Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
File:                     kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft (raw, json)
Hash identifier:          cirmuwEVERJYzR4YnsIgGy/18/6LddnCmdeQ5CzgyN4=
Subject key identifier:   8C:7D:C5:32:51:4E:A5:B7:5A:82:A9:9D:21:C5:4F:14:35:3C:4C:DA
Authority key identifier: 92:68:01:45:CF:B2:37:1E:CF:4C:36:47:26:B6:47:08:57:2C:42:23
Certificate issuer:       /CN=92680145cfb2371ecf4c364726b64708572c4223
Certificate serial:       019682476829C70AD45B4941D7DA7CCB4002
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
Manifest number:          0923
Signing time:             Tue 29 Apr 2025 16:00:39 +0000
Manifest this update:     Tue 29 Apr 2025 16:00:39 +0000
Manifest next update:     Wed 30 Apr 2025 16:00:39 +0000
Files and hashes:         1: Q4eb_NSVD1Iy6yzBzsYZdGRXZqY.roa (hash: ZnYNRkpn3lYvlFcVLCOCLjxdS7Ti3DktlWPMIiudM+0=)
                          2: kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl (hash: lLs/9tGnQYpbbxbas6JiXEiFf7rG5VCipDwOH5VHFgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:47:68:29:c7:0a:d4:5b:49:41:d7:da:7c:cb:40:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92680145cfb2371ecf4c364726b64708572c4223
        Validity
            Not Before: Apr 29 16:00:39 2025 GMT
            Not After : Apr 30 16:00:39 2025 GMT
        Subject: CN=8c7dc532514ea5b75a82a99d21c54f14353c4cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:90:94:a9:63:3f:2d:d3:f9:36:5f:ce:7b:b5:
                    9e:38:66:4e:9d:14:24:e7:c7:fa:d2:9e:94:ee:21:
                    b6:af:fc:6a:2d:f7:37:ee:d6:65:8d:81:6e:ca:ec:
                    14:44:ee:b9:d2:bc:9e:45:37:a1:bd:88:fb:3c:a2:
                    97:d3:a9:3d:a6:52:2b:3b:ad:b1:73:d5:6c:55:36:
                    d4:d9:aa:87:c0:c4:5c:96:74:ff:a0:02:2a:59:14:
                    4e:fb:ce:9f:ef:05:d5:d0:5a:ad:54:fb:b9:d2:64:
                    57:76:aa:01:63:e7:8f:86:e8:fd:2a:f0:c2:29:1b:
                    41:ec:27:0a:8a:d8:28:26:cf:a3:07:c8:2c:7c:ad:
                    c3:64:04:5b:73:a1:96:cb:18:21:b7:9b:60:60:90:
                    44:b4:36:95:82:a9:1a:d1:a8:91:bb:ef:da:81:5e:
                    68:da:6a:05:a6:c3:2b:b6:1b:bb:c6:fe:d7:b4:ca:
                    a8:8c:6b:b0:aa:1c:8b:f0:e6:3c:0c:4c:34:5b:00:
                    d5:6f:ff:7a:2d:e2:26:40:7f:29:34:eb:7d:d0:bd:
                    e5:d2:72:b7:5c:ce:16:81:80:d1:82:d2:cb:41:88:
                    17:4d:75:6d:7f:a7:f9:69:e4:78:7c:25:5d:00:b7:
                    68:d3:4e:ca:4a:d0:66:b8:da:57:bb:c4:30:a1:fe:
                    ec:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:7D:C5:32:51:4E:A5:B7:5A:82:A9:9D:21:C5:4F:14:35:3C:4C:DA
