Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          +VoLCW/C3Fn4hVlrGpHWk6D7SEHsfH4dleBwjnA/dq0=
Subject key identifier:   62:76:96:6D:D2:82:E1:51:C0:14:C9:70:F2:99:E3:EC:B5:96:DD:FC
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       01974C31D53377BCA71AFD6184271F00DE2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          02CD
Signing time:             Sat 07 Jun 2025 21:00:23 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:23 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:23 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: Xbvpag7YF/GIYcdGR/UY2SJLVsvFjbgXvIHsIFbloVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:31:d5:33:77:bc:a7:1a:fd:61:84:27:1f:00:de:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: Jun  7 21:00:23 2025 GMT
            Not After : Jun  8 21:00:23 2025 GMT
        Subject: CN=6276966dd282e151c014c970f299e3ecb596ddfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b1:50:eb:9a:3b:76:58:41:7f:24:88:2c:2d:
                    a9:c1:00:27:3e:18:56:72:dc:13:cd:46:cb:7f:04:
                    1c:46:2d:34:ef:5c:ab:cf:d8:04:3e:28:f4:81:f5:
                    07:8c:6c:8b:8b:ae:98:46:45:e9:46:6e:d9:c0:f0:
                    b4:00:a0:af:38:b4:f1:e7:1a:40:a9:ac:43:b1:3f:
                    f3:88:72:9e:41:a2:2f:09:49:2a:88:a3:7a:53:cc:
                    dc:69:58:88:74:73:d4:2a:95:e8:27:49:a4:4d:bf:
                    e1:d6:9f:12:7c:a9:bf:2f:a4:b4:49:eb:89:35:df:
                    25:d9:e8:a9:7c:94:ab:3d:cf:e4:e4:54:1f:79:c3:
                    55:53:40:52:a1:e3:80:2e:2a:d7:1d:bc:38:2b:d9:
                    5f:b1:de:4e:04:4f:50:0e:73:20:1f:1b:af:5a:d8:
                    95:b2:8d:4c:57:02:bd:31:59:e5:89:e1:72:64:39:
                    8e:9a:25:6d:e9:d3:1c:8e:55:1d:48:92:6d:50:63:
                    35:a1:fc:cf:68:27:90:cc:03:2f:19:2f:35:17:a9:
                    d9:d7:49:d0:40:0c:35:02:33:3f:29:a3:3b:b3:fe:
                    82:fb:cc:a9:d7:22:ec:26:41:f2:ff:2b:de:4d:4c:
                    96:d6:76:3b:24:8d:a2:e5:27:39:1e:97:8c:3c:80:
                    24:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:76:96:6D:D2:82:E1:51:C0:14:C9:70:F2:99:E3:EC:B5:96:DD:FC
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:20:2a:2e:14:95:67:77:f4:5a:b1:6d:5e:50:ba:fd:49:a7:
         2a:f3:5c:a2:2c:e8:9d:90:c4:51:97:7b:0b:6d:02:ff:33:04:
         0d:c4:1e:23:ea:68:1f:5c:85:47:dc:b8:f7:04:37:4f:02:da:
         0f:c5:0e:ab:87:33:a4:32:f5:94:1c:30:2f:f8:16:80:80:b6:
         e7:31:7d:55:20:e3:66:7c:32:da:40:c8:0c:77:5d:0a:0a:db:
         a9:99:35:10:ac:1d:8b:d9:70:06:fd:09:11:5d:12:4b:f0:68:
         d3:e7:fc:83:02:ed:89:96:e9:91:a0:82:3b:cd:2d:51:64:9e:
         3f:92:d6:e0:4e:c0:6a:46:54:c0:b2:5a:b2:dd:6b:fa:10:cb:
         b5:57:61:cb:3c:12:2e:8a:a2:62:b9:76:91:e5:76:6f:f7:1d:
         7f:d4:20:f2:10:71:5f:14:85:cb:a0:bc:28:82:24:98:f0:41:
         a0:70:40:10:fd:8b:66:ea:c3:62:3a:18:b0:89:a9:55:fa:61:
         2e:ff:b3:89:b9:84:02:9d:e2:0c:e4:55:03:a9:b9:86:3d:7b:
         ce:08:38:ff:34:78:4c:b8:f0:64:50:97:6a:e1:38:7a:e4:bc:
         5e:bc:52:88:7a:18:0f:5b:38:42:e0:58:fc:01:a1:37:75:cd:
         cb:78:fc:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMdUzd7ynGv1hhCcfAN4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjUwNjA3MjEwMDIzWhcNMjUwNjA4MjEwMDIzWjAzMTEwLwYDVQQD
Eyg2Mjc2OTY2ZGQyODJlMTUxYzAxNGM5NzBmMjk5ZTNlY2I1OTZkZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrFQ65o7dlhBfySILC2pwQAnPhhW
ctwTzUbLfwQcRi0071yrz9gEPij0gfUHjGyLi66YRkXpRm7ZwPC0AKCvOLTx5xpA
qaxDsT/ziHKeQaIvCUkqiKN6U8zcaViIdHPUKpXoJ0mkTb/h1p8SfKm/L6S0SeuJ
Nd8l2eipfJSrPc/k5FQfecNVU0BSoeOALirXHbw4K9lfsd5OBE9QDnMgHxuvWtiV
so1MVwK9MVnlieFyZDmOmiVt6dMcjlUdSJJtUGM1ofzPaCeQzAMvGS81F6nZ10nQ
QAw1AjM/KaM7s/6C+8yp1yLsJkHy/yveTUyW1nY7JI2i5Sc5HpeMPIAkCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJ2lm3SguFRwBTJcPKZ4+y1lt38MB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCAqLhSV
Z3f0WrFtXlC6/UmnKvNcoizonZDEUZd7C20C/zMEDcQeI+poH1yFR9y49wQ3TwLa
D8UOq4czpDL1lBwwL/gWgIC25zF9VSDjZnwy2kDIDHddCgrbqZk1EKwdi9lwBv0J
EV0SS/Bo0+f8gwLtiZbpkaCCO80tUWSeP5LW4E7AakZUwLJast1r+hDLtVdhyzwS
LoqiYrl2keV2b/cdf9Qg8hBxXxSFy6C8KIIkmPBBoHBAEP2LZurDYjoYsImpVfph
Lv+zibmEAp3iDORVA6m5hj17zgg4/zR4TLjwZFCXauE4euS8XrxSiHoYD1s4QuBY
/AGhN3XNy3j81A==
-----END CERTIFICATE-----