Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
File:                     kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft (raw, json)
Hash identifier:          rWqvSyTU+5xe9ixggoMYesDreVwgWLUENvuG3EOEs9Q=
Subject key identifier:   0A:9D:11:B1:EF:86:7F:49:58:80:34:0B:1C:A1:61:EE:81:3F:14:C9
Authority key identifier: 92:68:01:45:CF:B2:37:1E:CF:4C:36:47:26:B6:47:08:57:2C:42:23
Certificate issuer:       /CN=92680145cfb2371ecf4c364726b64708572c4223
Certificate serial:       0196843564F8974E5E76848E723413A1661C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
Manifest number:          0924
Signing time:             Wed 30 Apr 2025 01:00:13 +0000
Manifest this update:     Wed 30 Apr 2025 01:00:13 +0000
Manifest next update:     Thu 01 May 2025 01:00:13 +0000
Files and hashes:         1: Q4eb_NSVD1Iy6yzBzsYZdGRXZqY.roa (hash: ZnYNRkpn3lYvlFcVLCOCLjxdS7Ti3DktlWPMIiudM+0=)
                          2: kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl (hash: 9tAWX4RaOWFM6DNVphiGKYv952PEAs6vLT7WbWjwo1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:35:64:f8:97:4e:5e:76:84:8e:72:34:13:a1:66:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92680145cfb2371ecf4c364726b64708572c4223
        Validity
            Not Before: Apr 30 01:00:13 2025 GMT
            Not After : May  1 01:00:13 2025 GMT
        Subject: CN=0a9d11b1ef867f495880340b1ca161ee813f14c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4a:33:4a:5f:5d:a2:82:83:67:09:1f:27:38:
                    83:7c:01:99:a8:bc:74:52:c0:38:e1:3e:b2:eb:55:
                    0d:9f:13:d5:5d:4c:4b:75:84:14:8d:10:20:42:60:
                    26:80:14:c5:7f:13:b0:40:55:ca:b0:d8:6d:92:36:
                    5c:8b:4a:39:6f:28:d8:a5:aa:c0:96:40:f7:0c:65:
                    ac:1d:54:22:91:f6:ad:ec:52:17:52:8d:ea:28:7b:
                    49:47:aa:d0:67:1e:89:31:58:ef:80:7d:17:8d:c2:
                    a8:91:b7:3a:5c:b9:72:65:c8:22:ec:ad:d5:cd:20:
                    a1:54:be:22:9f:2e:d0:f4:bc:a8:cd:6b:6c:91:f2:
                    8c:3c:f7:67:a1:f9:dc:81:ea:68:da:4e:7d:46:45:
                    8c:0a:3b:91:85:65:21:cc:f8:da:8f:a6:b8:e1:fd:
                    2d:12:63:e4:13:b8:0d:5d:37:53:fc:c2:02:a7:8b:
                    91:55:80:f6:c5:bd:85:b5:dd:e6:85:9f:de:23:9a:
                    9a:cd:a8:9f:cd:5a:bc:e2:1e:c3:81:74:35:98:45:
                    7b:c4:9d:b2:f5:22:53:3e:18:be:23:fd:1e:e7:ad:
                    f3:c1:8e:e3:c2:c8:e3:3e:6e:b0:54:ca:5d:ca:b2:
                    e5:e5:d0:69:f1:6f:b1:18:8a:56:82:c3:9c:a4:f0:
                    e2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:9D:11:B1:EF:86:7F:49:58:80:34:0B:1C:A1:61:EE:81:3F:14:C9
            X509v3 Authority Key Identifier:
