Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          Gm5qyMJo6R+YPqDiMEueeMxM4XCtcZdDLcHmqOMlp0I=
Subject key identifier:   1B:CA:9F:83:68:58:92:62:4C:74:99:1D:32:CF:CD:72:06:33:21:46
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       01976961B2A28114500E9E133F7FD7139CBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          10D8
Signing time:             Fri 13 Jun 2025 13:01:39 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:39 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:39 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: xozwC1EvnwKot7XlTxx5fGr5v7IncWomyS9NqqS9BtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:b2:a2:81:14:50:0e:9e:13:3f:7f:d7:13:9c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Jun 13 13:01:39 2025 GMT
            Not After : Jun 14 13:01:39 2025 GMT
        Subject: CN=1bca9f83685892624c74991d32cfcd7206332146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9a:92:9c:4a:17:e9:7c:d5:b5:af:17:1f:49:
                    14:8a:22:b2:32:c3:42:b0:60:81:dd:a3:26:c7:34:
                    27:9f:b0:ee:cf:d8:32:11:3a:3f:93:eb:d1:d3:1e:
                    06:ae:78:18:65:c6:90:89:6b:92:6a:d9:a3:bc:11:
                    92:46:39:b5:d9:b4:b8:db:dc:41:4f:3b:21:08:b0:
                    f9:74:6f:51:ac:0e:0d:be:92:28:62:c3:08:c5:a4:
                    91:2a:dc:33:5c:60:89:a2:1b:74:83:90:bf:c2:f6:
                    3f:ab:de:61:b5:c6:0e:e8:de:03:09:3d:c4:89:01:
                    f8:10:a2:1b:51:4b:92:a3:8a:19:c4:09:96:6a:4b:
                    89:b7:33:95:f7:7f:dd:58:42:82:d9:84:cb:e0:12:
                    f2:ad:9c:40:5d:d3:c5:d6:1d:81:9a:76:1a:30:4f:
                    96:50:5d:6c:d9:e5:c9:9c:db:b1:9d:f7:dc:b6:16:
                    85:a9:f1:19:c1:98:1e:06:18:ca:6b:7f:9b:cc:1f:
                    27:b0:16:f7:6d:01:b8:ba:d6:a3:84:5b:c6:ae:07:
                    5d:84:60:8f:f7:b4:93:7d:82:5c:06:89:61:38:dc:
                    52:ff:aa:2e:a5:67:69:bf:38:47:c4:2a:c1:5a:b0:
                    83:f6:2c:2f:e1:c3:8d:2e:95:c9:e5:80:98:d6:4b:
                    72:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:CA:9F:83:68:58:92:62:4C:74:99:1D:32:CF:CD:72:06:33:21:46
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:17:c9:b7:dd:fd:c2:1c:a1:f6:20:14:9f:6d:24:31:8f:90:
         10:73:fe:cc:5f:7f:74:fa:1c:35:a7:b4:5c:f5:b8:54:7e:5d:
         b7:d0:8b:ce:50:a5:f4:33:3b:af:2a:27:c7:7f:3e:a0:bd:39:
         73:00:2d:e9:02:8e:85:30:7d:a9:05:1c:a9:26:43:96:71:ab:
         e5:dd:99:1e:26:c5:f4:1c:d4:6d:65:a1:38:9a:2c:a4:4a:af:
         96:41:6e:3d:11:f2:26:29:15:cd:62:de:7f:be:fe:81:10:39:
         2c:b0:6e:7c:d7:5f:24:12:1f:e8:a2:25:bc:b3:f9:7f:7d:d5:
         32:10:43:54:cf:65:0d:0d:80:31:c0:25:92:2b:c0:91:f3:80:
         54:33:49:85:e1:54:32:8f:28:99:32:53:12:5e:42:a3:01:eb:
         89:1d:6f:09:2a:fb:e8:60:32:08:e7:0b:36:c7:68:95:9d:0a:
         72:25:3a:a6:8d:92:c3:1b:8a:4d:3a:20:4a:68:7f:37:e7:26:
         63:b9:a9:01:22:4f:41:78:03:2b:44:66:80:3f:35:e7:ec:bd:
         d1:3a:b3:65:b1:15:14:59:31:91:8d:a4:47:8d:e9:27:85:84:
         00:93:56:bc:63:ca:96:5e:50:a5:94:9e:0c:12:39:5a:47:83:
         1e:e3:c6:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYbKigRRQDp4TP3/XE5y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUwNjEzMTMwMTM5WhcNMjUwNjE0MTMwMTM5WjAzMTEwLwYDVQQD
EygxYmNhOWY4MzY4NTg5MjYyNGM3NDk5MWQzMmNmY2Q3MjA2MzMyMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZqSnEoX6XzVta8XH0kUiiKyMsNC
sGCB3aMmxzQnn7Duz9gyETo/k+vR0x4GrngYZcaQiWuSatmjvBGSRjm12bS429xB
TzshCLD5dG9RrA4NvpIoYsMIxaSRKtwzXGCJoht0g5C/wvY/q95htcYO6N4DCT3E
iQH4EKIbUUuSo4oZxAmWakuJtzOV93/dWEKC2YTL4BLyrZxAXdPF1h2BmnYaME+W
UF1s2eXJnNuxnffcthaFqfEZwZgeBhjKa3+bzB8nsBb3bQG4utajhFvGrgddhGCP
97STfYJcBolhONxS/6oupWdpvzhHxCrBWrCD9iwv4cONLpXJ5YCY1ktyBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvKn4NoWJJiTHSZHTLPzXIGMyFGMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXRfJt939
whyh9iAUn20kMY+QEHP+zF9/dPocNae0XPW4VH5dt9CLzlCl9DM7ryonx38+oL05
cwAt6QKOhTB9qQUcqSZDlnGr5d2ZHibF9BzUbWWhOJospEqvlkFuPRHyJikVzWLe
f77+gRA5LLBufNdfJBIf6KIlvLP5f33VMhBDVM9lDQ2AMcAlkivAkfOAVDNJheFU
Mo8omTJTEl5CowHriR1vCSr76GAyCOcLNsdolZ0KciU6po2SwxuKTTogSmh/N+cm
Y7mpASJPQXgDK0RmgD815+y90TqzZbEVFFkxkY2kR43pJ4WEAJNWvGPKll5QpZSe
DBI5WkeDHuPGSQ==
-----END CERTIFICATE-----