Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          GebsaZ8PSNtfso74MtRM0ul35Q62bmASnIEw97l6bkw=
Subject key identifier:   72:8A:0C:A8:86:F0:0B:B5:2C:C7:85:36:91:ED:F0:D3:96:15:7A:AC
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       01976D3D52DB9D2E23EE3521E5E2FE3AD10B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          062E
Signing time:             Sat 14 Jun 2025 07:00:24 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:24 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:24 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: 3q53tGBQhvFbrVbZpOb6w93bfNDyHuvSCD6ShfMp3Is=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:52:db:9d:2e:23:ee:35:21:e5:e2:fe:3a:d1:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Jun 14 07:00:24 2025 GMT
            Not After : Jun 15 07:00:24 2025 GMT
        Subject: CN=728a0ca886f00bb52cc7853691edf0d396157aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0f:52:35:fe:87:07:d9:9c:a6:34:6a:f9:f9:
                    00:4d:59:4a:d0:bd:c1:79:dc:35:7f:44:7d:fc:06:
                    39:6a:3b:de:7f:4f:ff:02:40:f8:ce:98:2a:cb:3d:
                    bd:b8:50:ae:67:d2:5c:aa:7f:f7:7b:a3:34:10:01:
                    45:ca:c9:e0:68:89:e1:d9:b6:52:72:a0:9a:e8:e4:
                    07:21:bf:b5:73:fe:57:e2:ba:0b:b1:ab:67:7d:db:
                    68:1d:67:47:a7:b5:5e:2e:59:48:f8:34:2f:7e:86:
                    53:2e:0a:64:52:55:9a:ad:5c:1f:fe:d4:50:6e:c9:
                    63:12:c8:ac:a2:55:da:b4:5a:17:f0:19:5a:88:a3:
                    17:ae:9c:56:24:d8:8b:c1:5e:49:94:86:c1:e4:d3:
                    bd:73:7a:5c:a9:01:7d:c9:bb:95:82:79:4d:ae:9f:
                    b6:46:13:e5:c2:e0:16:91:c2:50:0b:65:54:3b:68:
                    02:ae:01:2d:cc:e5:74:66:44:eb:ff:ac:17:3e:c5:
                    4f:5c:7c:a1:e6:dc:87:02:a0:d9:8a:69:07:e5:4e:
                    f3:fc:90:4d:e2:b8:a1:1d:2a:53:d9:d4:4d:cb:d7:
                    f9:f5:be:3a:f6:d8:a1:c3:5a:da:40:95:09:4e:5e:
                    1e:39:fd:2f:87:54:d6:0e:9e:70:72:39:8d:aa:14:
                    eb:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:8A:0C:A8:86:F0:0B:B5:2C:C7:85:36:91:ED:F0:D3:96:15:7A:AC
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:98:b6:c0:02:21:76:38:2c:c6:58:e8:98:e3:de:f0:94:39:
         74:32:44:01:c0:c0:5b:49:fe:56:78:71:ee:f4:10:b5:b6:70:
         65:a9:40:d3:40:5d:4d:86:6a:90:bc:cb:80:2c:6c:f6:c3:53:
         5b:6d:3c:c0:a8:4c:1e:dd:2e:c3:d9:02:c2:bf:7b:c1:50:24:
         48:71:c1:2c:ff:0c:fb:8d:0e:38:01:73:3f:46:ba:25:1f:96:
         a9:3f:91:9c:6e:e5:88:f2:28:e0:3d:fa:e7:96:c0:40:64:0f:
         e1:d5:2a:5b:ef:c3:b5:9a:c7:69:87:9c:a3:98:a0:19:f2:ae:
         b4:59:ad:4e:d8:6f:c6:8b:eb:d6:9d:9c:1a:8c:b1:e4:25:d9:
         d5:e9:92:97:da:28:0c:2e:da:c0:ce:af:88:e8:ec:f0:e1:13:
         4c:14:9c:03:b5:f0:cf:7b:df:82:7b:0f:16:a7:c0:ca:5e:7b:
         3a:f6:10:80:aa:f4:8c:67:42:7e:4f:18:52:81:59:05:73:1c:
         26:68:70:75:88:6c:52:d3:0e:78:60:4d:86:94:bc:70:86:4c:
         82:1a:8e:26:c8:4d:f1:4e:52:a5:f1:0a:44:bb:b0:f1:a7:04:
         a7:36:e2:87:22:46:ca:fe:8d:fc:c0:ed:98:90:17:57:09:80:
         e2:ce:54:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPVLbnS4j7jUh5eL+OtELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUwNjE0MDcwMDI0WhcNMjUwNjE1MDcwMDI0WjAzMTEwLwYDVQQD
Eyg3MjhhMGNhODg2ZjAwYmI1MmNjNzg1MzY5MWVkZjBkMzk2MTU3YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw9SNf6HB9mcpjRq+fkATVlK0L3B
edw1f0R9/AY5ajvef0//AkD4zpgqyz29uFCuZ9Jcqn/3e6M0EAFFysngaInh2bZS
cqCa6OQHIb+1c/5X4roLsatnfdtoHWdHp7VeLllI+DQvfoZTLgpkUlWarVwf/tRQ
bsljEsisolXatFoX8BlaiKMXrpxWJNiLwV5JlIbB5NO9c3pcqQF9ybuVgnlNrp+2
RhPlwuAWkcJQC2VUO2gCrgEtzOV0ZkTr/6wXPsVPXHyh5tyHAqDZimkH5U7z/JBN
4rihHSpT2dRNy9f59b469tihw1raQJUJTl4eOf0vh1TWDp5wcjmNqhTrEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKKDKiG8Au1LMeFNpHt8NOWFXqsMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJi2wAIh
djgsxljomOPe8JQ5dDJEAcDAW0n+Vnhx7vQQtbZwZalA00BdTYZqkLzLgCxs9sNT
W208wKhMHt0uw9kCwr97wVAkSHHBLP8M+40OOAFzP0a6JR+WqT+RnG7liPIo4D36
55bAQGQP4dUqW+/DtZrHaYeco5igGfKutFmtTthvxovr1p2cGoyx5CXZ1emSl9oo
DC7awM6viOjs8OETTBScA7Xwz3vfgnsPFqfAyl57OvYQgKr0jGdCfk8YUoFZBXMc
JmhwdYhsUtMOeGBNhpS8cIZMghqOJshN8U5SpfEKRLuw8acEpzbihyJGyv6N/MDt
mJAXVwmA4s5ULg==
-----END CERTIFICATE-----