                keyid:92:68:01:45:CF:B2:37:1E:CF:4C:36:47:26:B6:47:08:57:2C:42:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmgBRc-yNx7PTDZHJrZHCFcsQiM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/13f69a-0bbd-4595-8a44-13d7bebf47ba/1/kmgBRc-yNx7PTDZHJrZHCFcsQiM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:7c:68:24:7b:2d:ee:ce:c8:7a:84:6f:82:c5:d7:36:39:09:
         72:3d:3f:b8:28:8e:bf:ab:2a:f2:ef:e5:94:66:26:cd:08:87:
         26:51:ff:3c:eb:c3:59:6f:61:c0:55:a1:09:e4:b7:1a:d2:44:
         9a:c7:f5:2f:c5:39:e1:32:e2:b2:4d:91:c1:75:c4:79:83:d0:
         41:16:37:08:a0:4f:3a:37:e2:ac:e1:e6:0f:6a:02:68:fc:c2:
         38:60:e8:37:04:3b:7e:ae:55:fe:99:75:4e:a8:f2:6d:1f:f5:
         07:d1:e3:db:87:99:f0:91:b8:20:49:b9:0a:e6:d8:97:84:3a:
         d6:ed:bf:13:51:ab:7e:17:c2:94:99:e7:ad:f8:b7:04:45:13:
         03:85:b5:19:0d:e9:93:7f:89:85:54:f3:e2:c5:6b:60:f5:77:
         87:76:38:bf:b7:8d:54:b6:e3:94:b6:1e:93:43:b1:dd:5b:67:
         a8:10:80:4a:d5:1f:d3:e1:04:f8:a1:72:2e:4f:a0:40:24:56:
         7e:da:fe:93:47:05:70:d6:9b:a4:40:0a:d8:d1:d3:c7:6d:d1:
         15:d4:1e:53:1a:28:c2:eb:71:3c:bf:7f:fd:d0:3a:18:6f:44:
         8a:98:5f:f4:a6:e5:44:4a:cb:b5:4e:d1:b4:f0:fd:67:1b:2b:
         64:67:14:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaENWT4l05edoSOcjQToWYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjgwMTQ1Y2ZiMjM3MWVjZjRjMzY0NzI2YjY0NzA4NTcy
YzQyMjMwHhcNMjUwNDMwMDEwMDEzWhcNMjUwNTAxMDEwMDEzWjAzMTEwLwYDVQQD
EygwYTlkMTFiMWVmODY3ZjQ5NTg4MDM0MGIxY2ExNjFlZTgxM2YxNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUozSl9dooKDZwkfJziDfAGZqLx0
UsA44T6y61UNnxPVXUxLdYQUjRAgQmAmgBTFfxOwQFXKsNhtkjZci0o5byjYparA
lkD3DGWsHVQikfat7FIXUo3qKHtJR6rQZx6JMVjvgH0XjcKokbc6XLlyZcgi7K3V
zSChVL4iny7Q9LyozWtskfKMPPdnofncgepo2k59RkWMCjuRhWUhzPjaj6a44f0t
EmPkE7gNXTdT/MICp4uRVYD2xb2Ftd3mhZ/eI5qazaifzVq84h7DgXQ1mEV7xJ2y
9SJTPhi+I/0e563zwY7jwsjjPm6wVMpdyrLl5dBp8W+xGIpWgsOcpPDiBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqdEbHvhn9JWIA0CxyhYe6BPxTJMB8GA1UdIwQY
MBaAFJJoAUXPsjcez0w2Rya2RwhXLEIjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xM2Y2OWEtMGJiZC00NTk1LThhNDQt
MTNkN2JlYmY0N2JhLzEva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xM2Y2OWEtMGJiZC00NTk1LThhNDQtMTNkN2JlYmY0N2Jh
LzEva21nQlJjLXlOeDdQVERaSEpyWkhDRmNzUWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3xoJHst
7s7IeoRvgsXXNjkJcj0/uCiOv6sq8u/llGYmzQiHJlH/POvDWW9hwFWhCeS3GtJE
msf1L8U54TLisk2RwXXEeYPQQRY3CKBPOjfirOHmD2oCaPzCOGDoNwQ7fq5V/pl1
TqjybR/1B9Hj24eZ8JG4IEm5CubYl4Q61u2/E1GrfhfClJnnrfi3BEUTA4W1GQ3p
k3+JhVTz4sVrYPV3h3Y4v7eNVLbjlLYek0Ox3VtnqBCAStUf0+EE+KFyLk+gQCRW
ftr+k0cFcNabpEAK2NHTx23RFdQeUxoowutxPL9//dA6GG9Eiphf9KblRErLtU7R
tPD9ZxsrZGcUXw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 04:29:31 2025 by rpki-client