Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          iTWMLti81ek5HL1s4gHRvafWXA9ekLIoYBvWEY634Es=
Subject key identifier:   7E:01:78:2C:BD:AF:51:FC:AA:DA:4A:3B:EF:AB:1C:6B:47:28:10:62
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       019782EA1038235893B4C4A238931E750B67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          07E0
Signing time:             Wed 18 Jun 2025 12:01:06 +0000
Manifest this update:     Wed 18 Jun 2025 12:01:06 +0000
Manifest next update:     Thu 19 Jun 2025 12:01:06 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: uSljhdUv0xpAV5w3m8fv7ASq4L7MbWct4Gt+HaoaGdI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:82:ea:10:38:23:58:93:b4:c4:a2:38:93:1e:75:0b:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Jun 18 12:01:06 2025 GMT
            Not After : Jun 19 12:01:06 2025 GMT
        Subject: CN=7e01782cbdaf51fcaada4a3befab1c6b47281062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:fb:9d:aa:e6:8d:4c:ff:f7:f9:4e:cd:f1:4c:
                    c0:c6:c3:29:e0:e3:28:cc:5c:f5:98:c9:ac:08:7a:
                    77:8b:38:a8:05:72:5e:ca:15:d4:9e:b0:9d:7f:95:
                    78:a8:9e:2b:c6:2c:f0:96:3d:9b:40:9f:2c:fb:ab:
                    22:4b:fc:4f:2a:fb:f3:be:2e:0c:2d:c7:a0:df:59:
                    6c:de:6e:9f:b8:35:fc:2c:fd:31:0b:c6:27:a0:c2:
                    7f:b4:28:82:87:20:51:61:de:8b:0f:98:d6:54:2f:
                    ae:21:17:97:18:e8:04:cf:9c:a4:cc:b6:8e:8a:46:
                    40:21:6b:a9:72:3e:1f:71:24:66:75:37:30:af:57:
                    d4:0e:80:a5:92:93:6a:65:64:82:44:0b:17:05:89:
                    d2:71:19:30:35:5c:f0:09:a6:51:7f:b7:f1:bf:85:
                    37:18:36:cd:23:f6:d2:cc:46:a0:31:b9:a7:4c:92:
                    2c:2e:53:e2:b4:77:45:c5:48:46:6b:42:72:90:ae:
                    16:58:36:81:44:93:48:2b:a1:ad:34:a4:34:90:ec:
                    72:35:b5:84:a1:09:7e:7e:df:6c:1b:e1:2c:4e:8b:
                    40:95:95:38:27:0e:5c:a5:21:fb:89:56:0c:cc:98:
                    68:e3:0d:d2:b4:3d:49:85:af:c2:05:2b:61:c4:1f:
                    26:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:01:78:2C:BD:AF:51:FC:AA:DA:4A:3B:EF:AB:1C:6B:47:28:10:62
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:5d:94:39:61:f6:f4:b4:6f:d5:75:cc:65:a5:ca:69:e7:1f:
         65:42:b0:fc:ad:7d:6a:ab:af:d1:0a:ca:e5:64:d8:a4:b3:1c:
         af:cb:19:fd:df:1a:69:06:07:03:f8:da:f9:fd:e5:05:3f:c5:
         83:14:87:d7:08:02:a8:93:df:46:ba:a8:c5:08:70:75:b7:ce:
         dd:a0:e6:7e:b0:db:b2:c5:4d:34:dc:ab:d7:a3:ab:30:db:06:
         71:74:4d:89:a6:d5:2a:5a:83:14:06:6c:b4:42:62:53:7b:35:
         62:6c:d8:3c:8e:ab:7d:e8:66:a3:39:bb:79:48:56:f5:9d:41:
         ce:f1:fc:fb:a8:20:1d:11:43:b8:ce:0b:50:ca:c9:59:1b:d0:
         f6:7a:65:aa:28:4d:ab:20:0c:69:52:67:73:a7:97:3f:f2:b3:
         97:45:26:6b:28:ae:f0:de:0f:6d:1c:7d:36:d2:0b:05:6a:27:
         b1:53:4e:e1:c5:b9:46:d2:a2:96:ba:b5:40:69:92:bc:3a:24:
         52:ab:ee:c9:32:c8:cc:12:f9:1d:a4:1a:f9:de:6c:fb:d5:13:
         4a:26:fa:03:dc:2b:df:08:84:7a:75:99:95:99:11:a7:29:cd:
         fc:0c:49:be:de:a2:b6:7a:1e:d2:c5:97:e2:c3:6c:b6:59:f0:
         9b:c7:24:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeC6hA4I1iTtMSiOJMedQtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjUwNjE4MTIwMTA2WhcNMjUwNjE5MTIwMTA2WjAzMTEwLwYDVQQD
Eyg3ZTAxNzgyY2JkYWY1MWZjYWFkYTRhM2JlZmFiMWM2YjQ3MjgxMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+fudquaNTP/3+U7N8UzAxsMp4OMo
zFz1mMmsCHp3izioBXJeyhXUnrCdf5V4qJ4rxizwlj2bQJ8s+6siS/xPKvvzvi4M
Lceg31ls3m6fuDX8LP0xC8YnoMJ/tCiChyBRYd6LD5jWVC+uIReXGOgEz5ykzLaO
ikZAIWupcj4fcSRmdTcwr1fUDoClkpNqZWSCRAsXBYnScRkwNVzwCaZRf7fxv4U3
GDbNI/bSzEagMbmnTJIsLlPitHdFxUhGa0JykK4WWDaBRJNIK6GtNKQ0kOxyNbWE
oQl+ft9sG+EsTotAlZU4Jw5cpSH7iVYMzJho4w3StD1Jha/CBSthxB8muwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4BeCy9r1H8qtpKO++rHGtHKBBiMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv12UOWH2
9LRv1XXMZaXKaecfZUKw/K19aquv0QrK5WTYpLMcr8sZ/d8aaQYHA/ja+f3lBT/F
gxSH1wgCqJPfRrqoxQhwdbfO3aDmfrDbssVNNNyr16OrMNsGcXRNiabVKlqDFAZs
tEJiU3s1YmzYPI6rfehmozm7eUhW9Z1BzvH8+6ggHRFDuM4LUMrJWRvQ9nplqihN
qyAMaVJnc6eXP/Kzl0Umayiu8N4PbRx9NtILBWonsVNO4cW5RtKilrq1QGmSvDok
UqvuyTLIzBL5HaQa+d5s+9UTSib6A9wr3wiEenWZlZkRpynN/AxJvt6itnoe0sWX
4sNstlnwm8ckEQ==
-----END CERTIFICATE-----