Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
File:                     aAImjB8WbJ31GjQgRbsTLw-WyC0.mft (raw, json)
Hash identifier:          3Y2RlDaogb53wbbK2PgOC3vgjXmXhpzgzOkx/kdetL0=
Subject key identifier:   22:4F:9D:6D:18:A3:9B:BE:36:BC:EA:78:CC:02:FE:84:47:FD:5F:8A
Authority key identifier: 68:02:26:8C:1F:16:6C:9D:F5:1A:34:20:45:BB:13:2F:0F:96:C8:2D
Certificate issuer:       /CN=6802268c1f166c9df51a342045bb132f0f96c82d
Certificate serial:       0197488C3F242DAAC96FC421CD8BD7A271E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
Manifest number:          0AFE
Signing time:             Sat 07 Jun 2025 04:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:40 +0000
Files and hashes:         1: aAImjB8WbJ31GjQgRbsTLw-WyC0.crl (hash: OEot4gGiYIWZHGB7U2gjmlNJcGRi5b1vxf0pfov7FUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:3f:24:2d:aa:c9:6f:c4:21:cd:8b:d7:a2:71:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6802268c1f166c9df51a342045bb132f0f96c82d
        Validity
            Not Before: Jun  7 04:00:40 2025 GMT
            Not After : Jun  8 04:00:40 2025 GMT
        Subject: CN=224f9d6d18a39bbe36bcea78cc02fe8447fd5f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:68:ad:54:5d:76:cb:59:ba:8d:35:ef:82:56:
                    b8:cc:49:ec:99:f8:38:d2:6f:ac:96:81:7e:87:e0:
                    aa:05:16:cc:d7:f3:07:c6:75:8f:ac:41:37:23:59:
                    3c:16:3d:be:e9:d5:97:9c:f1:e3:ed:ff:2c:0d:96:
                    8e:82:0e:fe:b6:08:9d:28:1e:45:08:89:71:1f:0d:
                    13:2a:9c:f3:e2:75:8d:92:fd:a6:ba:17:bb:ca:bd:
                    e9:23:e4:d2:5a:1e:79:96:28:64:e9:1a:81:4a:c9:
                    a3:78:ee:bd:ad:97:e4:d0:91:51:99:68:21:e1:f0:
                    1a:f2:2e:5b:05:96:29:b3:36:58:85:f7:7f:e6:04:
                    bb:63:83:f3:24:38:da:05:0e:08:55:1e:47:6e:18:
                    87:af:b6:16:98:90:94:6f:61:8d:6f:46:f8:3c:da:
                    bd:53:ac:73:50:26:3a:20:41:f8:15:1a:65:f2:9a:
                    ce:11:53:55:f6:4b:bb:c9:6a:10:73:8f:95:67:1f:
                    cf:9e:5a:03:5f:12:51:28:a1:28:1a:a4:f0:d8:b9:
                    01:ff:26:ca:3f:3d:8a:b3:48:bb:61:d8:48:02:2c:
                    89:55:6f:d7:4e:9f:6d:c5:cf:ae:e2:5b:ce:2b:fe:
                    06:c8:6f:c7:71:aa:4b:05:dc:02:8b:ca:52:c4:96:
                    8e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4F:9D:6D:18:A3:9B:BE:36:BC:EA:78:CC:02:FE:84:47:FD:5F:8A
            X509v3 Authority Key Identifier:
