Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
File:                     2KVuLWOsXam-012gHL-tIl8EvrA.mft (raw, json)
Hash identifier:          E9Qyiu7jpD/IpjIO8ySFMW++esFcaIn/ebE4pMPal0c=
Subject key identifier:   81:A2:39:8F:58:40:1F:08:B0:50:22:4A:3A:D2:7E:FD:6F:71:C6:D9
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Certificate issuer:       /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial:       019758A3F135D5538BFD457871F5B163B6A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
Manifest number:          1587
Signing time:             Tue 10 Jun 2025 07:00:28 +0000
Manifest this update:     Tue 10 Jun 2025 07:00:28 +0000
Manifest next update:     Wed 11 Jun 2025 07:00:28 +0000
Files and hashes:         1: 2KVuLWOsXam-012gHL-tIl8EvrA.crl (hash: HxZny0GAC4pszcjgMB+V5MJjPicBfRATSHZN9HqNbas=)
                          2: RCebozhiTcCblvotMpWCdCJ1ob8.roa (hash: ZFZoBEoVJHz2x12TIIxXed5WibUd/7/bBstI8X2ocJo=)
                          3: nQS504JwOxjiWHwncxw2UXqZAyw.roa (hash: 3N4RSXWIhF3ipth4gfwK0f71CjoGPMdi4/hqfhot2X4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a3:f1:35:d5:53:8b:fd:45:78:71:f5:b1:63:b6:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
        Validity
            Not Before: Jun 10 07:00:28 2025 GMT
            Not After : Jun 11 07:00:28 2025 GMT
        Subject: CN=81a2398f58401f08b050224a3ad27efd6f71c6d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:26:96:d1:57:30:b4:34:f2:63:11:5c:4f:c9:
                    85:4f:78:b4:b2:46:21:b9:fa:da:f8:a4:bb:01:74:
                    ac:62:c3:89:fa:05:e1:8e:a8:be:67:e4:8a:23:7d:
                    cc:28:34:d6:84:71:27:fc:40:38:86:5e:65:94:c7:
                    a1:6c:c4:7e:4c:b4:02:b8:ca:8a:61:6a:a0:49:60:
                    c9:54:ba:3a:39:9a:2f:68:e3:de:6a:93:db:a6:6f:
                    17:c1:0f:24:eb:b7:b1:98:d7:35:85:e8:d7:36:bc:
                    d0:48:46:55:53:dd:43:11:db:c6:63:04:ff:49:d6:
                    e6:e9:db:94:86:4e:2f:e0:22:78:d1:13:cc:87:49:
                    14:5d:27:13:44:00:a5:92:eb:fc:b1:da:b4:31:74:
                    13:42:e6:12:07:73:6c:a3:e4:16:f1:2d:4b:ca:cd:
                    80:27:be:c2:ca:d2:4e:7a:b1:d8:87:a1:c2:48:89:
                    9b:74:88:16:4f:3b:ca:c8:58:ca:02:0b:aa:3a:89:
                    5b:ef:55:4b:1a:53:93:d9:52:c2:44:72:a9:1a:30:
                    ec:28:93:41:80:ff:03:84:1b:92:c5:d0:c6:61:5c:
                    63:f6:80:01:27:73:b8:0a:71:2e:d3:52:65:9a:96:
                    b6:ce:6b:3c:72:53:42:de:cd:a8:db:48:4b:69:03:
                    42:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A2:39:8F:58:40:1F:08:B0:50:22:4A:3A:D2:7E:FD:6F:71:C6:D9
            X509v3 Authority Key Identifier:
                keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:94:1e:0f:47:ac:6d:eb:bb:3d:6f:62:0f:6f:97:cc:90:63:
         dd:6c:58:ea:c5:d8:06:e2:b2:42:dd:59:cd:21:5d:15:09:e5:
         9e:27:47:a8:76:a6:fd:90:0b:42:7e:7a:20:f4:47:39:b6:82:
         b0:be:92:c3:3b:cc:a4:07:f8:06:5f:d5:8d:f8:8e:8c:e5:5b:
         73:da:72:32:8e:56:14:d2:99:a9:e0:26:02:ab:8b:0e:40:16:
         84:21:c6:e2:47:a1:5f:f9:bf:8e:43:08:92:01:38:22:4c:2f:
         df:16:93:d9:d3:56:03:36:2e:a1:7e:5c:66:51:4c:d6:7e:2c:
         e5:1f:21:38:00:a4:60:be:51:c3:fc:04:66:d6:7d:9d:22:f7:
         ca:58:57:d6:a9:6d:df:e9:69:31:b4:34:49:ac:74:44:f9:e1:
         be:5e:44:2c:1c:94:9a:16:34:21:50:52:50:ce:67:0f:52:3a:
         b5:39:8e:de:f9:cb:68:f6:9e:27:3c:c6:d4:fa:17:b9:c4:f2:
         24:8c:f4:0e:79:5c:23:b6:84:ed:b0:29:38:c0:e3:49:87:34:
         38:53:ff:ca:1e:ff:42:c2:2c:89:ac:ba:a0:d0:2c:b7:4f:5a:
         1c:47:55:ed:96:20:43:39:d8:7c:59:ba:d1:33:e1:8b:56:3c:
         3b:37:c8:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYo/E11VOL/UV4cfWxY7aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjUwNjEwMDcwMDI4WhcNMjUwNjExMDcwMDI4WjAzMTEwLwYDVQQD
Eyg4MWEyMzk4ZjU4NDAxZjA4YjA1MDIyNGEzYWQyN2VmZDZmNzFjNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSaW0VcwtDTyYxFcT8mFT3i0skYh
ufra+KS7AXSsYsOJ+gXhjqi+Z+SKI33MKDTWhHEn/EA4hl5llMehbMR+TLQCuMqK
YWqgSWDJVLo6OZovaOPeapPbpm8XwQ8k67exmNc1hejXNrzQSEZVU91DEdvGYwT/
Sdbm6duUhk4v4CJ40RPMh0kUXScTRAClkuv8sdq0MXQTQuYSB3Nso+QW8S1Lys2A
J77CytJOerHYh6HCSImbdIgWTzvKyFjKAguqOolb71VLGlOT2VLCRHKpGjDsKJNB
gP8DhBuSxdDGYVxj9oABJ3O4CnEu01Jlmpa2zms8clNC3s2o20hLaQNC+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGiOY9YQB8IsFAiSjrSfv1vccbZMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5QeD0es
beu7PW9iD2+XzJBj3WxY6sXYBuKyQt1ZzSFdFQnlnidHqHam/ZALQn56IPRHObaC
sL6SwzvMpAf4Bl/VjfiOjOVbc9pyMo5WFNKZqeAmAquLDkAWhCHG4kehX/m/jkMI
kgE4Ikwv3xaT2dNWAzYuoX5cZlFM1n4s5R8hOACkYL5Rw/wEZtZ9nSL3ylhX1qlt
3+lpMbQ0Sax0RPnhvl5ELByUmhY0IVBSUM5nD1I6tTmO3vnLaPaeJzzG1PoXucTy
JIz0DnlcI7aE7bApOMDjSYc0OFP/yh7/QsIsiay6oNAst09aHEdV7ZYgQznYfFm6
0TPhi1Y8OzfI9w==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:00:32 2025 by rpki-client