Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          sdreDezqZ/loW76u7JFv69aqYyez/SxYJp8lgFKpFuk=
Subject key identifier:   DF:42:F1:DC:5A:92:1E:F3:33:38:AC:64:2D:6A:09:8D:DE:96:0C:57
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       01976F2BB0AED99CC4C906A1CA38BAB36108
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          0EB8
Signing time:             Sat 14 Jun 2025 16:00:23 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:23 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:23 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: 4HHOM2nK0G71I29l1Uw7648JsUEgW8Pa+WCQ8UBeY5Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:b0:ae:d9:9c:c4:c9:06:a1:ca:38:ba:b3:61:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Jun 14 16:00:23 2025 GMT
            Not After : Jun 15 16:00:23 2025 GMT
        Subject: CN=df42f1dc5a921ef33338ac642d6a098dde960c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:bd:49:de:c8:df:97:fd:e5:86:c0:05:47:17:
                    c9:7f:a7:52:d3:6b:03:31:eb:7e:31:de:4a:9c:cb:
                    a5:56:5c:57:d9:c9:64:96:74:1c:dc:8b:49:83:b2:
                    59:a0:76:f1:65:37:4f:58:f2:c1:e8:dc:0a:1e:9d:
                    1c:91:3b:69:05:65:7a:03:83:33:c4:c8:a2:51:43:
                    4d:51:89:ec:8b:e6:8c:a1:6d:13:4a:f2:0b:64:b3:
                    4e:c1:c3:90:c7:b1:f7:be:6e:a4:aa:a1:7a:85:a9:
                    d2:d7:e6:be:11:95:a5:d2:60:9b:d2:34:93:92:13:
                    8c:c2:50:cf:ff:4b:66:ad:40:ba:36:13:8b:02:34:
                    84:cd:48:cb:d8:56:8a:59:0d:be:da:e2:16:cc:6b:
                    14:48:f4:b5:72:f6:7f:fe:7a:f0:36:04:5c:98:c8:
                    ee:57:83:c5:56:dc:7f:50:f2:60:7d:fb:40:e8:6d:
                    dd:30:c8:c2:0e:89:1d:ed:51:1d:70:5c:b4:e0:cc:
                    58:65:27:0c:77:cb:4e:8f:c1:7f:bb:c1:83:d3:cb:
                    01:59:d2:05:c1:bc:df:3e:ff:db:d5:f0:41:8f:88:
                    23:44:99:05:c1:42:37:a5:f5:d0:e4:07:8f:42:a9:
                    e7:fe:9d:4d:ee:e3:49:4e:8c:1d:81:40:0b:76:aa:
                    4c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:42:F1:DC:5A:92:1E:F3:33:38:AC:64:2D:6A:09:8D:DE:96:0C:57
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:2b:c6:5f:45:84:b4:87:b4:ba:a6:3a:75:21:56:b2:86:d9:
         7e:3f:d1:49:a8:8e:81:50:e4:78:26:b0:3e:23:64:8f:fc:ec:
         0e:b3:d5:b4:b5:04:cf:dd:5f:d6:73:6e:eb:e0:b7:f4:68:dc:
         f6:45:cd:f4:91:2b:1e:3d:17:b5:eb:35:6a:dc:e3:5b:ad:9d:
         43:94:07:da:19:ed:b4:97:59:8a:64:5b:1f:ee:3e:a0:a2:94:
         8c:c0:97:d6:2b:e2:af:19:a5:73:6d:66:f8:48:50:ba:02:95:
         51:1b:f4:84:39:fc:f8:27:43:af:33:c9:22:04:d0:6a:c1:58:
         a3:45:93:3f:b0:d7:8c:7d:4c:e7:96:a4:28:12:55:47:31:a2:
         cd:8b:ae:4f:be:d5:88:7f:23:5b:43:48:e9:16:62:0a:f5:02:
         68:cb:1e:e5:12:be:72:63:f3:da:69:af:9f:82:db:a3:55:d8:
         3a:d0:68:af:fc:cf:1e:e8:1a:e0:8f:6b:9c:fd:50:a7:78:26:
         ec:0e:96:e4:2b:85:d6:72:58:54:34:47:c6:f8:b3:7d:33:ab:
         c1:4e:d3:4e:03:3f:42:28:a0:77:7c:dd:80:55:c8:a0:ca:0b:
         4b:5f:91:de:5b:a3:3a:82:b8:21:05:55:8b:9d:2c:00:c2:2b:
         7d:39:4f:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK7Cu2ZzEyQahyji6s2EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjUwNjE0MTYwMDIzWhcNMjUwNjE1MTYwMDIzWjAzMTEwLwYDVQQD
EyhkZjQyZjFkYzVhOTIxZWYzMzMzOGFjNjQyZDZhMDk4ZGRlOTYwYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb1J3sjfl/3lhsAFRxfJf6dS02sD
Met+Md5KnMulVlxX2clklnQc3ItJg7JZoHbxZTdPWPLB6NwKHp0ckTtpBWV6A4Mz
xMiiUUNNUYnsi+aMoW0TSvILZLNOwcOQx7H3vm6kqqF6hanS1+a+EZWl0mCb0jST
khOMwlDP/0tmrUC6NhOLAjSEzUjL2FaKWQ2+2uIWzGsUSPS1cvZ//nrwNgRcmMju
V4PFVtx/UPJgfftA6G3dMMjCDokd7VEdcFy04MxYZScMd8tOj8F/u8GD08sBWdIF
wbzfPv/b1fBBj4gjRJkFwUI3pfXQ5AePQqnn/p1N7uNJTowdgUALdqpMXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9C8dxakh7zMzisZC1qCY3elgxXMB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCvGX0WE
tIe0uqY6dSFWsobZfj/RSaiOgVDkeCawPiNkj/zsDrPVtLUEz91f1nNu6+C39Gjc
9kXN9JErHj0Xtes1atzjW62dQ5QH2hnttJdZimRbH+4+oKKUjMCX1ivirxmlc21m
+EhQugKVURv0hDn8+CdDrzPJIgTQasFYo0WTP7DXjH1M55akKBJVRzGizYuuT77V
iH8jW0NI6RZiCvUCaMse5RK+cmPz2mmvn4Lbo1XYOtBor/zPHuga4I9rnP1Qp3gm
7A6W5CuF1nJYVDRHxvizfTOrwU7TTgM/Qiigd3zdgFXIoMoLS1+R3lujOoK4IQVV
i50sAMIrfTlPXQ==
-----END CERTIFICATE-----