Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          lKrkacDpg2A3caKeZw7IPIG/4wseAswXS8GV1ZFpnOo=
Subject key identifier:   3D:EB:BF:45:1E:3D:C5:8B:5F:A8:21:1B:D3:0A:28:6F:C9:5B:EB:84
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019752A2CB3BCE170971E7448C756D7B059C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0AF8
Signing time:             Mon 09 Jun 2025 03:01:29 +0000
Manifest this update:     Mon 09 Jun 2025 03:01:29 +0000
Manifest next update:     Tue 10 Jun 2025 03:01:29 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: 8W1tE28WZTw7dKo0FvhkbeNjcGEeayhn60pFOaqRsCo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:a2:cb:3b:ce:17:09:71:e7:44:8c:75:6d:7b:05:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Jun  9 03:01:29 2025 GMT
            Not After : Jun 10 03:01:29 2025 GMT
        Subject: CN=3debbf451e3dc58b5fa8211bd30a286fc95beb84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:76:7c:cb:23:33:62:50:53:33:f3:4f:70:fe:
                    bd:54:45:18:eb:95:05:f0:44:db:6f:37:dc:fa:ed:
                    fd:06:81:d3:97:c6:41:02:5f:51:29:5b:45:c9:65:
                    8e:74:24:a5:da:1c:33:3e:dc:93:e6:eb:83:15:e4:
                    8e:f2:07:46:63:10:6d:e3:c7:05:45:98:77:25:4c:
                    e0:78:05:fb:f2:8e:03:e9:e6:f5:f9:54:fa:9f:71:
                    f6:38:02:20:9c:d8:17:4c:56:95:3f:fe:b0:3e:9a:
                    68:19:b1:00:66:25:cd:c0:fc:5e:f5:e9:01:87:03:
                    21:a4:79:ad:02:e7:47:f0:d8:34:b0:ea:ab:35:a4:
                    f4:04:40:3b:3b:1a:98:38:fe:b6:4e:2e:5e:cd:67:
                    07:93:21:73:ac:e5:12:60:75:2f:14:44:61:e9:61:
                    12:71:9c:64:92:34:86:34:3c:ae:70:6b:1a:f7:b6:
                    a4:68:d7:ac:8e:5d:f8:ef:6f:f7:df:d5:78:35:ab:
                    5c:b6:1b:53:4a:84:4d:f6:f7:b2:c0:69:d4:ce:3b:
                    c4:0b:bc:af:04:42:8d:6e:84:88:b1:c2:0e:fd:fd:
                    14:54:3a:47:a6:9b:41:51:28:fd:ff:fb:83:3f:11:
                    8a:e9:d7:e1:4b:08:ec:9b:12:28:27:e8:16:43:c7:
                    6f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:EB:BF:45:1E:3D:C5:8B:5F:A8:21:1B:D3:0A:28:6F:C9:5B:EB:84
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:d9:11:da:69:3d:d3:ec:fe:23:35:0e:4e:5a:4b:91:94:f6:
         3b:4a:86:b8:72:d2:8a:61:6c:bd:bc:30:eb:e8:ee:c7:70:1e:
         80:20:0c:cb:8c:89:81:ca:f0:31:fd:45:d0:10:3c:d2:2f:54:
         d9:a7:92:27:7f:e9:83:9d:64:78:a9:65:f1:95:e5:2e:09:39:
         df:1c:27:25:b2:7d:15:ae:f9:fe:f6:ca:2c:08:05:de:72:3b:
         9b:3c:a4:59:2e:9c:da:3a:69:fb:1e:c9:54:aa:b4:dd:83:65:
         4c:7c:8b:60:9c:74:5d:f4:50:b2:df:be:e6:43:b0:d2:da:6a:
         66:fb:be:0d:fd:26:34:df:44:80:1c:db:b9:9f:f9:46:fb:79:
         6b:41:c3:37:02:a5:54:f1:71:67:41:f2:24:38:ca:f5:4e:55:
         5d:6b:57:c9:79:f1:87:8e:b5:2e:24:59:d0:58:51:34:55:7a:
         22:a8:63:fd:ce:af:8a:44:14:53:11:b2:cd:51:ae:10:31:f7:
         ea:fa:46:0e:36:fa:08:85:11:4b:90:5f:f7:b7:10:41:8d:d4:
         b5:83:b5:5f:05:96:f0:91:d9:bc:67:a9:c4:b4:66:e6:cd:61:
         34:94:6e:07:66:25:30:38:3a:ad:ed:9c:37:31:82:e2:a7:dc:
         34:a8:a6:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSoss7zhcJcedEjHVtewWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwNjA5MDMwMTI5WhcNMjUwNjEwMDMwMTI5WjAzMTEwLwYDVQQD
EygzZGViYmY0NTFlM2RjNThiNWZhODIxMWJkMzBhMjg2ZmM5NWJlYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXZ8yyMzYlBTM/NPcP69VEUY65UF
8ETbbzfc+u39BoHTl8ZBAl9RKVtFyWWOdCSl2hwzPtyT5uuDFeSO8gdGYxBt48cF
RZh3JUzgeAX78o4D6eb1+VT6n3H2OAIgnNgXTFaVP/6wPppoGbEAZiXNwPxe9ekB
hwMhpHmtAudH8Ng0sOqrNaT0BEA7OxqYOP62Ti5ezWcHkyFzrOUSYHUvFERh6WES
cZxkkjSGNDyucGsa97akaNesjl3472/339V4NatcthtTSoRN9veywGnUzjvEC7yv
BEKNboSIscIO/f0UVDpHpptBUSj9//uDPxGK6dfhSwjsmxIoJ+gWQ8dvXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3rv0UePcWLX6ghG9MKKG/JW+uEMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN9kR2mk9
0+z+IzUOTlpLkZT2O0qGuHLSimFsvbww6+jux3AegCAMy4yJgcrwMf1F0BA80i9U
2aeSJ3/pg51keKll8ZXlLgk53xwnJbJ9Fa75/vbKLAgF3nI7mzykWS6c2jpp+x7J
VKq03YNlTHyLYJx0XfRQst++5kOw0tpqZvu+Df0mNN9EgBzbuZ/5Rvt5a0HDNwKl
VPFxZ0HyJDjK9U5VXWtXyXnxh461LiRZ0FhRNFV6Iqhj/c6vikQUUxGyzVGuEDH3
6vpGDjb6CIURS5Bf97cQQY3UtYO1XwWW8JHZvGepxLRm5s1hNJRuB2YlMDg6re2c
NzGC4qfcNKim1A==
-----END CERTIFICATE-----