Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File:                     Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier:          OEswjRyjgT5s5Se7iIk3CWHbkI5MigorOsaMtMWJeBY=
Subject key identifier:   66:C1:E4:05:3C:C7:C3:83:46:F6:92:A2:E8:4C:C7:DC:44:A3:AF:EB
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       01976282CD25921C9AC090EA9EF8DDCA3C94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number:          0669
Signing time:             Thu 12 Jun 2025 05:00:28 +0000
Manifest this update:     Thu 12 Jun 2025 05:00:28 +0000
Manifest next update:     Fri 13 Jun 2025 05:00:28 +0000
Files and hashes:         1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
                          2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: jrVZ8D1W38Z7/0nO4BDSAifoQItqoErb5GTj+P9p4kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 05:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:82:cd:25:92:1c:9a:c0:90:ea:9e:f8:dd:ca:3c:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Jun 12 05:00:28 2025 GMT
            Not After : Jun 13 05:00:28 2025 GMT
        Subject: CN=66c1e4053cc7c38346f692a2e84cc7dc44a3afeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2b:89:58:60:61:d3:1b:0c:81:8e:54:0f:da:
                    2e:77:88:0a:c2:06:33:c9:4c:a5:14:04:b1:9c:00:
                    0e:11:03:35:13:5d:e7:0f:ae:06:26:a3:2e:81:35:
                    88:b7:13:e8:da:ef:14:b9:b3:fc:97:b3:f5:0c:5c:
                    7d:f6:b8:10:ff:a6:bd:4c:00:d9:aa:f1:f2:aa:29:
                    c3:16:42:6a:19:ce:cf:14:c0:fb:eb:9c:5c:75:6a:
                    89:62:dc:25:4c:b6:fe:ce:e3:a5:52:9a:a1:b9:a2:
                    ba:e7:34:5c:95:80:ed:9c:8e:5d:48:bf:60:88:f2:
                    38:3c:78:f3:f4:cd:a7:ec:3d:33:d5:e7:2a:45:22:
                    4e:79:e6:a1:4b:af:57:4e:a8:f4:64:73:c2:f3:78:
                    ae:46:41:f7:b4:d9:cf:cb:83:0e:c9:7b:e7:1e:9f:
                    ff:04:6c:f4:83:07:a6:5b:a6:57:ae:22:d7:c1:e7:
                    b5:e9:2d:67:87:d1:3e:35:4e:84:2a:cf:c0:c8:f3:
                    e1:1a:76:2a:89:50:2d:b6:3a:bc:00:d4:b3:1f:96:
                    bc:01:a5:7b:95:0f:44:4b:fe:95:75:c5:7f:85:37:
                    3e:32:39:60:d3:ab:05:71:e4:3b:92:6d:47:c3:82:
                    22:b9:24:ae:dd:20:e1:1f:d4:b0:7b:c0:96:00:24:
                    ba:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:C1:E4:05:3C:C7:C3:83:46:F6:92:A2:E8:4C:C7:DC:44:A3:AF:EB
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:0e:1f:70:1f:05:25:58:72:5c:39:28:e9:03:88:22:6d:43:
         8b:c3:e5:85:0c:e7:58:88:7e:ab:be:49:38:2c:87:c3:8b:56:
         d9:c7:e7:75:e5:94:6b:81:b5:09:1a:4d:08:c7:9f:d7:58:04:
         3e:fb:65:79:fc:b4:d2:7e:fd:1c:75:c2:6a:ed:0a:05:0d:35:
         ef:d7:69:dd:c4:d4:c4:12:5d:0d:62:f8:b0:6d:34:26:b8:9d:
         37:4f:81:39:14:f8:a2:74:7e:dd:26:c2:1f:f2:14:8a:79:41:
         70:4b:0d:6b:a6:46:3d:59:38:cc:01:87:0c:0a:1c:19:a4:da:
         69:ac:8b:00:40:b9:c8:19:f8:72:44:af:ee:41:64:56:25:d1:
         9a:68:3f:d6:32:a1:a9:cb:dd:ab:dc:bf:eb:c7:61:44:6c:03:
         db:a8:e7:4c:f7:d0:03:a5:fc:34:9c:85:09:c0:5c:28:20:28:
         36:71:7d:4f:c3:0f:6f:42:62:a6:55:5e:d3:27:cf:ce:50:d2:
         b3:c7:bd:d9:69:ff:e6:af:9d:fb:08:c4:41:da:2f:df:bf:b1:
         4c:54:4d:fd:70:3e:16:6d:80:96:83:48:03:38:ce:a3:4a:bd:
         e4:71:bf:d6:5c:08:5e:d4:e7:f2:6d:08:5f:3b:91:c3:dc:c3:
         b4:d5:12:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigs0lkhyawJDqnvjdyjyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjEyMDUwMDI4WhcNMjUwNjEzMDUwMDI4WjAzMTEwLwYDVQQD
Eyg2NmMxZTQwNTNjYzdjMzgzNDZmNjkyYTJlODRjYzdkYzQ0YTNhZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCuJWGBh0xsMgY5UD9oud4gKwgYz
yUylFASxnAAOEQM1E13nD64GJqMugTWItxPo2u8UubP8l7P1DFx99rgQ/6a9TADZ
qvHyqinDFkJqGc7PFMD765xcdWqJYtwlTLb+zuOlUpqhuaK65zRclYDtnI5dSL9g
iPI4PHjz9M2n7D0z1ecqRSJOeeahS69XTqj0ZHPC83iuRkH3tNnPy4MOyXvnHp//
BGz0gwemW6ZXriLXwee16S1nh9E+NU6EKs/AyPPhGnYqiVAttjq8ANSzH5a8AaV7
lQ9ES/6VdcV/hTc+Mjlg06sFceQ7km1Hw4IiuSSu3SDhH9Swe8CWACS62wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbB5AU8x8ODRvaSouhMx9xEo6/rMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATg4fcB8F
JVhyXDko6QOIIm1Di8PlhQznWIh+q75JOCyHw4tW2cfndeWUa4G1CRpNCMef11gE
Pvtlefy00n79HHXCau0KBQ0179dp3cTUxBJdDWL4sG00JridN0+BORT4onR+3SbC
H/IUinlBcEsNa6ZGPVk4zAGHDAocGaTaaayLAEC5yBn4ckSv7kFkViXRmmg/1jKh
qcvdq9y/68dhRGwD26jnTPfQA6X8NJyFCcBcKCAoNnF9T8MPb0JiplVe0yfPzlDS
s8e92Wn/5q+d+wjEQdov37+xTFRN/XA+Fm2AloNIAzjOo0q95HG/1lwIXtTn8m0I
XzuRw9zDtNUSEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:10:10 2025 by rpki-client