                keyid:68:02:26:8C:1F:16:6C:9D:F5:1A:34:20:45:BB:13:2F:0F:96:C8:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:56:59:21:2b:f5:6f:a1:e4:9e:a7:68:50:63:6e:a2:45:78:
         94:7b:33:9d:9e:13:21:94:4c:45:d1:02:13:33:29:0c:64:21:
         47:d5:b5:05:95:fa:da:d0:ae:83:1e:a7:64:b6:7e:9a:f9:29:
         ea:4c:3a:7d:35:fa:b1:47:92:35:f2:a8:ca:ca:e1:85:b6:dd:
         f1:64:4e:b4:af:49:ff:a1:39:fd:3e:1a:d4:1f:68:ff:ce:5e:
         da:06:0b:2c:58:a0:db:44:48:40:85:d3:0b:66:e1:df:51:07:
         9c:86:85:fd:ea:60:ea:bc:d4:c2:e3:ea:06:17:9c:26:e9:e7:
         f4:74:af:1c:5a:7a:fc:81:30:1b:b4:73:3c:0f:58:d4:27:65:
         b3:f4:bd:3f:db:5b:7f:79:90:62:ae:f7:a6:69:d3:65:6a:27:
         e8:bf:3b:69:81:47:c1:b5:b5:bd:18:de:b9:6b:2c:b9:23:35:
         37:25:46:28:a2:3f:fd:34:72:d4:c5:af:95:22:ca:9c:89:cc:
         93:6b:12:ad:6e:06:15:be:a6:0c:1c:b2:18:e3:69:38:07:06:
         71:29:1c:b7:6c:2e:b8:5b:2e:35:63:87:05:d2:72:15:58:9f:
         94:38:aa:34:b2:c0:1b:27:8e:e5:04:a4:15:6d:fc:ce:cf:a8:
         75:2f:72:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjD8kLarJb8QhzYvXonHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDIyNjhjMWYxNjZjOWRmNTFhMzQyMDQ1YmIxMzJmMGY5
NmM4MmQwHhcNMjUwNjA3MDQwMDQwWhcNMjUwNjA4MDQwMDQwWjAzMTEwLwYDVQQD
EygyMjRmOWQ2ZDE4YTM5YmJlMzZiY2VhNzhjYzAyZmU4NDQ3ZmQ1ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2itVF12y1m6jTXvgla4zEnsmfg4
0m+sloF+h+CqBRbM1/MHxnWPrEE3I1k8Fj2+6dWXnPHj7f8sDZaOgg7+tgidKB5F
CIlxHw0TKpzz4nWNkv2muhe7yr3pI+TSWh55lihk6RqBSsmjeO69rZfk0JFRmWgh
4fAa8i5bBZYpszZYhfd/5gS7Y4PzJDjaBQ4IVR5HbhiHr7YWmJCUb2GNb0b4PNq9
U6xzUCY6IEH4FRpl8prOEVNV9ku7yWoQc4+VZx/PnloDXxJRKKEoGqTw2LkB/ybK
Pz2Ks0i7YdhIAiyJVW/XTp9txc+u4lvOK/4GyG/HcapLBdwCi8pSxJaO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJPnW0Yo5u+NrzqeMwC/oRH/V+KMB8GA1UdIwQY
MBaAFGgCJowfFmyd9Ro0IEW7Ey8PlsgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jODY0OWQtMmYwMC00NjYzLThlNGUt
ZTNjMjJkMGY2MjA3LzEvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jODY0OWQtMmYwMC00NjYzLThlNGUtZTNjMjJkMGY2MjA3
LzEvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAblZZISv1
b6HknqdoUGNuokV4lHsznZ4TIZRMRdECEzMpDGQhR9W1BZX62tCugx6nZLZ+mvkp
6kw6fTX6sUeSNfKoysrhhbbd8WROtK9J/6E5/T4a1B9o/85e2gYLLFig20RIQIXT
C2bh31EHnIaF/epg6rzUwuPqBhecJunn9HSvHFp6/IEwG7RzPA9Y1Cdls/S9P9tb
f3mQYq73pmnTZWon6L87aYFHwbW1vRjeuWssuSM1NyVGKKI//TRy1MWvlSLKnInM
k2sSrW4GFb6mDByyGONpOAcGcSkct2wuuFsuNWOHBdJyFViflDiqNLLAGyeO5QSk
FW38zs+odS9y9Q==
-----END CERTIFICATE-----