+gq9hHt+TT
5YMnhUP+cp4KySAiheVt4gASbWAlpe3hmV7PTECTf8tCqTzOvmBIsbyU8NLX8QL1
c/BhWMZKlMBanhmGtrNAiAblxrrisdDWSltPMQ13deH+6w1Nd2KUJfF9nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6WCbp6y7QS+vYX/5cLGVF/RgqaMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY1EO/Y3u
TrD+DnQdPRRcK8lFI5Tiu841R7jqn3XpODxkHOaQm7NqcdopZwNMyXc+kdH+WRkm
9Hc3e+zbZmr1T+RF8CqO4soaWzo4REf6jejkme8l1sX/+cemyDzOG1uVSC+zK0FJ
Qci97Lg1CTJjyDVRDFceVJZ4J5VZLNLqEtViVg1krTqPhLmWyWVG6+FOe+Lui2O7
BZ1vE3M+HtB5cjXqgFZGah/kGkPa/+pnl5dNsH3om1yogKU0fTv8TiO/ScRDHSwf
1k79Y1ymR/cjrV9oMtgsBRdKKqjShyLlTcuEf6VvP6l7gNHSiB7sUmVJd9u1myBt
eY6w0n5hpEPGiw==
-----END CERTIFICATE-----