            X509v3 Authority Key Identifier:
                keyid:92:68:01:45:CF:B2:37:1E:CF:4C:36:47:26:B6:47:08:57:2C:42:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:87:fd:cd:5b:cc:1b:f7:c8:10:ae:33:12:83:57:a1:b3:03:
         58:b8:d7:15:f8:03:bd:1c:5a:94:11:bf:ac:60:06:f4:d8:96:
         b9:c6:ab:db:e1:d2:d5:dd:d3:54:14:b9:9a:4b:ac:d9:d6:e8:
         69:18:04:4c:96:62:37:9e:97:56:2f:c8:e0:eb:a0:76:2f:fa:
         ef:53:18:2f:7f:f8:eb:86:5d:45:cd:5b:d8:6b:13:55:25:12:
         57:08:28:46:c8:2e:89:78:32:52:03:be:02:f9:f7:ff:32:d1:
         bb:44:49:5b:b2:4c:6a:45:ec:54:f8:ca:38:8c:99:21:6a:fe:
         5e:5e:62:d9:30:d5:4b:48:d6:58:59:70:c2:60:27:ee:ae:33:
         b8:dd:94:c5:cb:6c:0f:37:e4:16:d6:05:4e:34:d5:9d:21:c4:
         e9:2b:ca:c3:53:93:3d:27:c8:c4:48:2e:9b:10:0d:75:eb:7c:
         5d:eb:b1:3d:c1:61:98:a6:5d:2b:60:73:90:38:4f:a5:d7:50:
         4a:78:62:ee:f7:72:ec:d4:54:02:b3:f1:46:79:b1:dd:cc:67:
         6e:d0:db:fc:26:66:2e:b6:01:2c:bc:70:26:7f:f2:ae:04:b5:
         25:64:8c:68:5a:a4:91:73:02:da:87:b4:c1:ba:13:b3:51:ba:
         1b:5f:23:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCR2gpxwrUW0lB19p8y0ACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjgwMTQ1Y2ZiMjM3MWVjZjRjMzY0NzI2YjY0NzA4NTcy
YzQyMjMwHhcNMjUwNDI5MTYwMDM5WhcNMjUwNDMwMTYwMDM5WjAzMTEwLwYDVQQD
Eyg4YzdkYzUzMjUxNGVhNWI3NWE4MmE5OWQyMWM1NGYxNDM1M2M0Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpCUqWM/LdP5Nl/Oe7WeOGZOnRQk
58f60p6U7iG2r/xqLfc37tZljYFuyuwURO650ryeRTehvYj7PKKX06k9plIrO62x
c9VsVTbU2aqHwMRclnT/oAIqWRRO+86f7wXV0FqtVPu50mRXdqoBY+ePhuj9KvDC
KRtB7CcKitgoJs+jB8gsfK3DZARbc6GWyxght5tgYJBEtDaVgqka0aiRu+/agV5o
2moFpsMrthu7xv7XtMqojGuwqhyL8OY8DEw0WwDVb/96LeImQH8pNOt90L3l0nK3
XM4WgYDRgtLLQYgXTXVtf6f5aeR4fCVdALdo007KStBmuNpXu8Qwof7sRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIx9xTJRTqW3WoKpnSHFTxQ1PEzaMB8GA1UdIwQY
MBaAFJJoAUXPsjcez0w2Rya2RwhXLEIjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xM2Y2OWEtMGJiZC00NTk1LThhNDQt
MTNkN2JlYmY0N2JhLzEva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xM2Y2OWEtMGJiZC00NTk1LThhNDQtMTNkN2JlYmY0N2Jh
LzEva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgof9zVvM
G/fIEK4zEoNXobMDWLjXFfgDvRxalBG/rGAG9NiWucar2+HS1d3TVBS5mkus2dbo
aRgETJZiN56XVi/I4Ougdi/671MYL3/464ZdRc1b2GsTVSUSVwgoRsguiXgyUgO+
Avn3/zLRu0RJW7JMakXsVPjKOIyZIWr+Xl5i2TDVS0jWWFlwwmAn7q4zuN2Uxcts
DzfkFtYFTjTVnSHE6SvKw1OTPSfIxEgumxANdet8XeuxPcFhmKZdK2BzkDhPpddQ
Snhi7vdy7NRUArPxRnmx3cxnbtDb/CZmLrYBLLxwJn/yrgS1JWSMaFqkkXMC2oe0
wboTs1G6G18jzQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:16:16 2025 by rpki-client