Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft
File:                     KeieDArUFRV01m8rML0dpKqd8Fs.mft (raw, json)
Hash identifier:          EOIQBqsdWJMFPTjmba1PUM6T3l8KMRTKkvNed7eRwiI=
Subject key identifier:   61:83:2F:7C:A6:41:96:61:66:27:83:9E:1A:05:AC:11:2F:72:4E:0F
Authority key identifier: 29:E8:9E:0C:0A:D4:15:15:74:D6:6F:2B:30:BD:1D:A4:AA:9D:F0:5B
Certificate issuer:       /CN=29e89e0c0ad4151574d66f2b30bd1da4aa9df05b
Certificate serial:       019677FABF27CA80796799E09ED8590E3185
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft
Manifest number:          11DC
Signing time:             Sun 27 Apr 2025 16:00:43 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:43 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:43 +0000
Files and hashes:         1: KeieDArUFRV01m8rML0dpKqd8Fs.crl (hash: cBrBl9aCohyCIB7/IV0kaEj2VaZUC2RiLqfnVi+YHZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:bf:27:ca:80:79:67:99:e0:9e:d8:59:0e:31:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29e89e0c0ad4151574d66f2b30bd1da4aa9df05b
        Validity
            Not Before: Apr 27 16:00:43 2025 GMT
            Not After : Apr 28 16:00:43 2025 GMT
        Subject: CN=61832f7ca64196616627839e1a05ac112f724e0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9b:12:39:e4:97:df:66:dd:e7:03:a3:3d:ed:
                    94:d3:71:7e:90:69:d4:4e:26:97:0e:3d:1c:17:db:
                    e7:59:ac:1a:2d:56:98:e6:69:aa:81:f7:cf:66:6f:
                    62:91:17:92:fb:94:39:e6:73:0d:f0:c5:68:e5:22:
                    4c:00:f3:c5:98:79:4d:f3:a2:5c:3f:d6:7a:b4:85:
                    18:e2:57:74:38:19:67:96:1e:15:96:83:c2:ad:6f:
                    5c:52:dc:1c:a7:17:cc:c0:26:3b:d6:80:4f:27:4d:
                    b6:9a:bc:7b:65:00:60:73:5f:a9:ec:0e:db:cc:6e:
                    2b:21:74:23:b4:3d:10:83:13:6e:c1:61:30:23:2e:
                    4e:48:e9:09:d6:17:e9:9f:15:4f:de:c2:71:c1:11:
                    72:57:5e:5b:8b:5d:53:62:1d:54:31:bc:06:17:e5:
                    15:fa:20:f2:9c:06:0f:53:ae:fe:7a:75:8b:52:0c:
                    83:e6:40:6c:a3:03:05:77:25:ca:96:b8:e8:f6:3a:
                    97:e0:47:d6:8c:f6:e0:78:73:f9:0c:ad:30:e5:ce:
                    11:f2:8f:4d:6d:7b:f8:3a:9e:bf:16:87:11:85:fd:
                    20:37:c8:ec:c2:60:15:b9:0b:a1:9b:9f:1a:b3:57:
                    13:e4:33:d1:67:05:3b:28:f9:1f:3d:17:12:d7:a5:
                    18:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:83:2F:7C:A6:41:96:61:66:27:83:9E:1A:05:AC:11:2F:72:4E:0F
