Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          FhC1hhi4rLt+YsA4UUcJ4AfJW+X0Tt2iksZ/hr9QCjo=
Subject key identifier:   26:A6:2F:5F:4B:33:97:88:A4:8F:02:F1:93:43:8A:BB:28:25:3D:34
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       01976403B4689D587C3200FEA22F6DB45867
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0B01
Signing time:             Thu 12 Jun 2025 12:00:53 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:53 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:53 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: 09ZSkkRuMGwcXenqoCzuYuwlsnraCkZxf9DOyoiBoLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 12:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:b4:68:9d:58:7c:32:00:fe:a2:2f:6d:b4:58:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Jun 12 12:00:53 2025 GMT
            Not After : Jun 13 12:00:53 2025 GMT
        Subject: CN=26a62f5f4b339788a48f02f193438abb28253d34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:86:1d:0d:68:3d:23:71:1f:b0:0d:e2:2e:5b:
                    6d:ab:44:de:41:0d:22:5b:be:bf:76:49:48:ec:bd:
                    b4:a4:71:77:12:23:17:4e:26:d6:ab:91:b4:9d:5b:
                    32:80:d2:04:97:e4:50:09:c5:4e:ba:69:b6:5d:6c:
                    c2:f7:ca:1c:22:35:20:20:93:d0:9b:7c:56:fa:d0:
                    f9:53:cf:01:c2:d8:af:37:59:d0:b0:0d:49:5b:9c:
                    74:40:31:82:b5:70:f6:bf:0d:22:d7:f9:66:bf:21:
                    97:50:5c:e0:3b:51:aa:d0:02:ea:25:03:6d:6d:4d:
                    60:cf:b8:60:19:8e:bb:e7:da:f6:bf:1b:f6:7d:ad:
                    4f:11:78:fe:fb:77:f7:ce:a9:8b:4a:19:73:77:ae:
                    55:77:73:59:9a:df:9e:55:2b:5b:e0:78:d4:82:1e:
                    d3:5e:49:ec:0e:6c:4c:2a:23:c4:fa:6c:06:d0:93:
                    af:82:4e:90:9a:fa:ad:74:96:3c:7f:da:74:8c:87:
                    0f:5a:43:a1:a0:53:fa:26:bb:10:a3:b1:88:16:46:
                    ed:26:6a:90:c4:2f:6e:d0:08:34:da:5a:71:69:68:
                    0b:2d:fb:9c:9e:1b:a1:b1:71:5c:49:db:d0:a6:a0:
                    ee:c2:fe:10:f3:02:d0:63:ca:25:a5:2a:31:b7:bf:
                    56:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A6:2F:5F:4B:33:97:88:A4:8F:02:F1:93:43:8A:BB:28:25:3D:34
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:79:0d:48:95:a8:52:c5:70:72:cc:f7:17:f8:8e:d0:48:77:
         cb:51:51:9c:5c:c2:42:9a:36:54:94:ea:07:76:4e:66:94:9f:
         49:86:ad:9e:eb:90:ad:ed:d4:df:79:82:87:ac:7c:77:08:63:
         bd:6a:69:56:88:b2:a4:f1:67:4b:c5:51:5d:a9:b5:7d:e8:38:
         23:04:5b:25:77:fa:c6:dc:40:42:17:9d:f8:b5:cc:7d:20:a6:
         45:0d:41:46:21:61:89:bf:4b:a5:8c:3f:6e:74:75:50:7f:91:
         16:fc:97:99:98:00:53:f3:57:22:b4:b2:9b:e2:04:5c:f6:86:
         0e:53:d0:dd:58:ff:66:c2:67:8d:00:81:06:04:eb:61:66:11:
         8e:68:01:84:a8:83:98:29:f2:22:62:13:8a:0d:2c:21:99:33:
         f2:bc:61:ee:92:25:61:b3:7a:28:02:d7:ff:df:1d:19:cf:8d:
         bf:a5:26:05:9e:5b:6d:14:4d:8a:d4:b5:16:49:55:8a:ae:85:
         41:8e:a0:2f:49:4e:49:34:ed:7c:a0:21:08:7c:ad:9b:af:eb:
         e2:97:98:a4:a9:e4:6f:27:1c:09:ac:df:1e:67:e9:e0:67:bf:
         25:ce:26:b6:2c:27:0b:77:f1:c2:5a:d1:84:4d:6c:6c:f0:c7:
         c1:fd:6e:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkA7RonVh8MgD+oi9ttFhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwNjEyMTIwMDUzWhcNMjUwNjEzMTIwMDUzWjAzMTEwLwYDVQQD
EygyNmE2MmY1ZjRiMzM5Nzg4YTQ4ZjAyZjE5MzQzOGFiYjI4MjUzZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IYdDWg9I3EfsA3iLlttq0TeQQ0i
W76/dklI7L20pHF3EiMXTibWq5G0nVsygNIEl+RQCcVOumm2XWzC98ocIjUgIJPQ
m3xW+tD5U88BwtivN1nQsA1JW5x0QDGCtXD2vw0i1/lmvyGXUFzgO1Gq0ALqJQNt
bU1gz7hgGY6759r2vxv2fa1PEXj++3f3zqmLShlzd65Vd3NZmt+eVStb4HjUgh7T
XknsDmxMKiPE+mwG0JOvgk6QmvqtdJY8f9p0jIcPWkOhoFP6JrsQo7GIFkbtJmqQ
xC9u0Ag02lpxaWgLLfucnhuhsXFcSdvQpqDuwv4Q8wLQY8olpSoxt79WzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCamL19LM5eIpI8C8ZNDirsoJT00MB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjXkNSJWo
UsVwcsz3F/iO0Eh3y1FRnFzCQpo2VJTqB3ZOZpSfSYatnuuQre3U33mCh6x8dwhj
vWppVoiypPFnS8VRXam1feg4IwRbJXf6xtxAQhed+LXMfSCmRQ1BRiFhib9LpYw/
bnR1UH+RFvyXmZgAU/NXIrSym+IEXPaGDlPQ3Vj/ZsJnjQCBBgTrYWYRjmgBhKiD
mCnyImITig0sIZkz8rxh7pIlYbN6KALX/98dGc+Nv6UmBZ5bbRRNitS1FklViq6F
QY6gL0lOSTTtfKAhCHytm6/r4peYpKnkbyccCazfHmfp4Ge/Jc4mtiwnC3fxwlrR
hE1sbPDHwf1u5g==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:46:05 2025 by rpki-client