Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
File:                     0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json)
Hash identifier:          Nn4wTOujb+kdL0L4SkvKuZO2IbGx1JOutVn9v7o5FXo=
Subject key identifier:   36:01:DB:8B:F8:4C:6A:52:80:0A:3A:39:87:BF:A7:94:3A:C2:90:BA
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Certificate issuer:       /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial:       01976C2B08FE122CC0F7F131CC0A040C138A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
Manifest number:          0EC5
Signing time:             Sat 14 Jun 2025 02:00:48 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:48 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:48 +0000
Files and hashes:         1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: 2Wk+8gGdtefyNqFvgvM6OTy+KPjgVvQ9v3+wHAInreo=)
                          2: p1fyn5poKGi3v6udklaZLK6DaPs.roa (hash: ksuBLRSUua1zFmd4JmcnhcAsP8MWyD8OR/dcK6d/pkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:08:fe:12:2c:c0:f7:f1:31:cc:0a:04:0c:13:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
        Validity
            Not Before: Jun 14 02:00:48 2025 GMT
            Not After : Jun 15 02:00:48 2025 GMT
        Subject: CN=3601db8bf84c6a52800a3a3987bfa7943ac290ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:94:c2:bd:61:a4:62:3e:92:e1:b8:a4:07:b0:
                    19:2d:d6:bc:7f:b0:1b:25:1e:74:4d:76:f2:e2:a3:
                    69:7f:91:6e:12:87:7d:17:99:7b:74:f2:12:a2:18:
                    69:a7:f3:88:fd:e3:ec:3b:22:94:4e:e1:66:91:89:
                    ae:ea:1f:7c:11:93:3e:be:05:22:6d:74:5b:7a:e1:
                    1e:26:b9:aa:ad:5b:df:48:b9:14:40:ea:c9:d3:0c:
                    10:61:cb:bb:f9:2a:33:0a:62:f4:16:a4:81:93:e5:
                    a9:63:e0:9e:cc:45:c7:b1:0d:b4:21:3a:c0:2d:f0:
                    d7:48:69:f4:a6:c0:5b:d7:8f:bb:00:5f:00:6d:3d:
                    10:09:b6:d0:43:5a:ce:83:85:97:81:8d:34:6b:07:
                    7a:f9:7b:e8:c8:d5:6d:11:de:2d:9b:90:b6:c9:88:
                    4f:da:9b:5a:4c:ae:83:f8:87:5e:b7:10:91:e6:7f:
                    ce:2f:4c:3c:ab:10:b0:82:3d:23:75:9a:07:ae:40:
                    9f:95:f3:8f:c5:a7:e8:bc:d3:19:a2:70:6a:47:ef:
                    ba:ac:05:d0:70:4d:5b:bb:6e:cd:6c:1a:f9:e8:3f:
                    fc:da:13:4b:4a:61:70:c3:28:73:de:a7:2a:05:95:
                    fb:a0:d2:91:ce:a2:5f:45:1e:60:5c:f9:a3:aa:86:
                    0c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:01:DB:8B:F8:4C:6A:52:80:0A:3A:39:87:BF:A7:94:3A:C2:90:BA
            X509v3 Authority Key Identifier:
                keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:59:85:00:a9:75:60:c3:10:6c:63:f9:2e:d8:f1:e4:5a:18:
         a8:0a:75:40:06:00:04:bf:f5:9b:9c:47:6f:11:97:b2:64:4b:
         0f:50:fc:d8:4e:f5:b6:99:67:5b:c7:cd:8d:82:9d:07:fb:2a:
         ad:5c:28:46:c2:ba:cc:9f:49:9c:1a:33:f9:42:95:35:94:2f:
         1e:1d:bd:65:9d:99:eb:da:70:cc:c0:f8:1f:82:b4:7d:d3:12:
         b0:99:41:1b:25:16:dd:06:61:44:39:54:58:97:43:09:06:f5:
         b3:9b:ed:88:6c:a6:8f:39:2e:41:97:f6:ee:af:70:ac:df:34:
         00:eb:c0:c0:78:4c:a2:63:f5:35:74:05:53:0c:3a:13:be:6e:
         1f:e2:d6:01:e5:c8:00:88:88:fb:68:55:e1:92:71:f9:99:28:
         c1:c7:06:a4:b5:1b:b9:9d:70:b9:1c:46:39:7e:37:bc:0c:f9:
         e0:d6:fe:dd:50:43:76:a6:9c:fc:fa:b2:d8:7e:85:b6:5a:16:
         a5:50:50:89:e4:90:f5:5e:7f:7a:69:dd:55:f9:a2:a9:38:22:
         fb:70:e0:14:af:6c:81:e2:8a:6c:1f:e4:48:18:ad:8f:fb:8c:
         44:f6:3f:38:9f:bf:bb:12:97:f0:7a:72:4c:7a:3f:92:f3:7b:
         76:8d:6b:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKwj+EizA9/ExzAoEDBOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjUwNjE0MDIwMDQ4WhcNMjUwNjE1MDIwMDQ4WjAzMTEwLwYDVQQD
EygzNjAxZGI4YmY4NGM2YTUyODAwYTNhMzk4N2JmYTc5NDNhYzI5MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5TCvWGkYj6S4bikB7AZLda8f7Ab
JR50TXby4qNpf5FuEod9F5l7dPISohhpp/OI/ePsOyKUTuFmkYmu6h98EZM+vgUi
bXRbeuEeJrmqrVvfSLkUQOrJ0wwQYcu7+SozCmL0FqSBk+WpY+CezEXHsQ20ITrA
LfDXSGn0psBb14+7AF8AbT0QCbbQQ1rOg4WXgY00awd6+XvoyNVtEd4tm5C2yYhP
2ptaTK6D+IdetxCR5n/OL0w8qxCwgj0jdZoHrkCflfOPxafovNMZonBqR++6rAXQ
cE1bu27NbBr56D/82hNLSmFwwyhz3qcqBZX7oNKRzqJfRR5gXPmjqoYMiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYB24v4TGpSgAo6OYe/p5Q6wpC6MB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlFmFAKl1
YMMQbGP5Ltjx5FoYqAp1QAYABL/1m5xHbxGXsmRLD1D82E71tplnW8fNjYKdB/sq
rVwoRsK6zJ9JnBoz+UKVNZQvHh29ZZ2Z69pwzMD4H4K0fdMSsJlBGyUW3QZhRDlU
WJdDCQb1s5vtiGymjzkuQZf27q9wrN80AOvAwHhMomP1NXQFUww6E75uH+LWAeXI
AIiI+2hV4ZJx+ZkowccGpLUbuZ1wuRxGOX43vAz54Nb+3VBDdqac/Pqy2H6FtloW
pVBQieSQ9V5/emndVfmiqTgi+3DgFK9sgeKKbB/kSBitj/uMRPY/OJ+/uxKX8Hpy
THo/kvN7do1rtg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 08:21:34 2025 by rpki-client