            X509v3 Authority Key Identifier:
                keyid:29:E8:9E:0C:0A:D4:15:15:74:D6:6F:2B:30:BD:1D:A4:AA:9D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:cf:f9:3f:93:c3:4d:69:1b:cb:4f:aa:45:7a:e6:f7:f0:fd:
         c5:8d:a1:ad:9c:de:1d:3a:43:af:dd:02:00:79:c7:b9:d5:de:
         f6:67:39:b6:48:0a:62:e9:e8:a8:f7:39:bb:f3:56:2d:36:d2:
         72:ec:7b:22:f7:a2:45:f7:22:ce:b2:7d:8d:55:12:23:b3:37:
         7d:c3:3f:0c:b7:05:f0:0e:18:03:31:54:00:b8:71:6c:2d:67:
         75:d5:6f:d5:3f:37:ff:39:81:77:49:e7:89:4e:d1:45:3f:5f:
         cb:32:fa:81:28:0b:28:75:6e:ef:a5:cb:a0:db:db:33:4c:f1:
         16:71:a4:6e:0a:0a:74:78:6a:7d:99:13:4b:38:72:11:c8:48:
         0f:1a:75:72:79:9d:e4:ec:c1:ed:10:27:aa:f9:87:2f:86:02:
         f9:02:dd:d9:3a:21:4a:15:ea:d6:cc:a3:6a:98:2e:55:da:9f:
         46:5a:b7:f6:c0:2d:ed:e7:74:dd:4f:4d:ab:73:a9:e7:68:79:
         72:f6:9a:b3:f0:06:63:10:c9:78:46:9b:74:2c:04:2e:6e:53:
         43:66:c9:ca:68:92:08:f7:4c:51:66:17:2d:e5:48:3f:e3:0c:
         86:d3:ee:3d:53:a9:5a:be:a9:96:02:32:44:8d:21:76:9f:50:
         5d:d6:b3:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+r8nyoB5Z5ngnthZDjGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZTg5ZTBjMGFkNDE1MTU3NGQ2NmYyYjMwYmQxZGE0YWE5
ZGYwNWIwHhcNMjUwNDI3MTYwMDQzWhcNMjUwNDI4MTYwMDQzWjAzMTEwLwYDVQQD
Eyg2MTgzMmY3Y2E2NDE5NjYxNjYyNzgzOWUxYTA1YWMxMTJmNzI0ZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppsSOeSX32bd5wOjPe2U03F+kGnU
TiaXDj0cF9vnWawaLVaY5mmqgffPZm9ikReS+5Q55nMN8MVo5SJMAPPFmHlN86Jc
P9Z6tIUY4ld0OBlnlh4VloPCrW9cUtwcpxfMwCY71oBPJ022mrx7ZQBgc1+p7A7b
zG4rIXQjtD0QgxNuwWEwIy5OSOkJ1hfpnxVP3sJxwRFyV15bi11TYh1UMbwGF+UV
+iDynAYPU67+enWLUgyD5kBsowMFdyXKlrjo9jqX4EfWjPbgeHP5DK0w5c4R8o9N
bXv4Op6/FocRhf0gN8jswmAVuQuhm58as1cT5DPRZwU7KPkfPRcS16UYiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGDL3ymQZZhZieDnhoFrBEvck4PMB8GA1UdIwQY
MBaAFCnongwK1BUVdNZvKzC9HaSqnfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iODdjMmEtY2QwMy00NTM4LTlkYzQt
OTkxZmFlNWM5YjA3LzEvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iODdjMmEtY2QwMy00NTM4LTlkYzQtOTkxZmFlNWM5YjA3
LzEvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8/5P5PD
TWkby0+qRXrm9/D9xY2hrZzeHTpDr90CAHnHudXe9mc5tkgKYunoqPc5u/NWLTbS
cux7IveiRfcizrJ9jVUSI7M3fcM/DLcF8A4YAzFUALhxbC1nddVv1T83/zmBd0nn
iU7RRT9fyzL6gSgLKHVu76XLoNvbM0zxFnGkbgoKdHhqfZkTSzhyEchIDxp1cnmd
5OzB7RAnqvmHL4YC+QLd2TohShXq1syjapguVdqfRlq39sAt7ed03U9Nq3Op52h5
cvaas/AGYxDJeEabdCwELm5TQ2bJymiSCPdMUWYXLeVIP+MMhtPuPVOpWr6plgIy
RI0hdp9QXdazbw==
-----END CERTIFICATE-----