Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          xlktviCHGIucvbGqjw9Qu4OD9GXtsmi7JLIcbNaDoUc=
Subject key identifier:   C0:BB:99:6A:DA:51:42:DB:9F:F2:1D:26:76:19:9F:B6:4E:C8:84:67
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       01988CFD81EB2C98688C48A7ADF3144B4799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0F38
Signing time:             Sat 09 Aug 2025 04:01:20 +0000
Manifest this update:     Sat 09 Aug 2025 04:01:20 +0000
Manifest next update:     Sun 10 Aug 2025 04:01:20 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: WJDvq/9x8Hb+izR7TTGmvizzzaapZEp8+MKGdzB5SzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:fd:81:eb:2c:98:68:8c:48:a7:ad:f3:14:4b:47:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Aug  9 04:01:20 2025 GMT
            Not After : Aug 10 04:01:20 2025 GMT
        Subject: CN=c0bb996ada5142db9ff21d2676199fb64ec88467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:30:74:64:66:e8:e3:c3:f4:94:bb:34:13:fd:
                    ac:52:9f:ac:88:5f:32:dd:3f:ae:2e:5a:75:96:89:
                    d6:58:e9:31:93:00:e7:6b:5d:b0:c8:20:1f:2b:08:
                    fa:44:64:6b:99:ae:7c:84:87:81:32:51:ae:3f:9e:
                    72:d5:5c:aa:ea:78:d6:40:ac:9a:35:8e:6e:41:3a:
                    c6:e2:34:f9:08:82:91:af:eb:ce:5d:41:1c:9e:f2:
                    ca:28:e5:a9:36:3c:e1:52:57:98:dc:8a:94:43:1e:
                    c5:ac:29:f7:74:51:4f:1b:04:65:c7:73:c7:bc:cc:
                    ab:5a:8f:e2:5e:e6:63:c3:78:2d:f2:c1:a2:0a:98:
                    5d:87:53:48:03:20:02:af:b1:7f:a0:ca:01:45:f4:
                    73:4b:b3:b6:6e:75:e4:14:99:6b:98:32:8a:a0:49:
                    70:83:19:3b:53:8e:f7:8e:3a:2f:4e:35:39:03:52:
                    57:6a:cf:6e:5e:48:36:d4:e8:a3:42:74:83:b9:ab:
                    93:d8:ac:f3:77:c8:8e:2b:7b:00:81:70:4e:dd:da:
                    e9:11:1c:7e:75:93:74:17:4c:84:99:9f:75:c3:81:
                    1c:71:bc:54:00:fc:df:69:18:3f:0a:84:34:dd:03:
                    21:c8:22:88:66:b1:0d:23:08:5c:ef:0a:46:57:46:
                    d5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:BB:99:6A:DA:51:42:DB:9F:F2:1D:26:76:19:9F:B6:4E:C8:84:67
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:fe:7c:cd:98:bf:ce:6e:e9:13:ff:b2:86:04:98:8d:bc:fa:
         0a:a4:3d:1c:86:8d:75:d4:ec:b4:85:6a:02:cc:54:b4:29:8f:
         97:2b:7c:ab:65:f1:04:b4:8b:fb:f3:e2:1e:51:b6:4d:4d:e9:
         2a:c2:0e:8b:66:c8:b1:54:79:87:8b:ed:36:c2:1f:10:49:00:
         ba:ec:1c:d9:e3:e0:04:ff:e5:07:81:3a:39:8c:da:f2:c2:02:
         89:1d:49:25:88:74:3a:55:d4:0b:56:57:7b:29:57:e9:92:ec:
         24:8e:f5:e1:c9:06:b2:de:85:98:88:29:3a:b7:36:eb:7d:54:
         10:18:89:95:ae:5f:50:a0:59:b6:9a:7a:2f:9c:8d:5e:11:a8:
         05:bd:bd:84:17:ed:1c:29:f4:ab:94:50:0a:85:bb:58:39:3d:
         8a:b6:37:6f:e4:c5:9e:73:f7:2a:ba:37:02:f5:7a:f9:4c:a7:
         bf:42:6d:4a:7d:59:52:f5:6d:9f:fc:34:75:24:b3:50:be:58:
         83:74:5b:ad:25:09:1e:8f:75:25:6a:a1:ff:a1:70:b8:1e:84:
         30:5b:d6:d3:52:48:5d:98:1e:9a:11:b3:31:86:18:17:b9:8d:
         d8:d3:41:83:30:33:89:1b:4d:5b:82:27:27:f4:92:7a:e8:21:
         bc:aa:6f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/YHrLJhojEinrfMUS0eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwODA5MDQwMTIwWhcNMjUwODEwMDQwMTIwWjAzMTEwLwYDVQQD
EyhjMGJiOTk2YWRhNTE0MmRiOWZmMjFkMjY3NjE5OWZiNjRlYzg4NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTB0ZGbo48P0lLs0E/2sUp+siF8y
3T+uLlp1lonWWOkxkwDna12wyCAfKwj6RGRrma58hIeBMlGuP55y1Vyq6njWQKya
NY5uQTrG4jT5CIKRr+vOXUEcnvLKKOWpNjzhUleY3IqUQx7FrCn3dFFPGwRlx3PH
vMyrWo/iXuZjw3gt8sGiCphdh1NIAyACr7F/oMoBRfRzS7O2bnXkFJlrmDKKoElw
gxk7U473jjovTjU5A1JXas9uXkg21OijQnSDuauT2Kzzd8iOK3sAgXBO3drpERx+
dZN0F0yEmZ91w4EccbxUAPzfaRg/CoQ03QMhyCKIZrENIwhc7wpGV0bVgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMC7mWraUULbn/IdJnYZn7ZOyIRnMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAP58zZi/
zm7pE/+yhgSYjbz6CqQ9HIaNddTstIVqAsxUtCmPlyt8q2XxBLSL+/PiHlG2TU3p
KsIOi2bIsVR5h4vtNsIfEEkAuuwc2ePgBP/lB4E6OYza8sICiR1JJYh0OlXUC1ZX
eylX6ZLsJI714ckGst6FmIgpOrc2631UEBiJla5fUKBZtpp6L5yNXhGoBb29hBft
HCn0q5RQCoW7WDk9irY3b+TFnnP3Kro3AvV6+Uynv0JtSn1ZUvVtn/w0dSSzUL5Y
g3RbrSUJHo91JWqh/6FwuB6EMFvW01JIXZgemhGzMYYYF7mN2NNBgzAziRtNW4In
J/SSeughvKpvww==
-----END CERTIFICATE-----