Manifest

$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
File:                     656E4422ABF129649200EB019A815F2B12236E92.mft (raw, json)
Hash identifier:          ByBJtk0zSvz4pRYjlRt0H8pJNXtPKW0ur1jwTeHtTL8=
Subject key identifier:   6C:C0:52:12:5B:15:ED:6B:34:0C:43:BB:84:A4:4D:6F:C4:61:0A:01
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Certificate issuer:       /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial:       7F1F495E48705D0EB29501AAC8D537F3A51CEC95
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access:      rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
Manifest number:          015C
Signing time:             Sun 10 Aug 2025 18:12:56 +0000
Manifest this update:     Sun 10 Aug 2025 18:07:56 +0000
Manifest next update:     Mon 11 Aug 2025 18:24:56 +0000
Files and hashes:         1: 656E4422ABF129649200EB019A815F2B12236E92.crl (hash: 7NSAXjz38TF2bvVxHVXptWI5UqfIuoCzShi9aF+wlbk=)
                          2: 34352e3133322e3139302e302f32342d3234203d3e2030.roa (hash: 9ieyP3BjwnrGT7jHWN0miv3BwxPneURkOZZD4j2C8Tw=)
                          3: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (hash: piR0xY2W/Fg7dFVRqqqeApVksNlAZNhoOxCqAZQ09I0=)
                          4: 3134372e32382e31302e302f32332d3234203d3e2039343334.roa (hash: VtH6E5X9bla/lP/1oDgzLC/IGBeO4Y+MgLQlG/MHRAA=)
                          5: 3134372e32382e31302e302f32332d3234203d3e203437303635.roa (hash: InllrUkC+i/L8Vq1qSaFZSxY2gcH0Pb1ZOihADOfZw0=)
Validation:               OK
Signature path:           rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl
                          rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
                          rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
                          rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
                          rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 11:49:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:1f:49:5e:48:70:5d:0e:b2:95:01:aa:c8:d5:37:f3:a5:1c:ec:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
        Validity
            Not Before: Aug 10 18:07:56 2025 GMT
            Not After : Aug 11 18:24:56 2025 GMT
        Subject: CN=6CC052125B15ED6B340C43BB84A44D6FC4610A01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:47:c9:82:2c:4d:c4:62:cb:04:5e:f1:50:43:
                    99:3f:0d:1f:6d:f6:82:f0:c4:aa:e9:3e:53:e8:10:
                    1f:58:98:4f:8c:08:1b:1d:66:ab:40:97:64:37:1c:
                    a0:99:03:3e:47:dd:a4:ac:37:33:36:a2:4c:09:92:
                    17:c8:af:82:f1:f4:b3:a0:95:91:8e:d7:75:17:06:
                    c5:d4:dc:e1:87:63:93:f6:78:3d:c8:60:4c:95:0c:
                    48:bc:7d:fe:12:92:2a:f5:70:7c:2f:c6:3a:3a:89:
                    de:29:3f:fa:56:1e:aa:cc:53:76:96:65:dd:34:ed:
                    5a:62:66:85:22:f7:d0:b2:7d:6d:ee:b9:0e:eb:35:
                    fc:91:d6:c6:ee:45:5b:40:42:92:85:e5:59:e7:21:
                    e5:76:23:3e:19:71:27:9e:16:63:75:9b:f2:20:de:
