Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          WghwIvyiZnntBTkUXHm9WHmj8aq8AX5IcugNLFWbv3s=
Subject key identifier:   EA:0C:FA:3A:31:74:7D:C4:B3:88:68:2A:FC:A3:1B:00:C1:2E:77:DB
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       01974967B8DDE23A44C25C9FE34CCF44351F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          01EE
Signing time:             Sat 07 Jun 2025 08:00:23 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:23 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:23 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: rzXmscvnGbyIaxW5YM7p8Bt+cJRPSJJMt1f0v0bKlD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:b8:dd:e2:3a:44:c2:5c:9f:e3:4c:cf:44:35:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Jun  7 08:00:23 2025 GMT
            Not After : Jun  8 08:00:23 2025 GMT
        Subject: CN=ea0cfa3a31747dc4b388682afca31b00c12e77db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:da:14:bd:94:ac:d9:0d:f2:65:ca:30:f2:93:
                    83:9b:22:ca:d5:fc:56:93:93:1c:f4:31:9f:d8:24:
                    bc:cb:f1:ef:a2:2e:ae:27:36:19:75:45:14:af:fb:
                    8e:09:80:7e:cb:73:22:ad:26:0a:f7:f9:d6:5d:c1:
                    25:35:32:3e:5c:d0:f9:4d:d3:49:d4:e2:7b:6b:21:
                    e9:9c:31:5d:57:90:a8:f8:48:58:ad:c4:61:85:88:
                    70:1e:ac:d9:22:dc:9a:29:84:3f:68:f5:20:60:17:
                    8d:6d:23:3c:25:d6:b3:87:da:5d:6d:a8:c4:be:0c:
                    6b:21:9c:7d:9c:12:25:2d:fb:04:08:c4:8c:8c:ed:
                    7d:e1:a2:f6:2b:c3:e3:45:48:ed:ca:55:33:35:c8:
                    88:2f:57:2f:a9:d3:35:5f:3f:a9:64:b3:2a:e4:7d:
                    78:fc:a9:4b:c6:c6:5e:a4:b3:9b:df:62:8f:b5:66:
                    7c:2f:d7:8e:6a:af:4e:d6:6f:73:83:15:ac:34:76:
                    b6:aa:30:d3:8b:e0:54:ee:8d:d6:87:97:f0:4c:b9:
                    ba:f7:8a:b5:9b:20:2c:ee:37:38:7d:d1:91:d0:2b:
                    54:85:4d:de:f3:9f:13:f4:ac:28:48:99:5c:a6:6d:
                    44:65:55:71:3f:db:d1:ee:0a:5f:02:f6:dd:e6:96:
                    65:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:0C:FA:3A:31:74:7D:C4:B3:88:68:2A:FC:A3:1B:00:C1:2E:77:DB
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:6f:0b:8c:2f:f7:cb:49:9e:98:a4:98:be:fe:62:7d:8e:b7:
         c6:6a:4b:ce:60:ac:28:0c:81:23:1c:e5:45:ee:1d:af:2d:4e:
         ec:f4:e1:24:3f:76:44:48:db:03:7f:d4:83:23:94:da:fc:d8:
         ff:e6:ba:f4:22:b4:0d:22:a4:87:2f:13:bb:c0:6e:b7:99:e6:
         ef:e3:80:77:ed:40:44:ba:67:a6:35:8f:8f:6d:61:b6:1e:61:
         8d:50:d8:78:ec:ce:34:f1:45:dc:85:e6:cc:9f:33:df:00:42:
         b9:02:fe:b1:41:f5:2e:03:7c:7a:b1:fe:f9:56:30:11:ac:9f:
         3b:7d:ca:f1:45:1b:f3:ed:71:83:e5:94:25:6c:27:86:20:88:
         9e:bc:03:03:ce:44:9a:f3:00:b0:7b:e6:c6:86:f4:a9:6b:98:
         02:ed:c4:5c:b3:7b:09:19:93:c4:72:52:cd:c4:72:2a:d3:fb:
         eb:d9:6b:7c:b9:fe:1f:25:a8:37:ba:b2:12:9b:a9:32:d7:6d:
         19:d7:dd:b4:f5:34:e0:1d:ef:7b:76:50:28:46:05:b8:0c:07:
         2a:5b:ea:59:0c:78:f6:15:74:5a:31:d0:be:fc:c2:cb:10:12:
         28:27:a4:d0:3e:e3:7b:43:4c:3c:3d:94:28:f8:8a:9a:77:ad:
         8e:04:41:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ7jd4jpEwlyf40zPRDUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUwNjA3MDgwMDIzWhcNMjUwNjA4MDgwMDIzWjAzMTEwLwYDVQQD
EyhlYTBjZmEzYTMxNzQ3ZGM0YjM4ODY4MmFmY2EzMWIwMGMxMmU3N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntoUvZSs2Q3yZcow8pODmyLK1fxW
k5Mc9DGf2CS8y/Hvoi6uJzYZdUUUr/uOCYB+y3MirSYK9/nWXcElNTI+XND5TdNJ
1OJ7ayHpnDFdV5Co+EhYrcRhhYhwHqzZItyaKYQ/aPUgYBeNbSM8Jdazh9pdbajE
vgxrIZx9nBIlLfsECMSMjO194aL2K8PjRUjtylUzNciIL1cvqdM1Xz+pZLMq5H14
/KlLxsZepLOb32KPtWZ8L9eOaq9O1m9zgxWsNHa2qjDTi+BU7o3Wh5fwTLm694q1
myAs7jc4fdGR0CtUhU3e858T9KwoSJlcpm1EZVVxP9vR7gpfAvbd5pZlJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoM+joxdH3Es4hoKvyjGwDBLnfbMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkW8LjC/3
y0memKSYvv5ifY63xmpLzmCsKAyBIxzlRe4dry1O7PThJD92REjbA3/UgyOU2vzY
/+a69CK0DSKkhy8Tu8But5nm7+OAd+1ARLpnpjWPj21hth5hjVDYeOzONPFF3IXm
zJ8z3wBCuQL+sUH1LgN8erH++VYwEayfO33K8UUb8+1xg+WUJWwnhiCInrwDA85E
mvMAsHvmxob0qWuYAu3EXLN7CRmTxHJSzcRyKtP769lrfLn+HyWoN7qyEpupMtdt
GdfdtPU04B3ve3ZQKEYFuAwHKlvqWQx49hV0WjHQvvzCyxASKCek0D7je0NMPD2U
KPiKmnetjgRByQ==
-----END CERTIFICATE-----