Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File:                     KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier:          hpkMDjI4GYIjhDSTp2yZ/p20hPVyGNCY9iNAbcNJVRY=
Subject key identifier:   89:CB:FF:FB:3A:22:53:62:50:7B:5F:C9:47:A5:80:B2:87:D1:03:24
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer:       /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial:       019896A4AA74FA5491C8F5BE1633E4AC32C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number:          0ED3
Signing time:             Mon 11 Aug 2025 01:00:30 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:30 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:30 +0000
Files and hashes:         1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: WVvK6GsQEcWl84BKZf/e8rYgOajyEs6kk/SqJIR9244=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:aa:74:fa:54:91:c8:f5:be:16:33:e4:ac:32:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
        Validity
            Not Before: Aug 11 01:00:30 2025 GMT
            Not After : Aug 12 01:00:30 2025 GMT
        Subject: CN=89cbfffb3a225362507b5fc947a580b287d10324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:56:0c:de:dc:ac:45:15:31:12:f2:43:75:0a:
                    27:50:7c:d8:95:f2:cf:44:b4:1f:9f:36:43:db:84:
                    e4:bf:85:68:1d:2c:67:ee:a0:39:70:95:04:d4:bd:
                    9e:a9:46:6c:12:4d:49:42:1a:56:6b:cd:e2:81:06:
                    28:d4:67:88:42:31:bc:8f:3b:ea:0d:7b:5a:6b:40:
                    6c:7f:48:62:13:e4:6d:dc:9d:99:d2:b3:a1:81:b4:
                    f4:51:d2:c3:ba:4c:d9:3e:00:a9:0a:04:79:7a:21:
                    e5:5a:f3:fa:9b:1c:fa:ef:7d:93:5b:27:54:fa:db:
                    75:7f:f2:79:39:de:53:9f:ff:02:8b:cc:02:48:43:
                    28:0d:43:b3:9c:69:73:6f:8f:ea:d1:3d:2c:ee:31:
                    0f:9e:ed:e9:6f:f0:76:b9:44:09:c7:6f:48:6e:d7:
                    80:22:01:2b:42:3e:b5:c0:12:92:56:00:b4:78:ad:
                    d0:bb:84:58:b6:45:f8:98:d5:54:cf:17:a3:83:69:
                    e8:82:62:52:ab:85:1b:5c:93:2f:2d:c6:5f:f2:c3:
                    97:a7:65:ff:4c:0f:a1:0e:01:32:f3:23:24:b6:f3:
                    10:31:3e:e5:ac:33:dc:10:ba:0f:90:f3:a7:b1:65:
                    3c:ac:c9:40:d2:90:7b:f1:53:79:12:93:bc:ee:d3:
                    2a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:CB:FF:FB:3A:22:53:62:50:7B:5F:C9:47:A5:80:B2:87:D1:03:24
            X509v3 Authority Key Identifier:
                keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:e7:86:00:7f:74:35:ea:c4:bf:e9:b7:76:b4:8f:94:39:a8:
         ce:6e:9d:1f:0e:b0:2a:7f:f4:6e:44:d6:2a:12:1a:4d:83:64:
         d0:8a:98:6d:ad:a2:b0:2d:a0:a0:6c:92:28:fb:6c:e1:51:8b:
         06:3a:69:0b:73:20:34:a2:3e:97:08:99:72:1d:0b:a2:ff:0f:
         c7:38:f2:30:92:84:48:00:35:91:78:1d:e2:89:cf:0c:c6:2b:
         2c:41:8a:8b:26:e8:a3:74:4c:9a:9e:cf:5f:14:d5:85:d3:45:
         c7:5b:9a:9f:96:95:5e:cb:e4:f1:c2:f7:f9:1f:f8:30:28:4f:
         c8:55:d4:0d:bd:b0:80:d0:9c:61:62:ef:42:78:2c:ef:69:a0:
         7e:33:10:e8:fa:bc:83:4e:3b:89:0c:4b:d8:b2:c1:97:19:7f:
         aa:4f:8b:ed:64:8a:e4:89:b1:cd:3c:e4:52:79:5b:67:6f:0d:
         67:86:50:70:c6:92:ed:06:f9:8a:88:d2:4a:59:ef:27:4e:ad:
         80:dd:02:3c:e3:aa:e5:1e:ba:18:c7:e0:82:93:32:08:7e:9f:
         6f:79:e6:5d:8f:a5:08:d1:16:18:6b:02:de:fb:ec:f7:8d:1b:
         a9:ab:3a:35:15:fe:38:c9:92:7d:29:0e:d4:45:2d:f0:18:5f:
         f1:53:aa:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpKp0+lSRyPW+FjPkrDLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjUwODExMDEwMDMwWhcNMjUwODEyMDEwMDMwWjAzMTEwLwYDVQQD
Eyg4OWNiZmZmYjNhMjI1MzYyNTA3YjVmYzk0N2E1ODBiMjg3ZDEwMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVYM3tysRRUxEvJDdQonUHzYlfLP
RLQfnzZD24Tkv4VoHSxn7qA5cJUE1L2eqUZsEk1JQhpWa83igQYo1GeIQjG8jzvq
DXtaa0Bsf0hiE+Rt3J2Z0rOhgbT0UdLDukzZPgCpCgR5eiHlWvP6mxz6732TWydU
+tt1f/J5Od5Tn/8Ci8wCSEMoDUOznGlzb4/q0T0s7jEPnu3pb/B2uUQJx29IbteA
IgErQj61wBKSVgC0eK3Qu4RYtkX4mNVUzxejg2nogmJSq4UbXJMvLcZf8sOXp2X/
TA+hDgEy8yMktvMQMT7lrDPcELoPkPOnsWU8rMlA0pB78VN5EpO87tMq6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInL//s6IlNiUHtfyUelgLKH0QMkMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnueGAH90
NerEv+m3drSPlDmozm6dHw6wKn/0bkTWKhIaTYNk0IqYba2isC2goGySKPts4VGL
BjppC3MgNKI+lwiZch0Lov8PxzjyMJKESAA1kXgd4onPDMYrLEGKiyboo3RMmp7P
XxTVhdNFx1uan5aVXsvk8cL3+R/4MChPyFXUDb2wgNCcYWLvQngs72mgfjMQ6Pq8
g047iQxL2LLBlxl/qk+L7WSK5ImxzTzkUnlbZ28NZ4ZQcMaS7Qb5iojSSlnvJ06t
gN0CPOOq5R66GMfggpMyCH6fb3nmXY+lCNEWGGsC3vvs940bqas6NRX+OMmSfSkO
1EUt8Bhf8VOqoQ==
-----END CERTIFICATE-----