                    99:80:0a:4a:69:fa:2b:dc:1f:9b:51:bc:86:57:2e:
                    f3:0a:1f:9c:b0:3e:42:83:9d:d1:c7:7f:10:e4:6c:
                    d1:49:f3:93:17:81:9b:01:c0:fc:cc:9d:79:13:19:
                    f9:d6:35:28:89:60:21:5d:7a:39:e3:c9:0d:fe:cf:
                    1e:27:80:d8:5f:3f:de:a6:10:cc:ea:64:38:93:82:
                    af:aa:cd:bb:52:49:2c:51:c4:53:2e:a7:c0:b9:07:
                    56:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:C0:52:12:5B:15:ED:6B:34:0C:43:BB:84:A4:4D:6F:C4:61:0A:01
            X509v3 Authority Key Identifier:
                keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:54:0b:0c:1e:52:38:8b:ee:52:9f:72:cd:07:2d:40:4d:fe:
         03:3a:30:f7:a9:85:b1:d1:e1:6b:91:51:71:15:b2:18:91:3c:
         36:12:f0:e2:ab:85:18:0d:42:23:20:38:7a:21:5b:f7:81:67:
         2b:fa:36:31:4d:89:ae:ec:02:bc:26:59:53:35:4e:99:6b:fe:
         d3:88:8c:06:70:79:8e:3f:55:9a:15:72:4f:34:ef:ba:e3:63:
         53:9c:22:fb:e1:34:f5:bb:99:95:11:33:4a:79:2b:86:24:05:
         e4:82:07:c7:ba:3c:07:fb:a1:25:0a:c9:64:04:ef:1f:25:eb:
         c8:0b:f6:89:ec:78:b1:2b:23:97:36:a3:ff:e7:ac:37:84:08:
         e6:f8:b1:01:33:24:fb:f1:a1:58:63:69:85:78:eb:41:7f:ac:
         35:51:fe:85:20:bd:ea:4b:61:31:21:f3:f2:4a:4f:3b:e7:d8:
         d7:d9:7a:42:36:c5:f5:63:1f:7d:1d:f1:81:86:a6:60:46:46:
         9e:ef:1b:f6:be:f0:24:a4:04:7c:dd:c3:ad:9c:12:cd:da:25:
         a1:91:92:61:56:e0:10:9b:31:ee:f3:07:39:28:d0:b7:b4:26:
         54:71:76:7d:81:cc:c3:22:31:b7:24:2f:5a:ad:e7:29:b8:17:
         3f:5c:03:e9
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUfx9JXkhwXQ6ylQGqyNU386Uc7JUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNTA4MTAxODA3NTZaFw0yNTA4MTExODI0NTZaMDMxMTAvBgNV
BAMTKDZDQzA1MjEyNUIxNUVENkIzNDBDNDNCQjg0QTQ0RDZGQzQ2MTBBMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlR8mCLE3EYssEXvFQQ5k/DR9t
9oLwxKrpPlPoEB9YmE+MCBsdZqtAl2Q3HKCZAz5H3aSsNzM2okwJkhfIr4Lx9LOg
lZGO13UXBsXU3OGHY5P2eD3IYEyVDEi8ff4Skir1cHwvxjo6id4pP/pWHqrMU3aW
Zd007VpiZoUi99CyfW3uuQ7rNfyR1sbuRVtAQpKF5VnnIeV2Iz4ZcSeeFmN1m/Ig
3pmACkpp+ivcH5tRvIZXLvMKH5ywPkKDndHHfxDkbNFJ85MXgZsBwPzMnXkTGfnW
NSiJYCFdejnjyQ3+zx4ngNhfP96mEMzqZDiTgq+qzbtSSSxRxFMup8C5B1ZpAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUbMBSElsV7Ws0DEO7hKRNb8RhCgEwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL2tyaWxsLnJn
Lm5ldC9yZXBvL3Jwa2ktYmVhY29ucy1jYS8wLzY1NkU0NDIyQUJGMTI5NjQ5MjAw
RUIwMTlBODE1RjJCMTIyMzZFOTIubWZ0MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADAVBggrBgEFBQcB
CAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBWVAsMHlI4i+5Sn3LNBy1A
Tf4DOjD3qYWx0eFrkVFxFbIYkTw2EvDiq4UYDUIjIDh6IVv3gWcr+jYxTYmu7AK8
JllTNU6Za/7TiIwGcHmOP1WaFXJPNO+642NTnCL74TT1u5mVETNKeSuGJAXkggfH
ujwH+6ElCslkBO8fJevIC/aJ7HixKyOXNqP/56w3hAjm+LEBMyT78aFYY2mFeOtB
f6w1Uf6FIL3qS2ExIfPySk8759jX2XpCNsX1Yx99HfGBhqZgRkae7xv2vvAkpAR8
3cOtnBLN2iWhkZJhVuAQmzHu8wc5KNC3tCZUcXZ9gczDIjG3JC9arecpuBc/XAPp
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:51:27 2025 by rpki-client