Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
File:                     2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft (raw, json)
Hash identifier:          s2nBKWa2TfRJOpnTGp+tZXMdRyrLL5knwY98fYdfFlo=
Subject key identifier:   44:68:68:8D:76:3D:B9:EB:AD:53:B3:95:05:C6:99:6A:37:99:4D:93
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Certificate issuer:       /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial:       0197643A6336F32218D2877BAE87181DDAF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
Manifest number:          12CD
Signing time:             Thu 12 Jun 2025 13:00:37 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:37 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:37 +0000
Files and hashes:         1: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl (hash: 4bR0dGXGzXsQjo0hMbo8ZJvCBwCKfm4pMvN+eTSAMqE=)
                          2: ysJps6pTqYBp8hRsJvvn2nSnB6Y.roa (hash: xFEzrUJlVVBWEtFecNObcV0TMloS/XizxOFPtUYtswE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:63:36:f3:22:18:d2:87:7b:ae:87:18:1d:da:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
        Validity
            Not Before: Jun 12 13:00:37 2025 GMT
            Not After : Jun 13 13:00:37 2025 GMT
        Subject: CN=4468688d763db9ebad53b39505c6996a37994d93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:57:15:df:89:f6:80:22:c1:82:e2:c6:d8:8f:
                    f6:df:2f:a1:2d:fd:65:dd:49:01:da:70:27:39:a2:
                    98:ab:43:99:a5:83:cf:52:df:0e:d6:33:22:f3:02:
                    06:90:4b:c3:cb:a7:9d:2a:98:36:c5:99:9e:32:7a:
                    55:6f:3b:61:bc:82:b8:90:e1:75:e5:f0:08:2e:b2:
                    34:4c:15:86:f0:52:7b:65:9f:6f:5d:81:84:22:73:
                    82:bc:19:bf:6c:9b:43:20:8e:82:30:cf:51:fa:37:
                    05:58:46:df:ba:a6:92:c4:99:fc:10:88:66:87:d6:
                    2b:dc:5e:71:91:03:fd:f9:cd:37:3a:e9:4a:d2:36:
                    5a:af:54:f4:d9:f2:5f:17:b4:10:ae:0c:b4:9d:16:
                    57:1e:ca:a6:6e:c8:f1:b8:dd:c5:e6:88:91:92:89:
                    ae:40:34:93:cd:ae:a8:07:9b:bf:62:b7:01:98:84:
                    71:f1:a1:99:8b:0c:09:03:69:33:2d:b4:8b:23:62:
                    fd:88:eb:14:ab:5b:e3:bc:c1:e0:85:9c:3a:3f:55:
                    ab:53:b4:fd:4c:64:1d:3c:8b:10:51:7d:18:91:41:
                    5b:45:a5:ee:ee:67:26:58:a7:d7:0c:52:d6:69:5b:
                    0f:1a:37:a6:62:08:ab:bb:5f:bc:6b:a3:78:40:a8:
                    b9:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:68:68:8D:76:3D:B9:EB:AD:53:B3:95:05:C6:99:6A:37:99:4D:93
            X509v3 Authority Key Identifier:
                keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:09:fc:62:79:59:c8:8b:4d:99:71:e9:d0:2e:02:1b:26:f1:
         e1:44:3b:f5:30:a4:6d:a2:44:a9:ab:30:67:1f:be:4b:eb:7d:
         28:96:b4:40:94:ed:79:33:07:d3:fc:d4:e4:b8:c3:fd:eb:13:
         62:11:51:a4:ef:25:88:c4:a3:4d:77:0c:5b:e1:99:8a:3c:a6:
         8d:df:ee:9d:35:ec:24:e9:f2:e0:9f:f1:fc:6a:ad:19:b5:c6:
         58:1e:c9:b9:bc:d6:95:32:1b:55:4a:e4:cf:7c:78:8b:f4:70:
         0d:d3:84:dd:af:41:a6:34:cd:60:9d:3d:97:c8:d6:4a:da:b8:
         22:fa:0e:d7:f0:95:ec:b5:dc:ed:df:bb:15:4f:a2:d4:a5:5a:
         ac:e5:d1:e9:ec:50:a2:80:00:c1:09:f8:39:5c:4c:86:ad:0c:
         f0:e3:5a:53:3b:92:78:60:e3:b5:5b:7d:8f:57:b1:79:2a:a0:
         0d:0a:1c:1a:3c:74:ce:f4:8a:c9:e4:d3:d4:85:2e:89:ba:02:
         4e:15:f5:7f:0c:f0:62:45:6f:37:90:6a:fb:ed:dc:43:27:36:
         ac:31:2b:bc:00:53:79:b1:c5:87:37:c7:64:21:89:de:4e:f0:
         f8:9c:b4:9f:6b:fc:cb:ea:d7:ea:c1:e5:ad:d1:ea:47:28:37:
         19:c2:c4:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOmM28yIY0od7rocYHdrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjUwNjEyMTMwMDM3WhcNMjUwNjEzMTMwMDM3WjAzMTEwLwYDVQQD
Eyg0NDY4Njg4ZDc2M2RiOWViYWQ1M2IzOTUwNWM2OTk2YTM3OTk0ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1cV34n2gCLBguLG2I/23y+hLf1l
3UkB2nAnOaKYq0OZpYPPUt8O1jMi8wIGkEvDy6edKpg2xZmeMnpVbzthvIK4kOF1
5fAILrI0TBWG8FJ7ZZ9vXYGEInOCvBm/bJtDII6CMM9R+jcFWEbfuqaSxJn8EIhm
h9Yr3F5xkQP9+c03OulK0jZar1T02fJfF7QQrgy0nRZXHsqmbsjxuN3F5oiRkomu
QDSTza6oB5u/YrcBmIRx8aGZiwwJA2kzLbSLI2L9iOsUq1vjvMHghZw6P1WrU7T9
TGQdPIsQUX0YkUFbRaXu7mcmWKfXDFLWaVsPGjemYgiru1+8a6N4QKi53QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERoaI12PbnrrVOzlQXGmWo3mU2TMB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbwn8YnlZ
yItNmXHp0C4CGybx4UQ79TCkbaJEqaswZx++S+t9KJa0QJTteTMH0/zU5LjD/esT
YhFRpO8liMSjTXcMW+GZijymjd/unTXsJOny4J/x/GqtGbXGWB7JubzWlTIbVUrk
z3x4i/RwDdOE3a9BpjTNYJ09l8jWStq4IvoO1/CV7LXc7d+7FU+i1KVarOXR6exQ
ooAAwQn4OVxMhq0M8ONaUzuSeGDjtVt9j1exeSqgDQocGjx0zvSKyeTT1IUuiboC
ThX1fwzwYkVvN5Bq++3cQyc2rDErvABTebHFhzfHZCGJ3k7w+Jy0n2v8y+rX6sHl
rdHqRyg3GcLE/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 21:30:17 2025 by rpki-client