Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          mUY11Qgayj2uFtGGxeotb6kKo8r4MCQXdJscAs9MeyM=
Subject key identifier:   75:F4:3D:50:09:A8:B2:17:CE:2F:A4:07:A5:09:58:C1:31:BA:C2:DC
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       019678D62AE402522516CD4FEA5E8206C577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0A96
Signing time:             Sun 27 Apr 2025 20:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:23 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: pzewCGnZ+r9rRDNGKT0IJysvvVKEy/R5zK+WWKd6G4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:2a:e4:02:52:25:16:cd:4f:ea:5e:82:06:c5:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Apr 27 20:00:23 2025 GMT
            Not After : Apr 28 20:00:23 2025 GMT
        Subject: CN=75f43d5009a8b217ce2fa407a50958c131bac2dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:25:63:31:a5:ec:6b:36:5e:c7:e8:3a:03:a4:
                    eb:7f:24:1f:ab:71:22:e5:d9:e7:37:4a:3f:80:30:
                    50:83:22:1b:b5:a0:8f:3b:9d:d3:c1:9d:2b:33:59:
                    2a:a0:d1:de:01:65:75:02:e6:4a:aa:d7:10:c4:3c:
                    85:4d:c3:ba:e7:e7:fa:4f:dd:97:93:6e:eb:92:dd:
                    76:9f:91:56:1c:a1:a3:de:6c:7d:9f:1b:87:54:8e:
                    1e:00:6c:34:42:bd:4f:af:62:71:e1:9f:7a:d1:ff:
                    d7:99:5a:8f:2c:11:d2:ad:64:33:03:a7:86:a7:ee:
                    f9:85:2a:ab:4a:49:54:83:94:d0:17:72:7e:06:4e:
                    7f:7d:9c:2c:a9:58:ae:e0:37:62:d3:83:4c:e3:90:
                    15:60:68:dd:3c:43:f7:76:4d:35:a7:91:4f:b4:d1:
                    95:e2:f1:0f:2c:42:bb:a3:e0:f1:e9:d3:01:c1:26:
                    8c:c1:d2:1c:a5:e9:b8:ff:e6:41:34:d1:41:f5:92:
                    b7:07:d3:de:95:22:f3:f5:e1:ca:91:37:fc:c0:67:
                    3a:5e:ed:79:ae:fb:8d:72:af:aa:aa:ed:5e:d3:45:
                    fa:4c:a2:4b:41:d0:95:20:7a:28:81:05:d1:7f:eb:
                    8e:67:12:82:a0:bd:cb:6d:fa:5b:77:c7:36:57:9a:
                    54:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F4:3D:50:09:A8:B2:17:CE:2F:A4:07:A5:09:58:C1:31:BA:C2:DC
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:32:40:87:ed:21:e1:bd:88:9f:b7:ef:2f:c4:13:61:f9:68:
         9f:b7:9b:29:bd:f7:7f:1c:c0:1f:55:58:93:50:4f:7c:b5:e4:
         50:34:21:8c:6a:89:80:30:0d:20:ff:f3:1e:b5:08:ff:27:19:
         cd:e4:de:f5:2b:88:41:05:60:07:3c:a4:7a:cd:d3:2c:4e:67:
         25:d0:ca:8e:49:4f:c6:b3:22:16:51:c8:22:2b:a9:90:dc:e0:
         97:f6:a2:6e:f7:65:a5:b6:59:fb:b9:3a:9e:ad:9f:3e:eb:0f:
         48:54:8d:36:24:26:82:37:b9:9a:bd:23:3b:de:85:26:33:a3:
         a7:ee:10:51:8d:a7:11:c5:cd:00:9b:0e:c9:e4:e7:ed:33:34:
         a2:34:31:aa:95:3a:e4:e0:08:1e:56:aa:b7:73:61:c3:f7:91:
         11:05:83:d6:fc:4d:d3:13:5d:89:99:ef:f6:dd:34:8e:84:38:
         13:7a:e3:e3:c1:cb:7a:85:91:be:6e:f8:1b:14:f5:d6:61:a7:
         27:85:16:56:f5:4b:aa:2a:52:14:79:4b:ef:5e:08:48:82:79:
         43:59:60:b2:16:6d:8d:10:f9:b6:74:a3:b2:ea:18:f2:28:2e:
         0c:00:20:70:2b:31:c4:2b:d0:b9:62:25:33:32:04:ea:a6:c6:
         69:cf:f1:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41irkAlIlFs1P6l6CBsV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwNDI3MjAwMDIzWhcNMjUwNDI4MjAwMDIzWjAzMTEwLwYDVQQD
Eyg3NWY0M2Q1MDA5YThiMjE3Y2UyZmE0MDdhNTA5NThjMTMxYmFjMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiVjMaXsazZex+g6A6TrfyQfq3Ei
5dnnN0o/gDBQgyIbtaCPO53TwZ0rM1kqoNHeAWV1AuZKqtcQxDyFTcO65+f6T92X
k27rkt12n5FWHKGj3mx9nxuHVI4eAGw0Qr1Pr2Jx4Z960f/XmVqPLBHSrWQzA6eG
p+75hSqrSklUg5TQF3J+Bk5/fZwsqViu4Ddi04NM45AVYGjdPEP3dk01p5FPtNGV
4vEPLEK7o+Dx6dMBwSaMwdIcpem4/+ZBNNFB9ZK3B9PelSLz9eHKkTf8wGc6Xu15
rvuNcq+qqu1e00X6TKJLQdCVIHoogQXRf+uOZxKCoL3Lbfpbd8c2V5pU6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHX0PVAJqLIXzi+kB6UJWMExusLcMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDJAh+0h
4b2In7fvL8QTYflon7ebKb33fxzAH1VYk1BPfLXkUDQhjGqJgDANIP/zHrUI/ycZ
zeTe9SuIQQVgBzykes3TLE5nJdDKjklPxrMiFlHIIiupkNzgl/aibvdlpbZZ+7k6
nq2fPusPSFSNNiQmgje5mr0jO96FJjOjp+4QUY2nEcXNAJsOyeTn7TM0ojQxqpU6
5OAIHlaqt3Nhw/eREQWD1vxN0xNdiZnv9t00joQ4E3rj48HLeoWRvm74GxT11mGn
J4UWVvVLqipSFHlL714ISIJ5Q1lgshZtjRD5tnSjsuoY8iguDAAgcCsxxCvQuWIl
MzIE6qbGac/xbg==
-----END CERTIFICATE-----