Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          GPcWyZQhcL0ExgwiCATYYP9fIFWeDKU5SiSvyhPiYrY=
Subject key identifier:   E0:DA:AA:DE:9D:E5:6B:3C:F3:60:E5:D1:9D:07:D9:AD:1B:98:2C:17
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       019681A35A0428DDA353FB8AE695DC798E23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0E29
Signing time:             Tue 29 Apr 2025 13:01:28 +0000
Manifest this update:     Tue 29 Apr 2025 13:01:28 +0000
Manifest next update:     Wed 30 Apr 2025 13:01:28 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: /BxhMnXbcdCRzWSfsnTCR+wdvO9osbvBu6XObePzGJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a3:5a:04:28:dd:a3:53:fb:8a:e6:95:dc:79:8e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Apr 29 13:01:28 2025 GMT
            Not After : Apr 30 13:01:28 2025 GMT
        Subject: CN=e0daaade9de56b3cf360e5d19d07d9ad1b982c17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0b:7c:39:02:26:8c:cb:59:9a:43:aa:5b:aa:
                    e9:5e:d1:c8:a0:d6:21:47:6c:72:a8:f1:b9:7e:f5:
                    b7:cf:24:57:ce:8d:c6:4c:fd:6f:25:7c:87:d3:5e:
                    97:7e:2a:6f:99:a7:90:82:34:6f:86:97:7f:65:6a:
                    db:ad:be:5e:56:dc:3d:01:a1:9e:51:7f:7a:57:db:
                    ff:c6:53:97:c8:f3:ae:dc:69:26:7f:25:17:3c:42:
                    01:fd:81:3b:5a:06:aa:32:29:be:f3:91:ef:0d:ea:
                    8e:b5:c0:87:75:ff:68:0f:de:91:d9:1d:f6:9a:23:
                    62:10:94:8e:d8:03:d7:aa:00:0c:87:b9:4a:7c:96:
                    2e:e5:eb:cb:3b:48:ff:80:e7:cf:db:9d:8c:ef:fb:
                    9d:b9:5f:65:7c:ec:54:f9:d3:ea:0f:80:76:ba:f4:
                    74:a5:c8:c5:91:cb:56:81:bf:61:82:eb:f7:2c:28:
                    3f:a6:b8:d6:a5:a0:ea:f1:34:60:29:8f:a3:cf:a7:
                    dd:bf:e9:2c:ee:9f:6d:d8:91:7f:39:cf:73:56:cf:
                    c4:59:88:c7:c0:c6:3e:7e:32:de:2d:bf:5b:46:cb:
                    6e:ba:21:36:39:e1:e3:b8:bd:66:f7:c2:2c:bc:3a:
                    6c:0d:e7:e0:22:fe:4b:0c:5c:20:60:af:33:d2:f9:
                    32:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:DA:AA:DE:9D:E5:6B:3C:F3:60:E5:D1:9D:07:D9:AD:1B:98:2C:17
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:b9:87:b4:75:ea:af:72:5f:f0:4e:cc:7f:33:89:28:1a:9d:
         db:50:ea:77:32:9b:cb:ee:31:97:12:f8:df:0d:4a:de:63:29:
         60:7a:7a:a5:11:f7:34:81:f8:87:f5:0c:9f:e0:fc:0b:d2:f5:
         84:01:fe:43:ab:c5:c0:ca:0e:f2:0c:06:cb:da:6c:0e:29:c0:
         fa:59:ac:ad:8f:7b:5c:c5:3b:2d:6c:e1:be:22:8f:93:51:3b:
         08:e6:84:e1:d3:26:08:70:64:11:ae:cd:81:be:14:31:f1:9b:
         7f:fe:e4:e7:08:2d:75:7e:bf:02:d2:f7:b8:14:d3:c1:95:80:
         49:63:2c:73:d6:3b:9d:79:44:5e:ea:62:ec:ba:ef:25:47:31:
         3e:74:e1:dd:58:2f:08:1c:b6:99:fc:20:95:b8:56:b9:7f:02:
         58:3b:37:6f:70:ae:38:bd:22:fc:83:61:26:c7:89:1d:18:c8:
         ad:d0:4f:50:a0:7f:a1:a3:c0:bd:e7:89:66:ad:bc:1a:5c:87:
         39:3a:f7:80:1c:16:69:7b:78:b9:87:fc:7b:5a:97:fd:b6:ab:
         66:70:68:c5:b4:c7:07:18:8a:3f:1c:4d:a1:a9:ab:51:e0:c7:
         f1:e4:87:cb:77:fa:e4:4b:d9:6f:e3:54:7c:4b:42:bd:01:a8:
         5e:b9:88:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBo1oEKN2jU/uK5pXceY4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwNDI5MTMwMTI4WhcNMjUwNDMwMTMwMTI4WjAzMTEwLwYDVQQD
EyhlMGRhYWFkZTlkZTU2YjNjZjM2MGU1ZDE5ZDA3ZDlhZDFiOTgyYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwt8OQImjMtZmkOqW6rpXtHIoNYh
R2xyqPG5fvW3zyRXzo3GTP1vJXyH016XfipvmaeQgjRvhpd/ZWrbrb5eVtw9AaGe
UX96V9v/xlOXyPOu3GkmfyUXPEIB/YE7WgaqMim+85HvDeqOtcCHdf9oD96R2R32
miNiEJSO2APXqgAMh7lKfJYu5evLO0j/gOfP252M7/uduV9lfOxU+dPqD4B2uvR0
pcjFkctWgb9hguv3LCg/prjWpaDq8TRgKY+jz6fdv+ks7p9t2JF/Oc9zVs/EWYjH
wMY+fjLeLb9bRstuuiE2OeHjuL1m98IsvDpsDefgIv5LDFwgYK8z0vkyGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODaqt6d5Ws882Dl0Z0H2a0bmCwXMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACbmHtHXq
r3Jf8E7MfzOJKBqd21DqdzKby+4xlxL43w1K3mMpYHp6pRH3NIH4h/UMn+D8C9L1
hAH+Q6vFwMoO8gwGy9psDinA+lmsrY97XMU7LWzhviKPk1E7COaE4dMmCHBkEa7N
gb4UMfGbf/7k5wgtdX6/AtL3uBTTwZWASWMsc9Y7nXlEXupi7LrvJUcxPnTh3Vgv
CBy2mfwglbhWuX8CWDs3b3CuOL0i/INhJseJHRjIrdBPUKB/oaPAveeJZq28GlyH
OTr3gBwWaXt4uYf8e1qX/barZnBoxbTHBxiKPxxNoamrUeDH8eSHy3f65EvZb+NU
fEtCvQGoXrmIAg==
-----END CERTIFICATE-----