Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
File:                     KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json)
Hash identifier:          +Qo+Xj0fvCmJMggzufgi228eMDT8ESrbsx970D98qv4=
Subject key identifier:   57:77:AF:41:5C:B1:F8:65:D0:A5:01:D9:BD:A2:08:FE:62:B8:7C:28
Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04
Certificate issuer:       /CN=2880474a96161dde2942cfb9f1856c2ffc880904
Certificate serial:       01968058CB7BD720724579CA56C593758681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
Manifest number:          D2
Signing time:             Tue 29 Apr 2025 07:00:24 +0000
Manifest this update:     Tue 29 Apr 2025 07:00:24 +0000
Manifest next update:     Wed 30 Apr 2025 07:00:24 +0000
Files and hashes:         1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: hVOLhkru2/3dQyE6ocEESKkvfN1kmhmztoVxG7Xpvb8=)
                          2: q2_sbJziOr7rwxyhvKWnkNjMans.roa (hash: 0BH7DATsPfSUKJPP/TZdwOG931UfHO+OV4ftBhPZrwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 07:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:58:cb:7b:d7:20:72:45:79:ca:56:c5:93:75:86:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904
        Validity
            Not Before: Apr 29 07:00:24 2025 GMT
            Not After : Apr 30 07:00:24 2025 GMT
        Subject: CN=5777af415cb1f865d0a501d9bda208fe62b87c28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a1:49:80:ea:d1:3d:f7:b7:8a:44:1f:97:15:
                    79:37:e7:81:ff:d9:a1:c1:ea:29:77:31:3d:58:fc:
                    fb:46:69:4d:f0:5a:c0:fc:cd:01:e8:a8:fd:54:95:
                    3d:72:7d:dd:e5:f8:57:21:cd:17:16:dc:d0:5b:db:
                    2a:24:47:c9:68:6d:72:65:f4:43:87:d7:83:4e:85:
                    b8:38:c4:f8:73:b2:e1:16:c7:a3:7f:97:92:39:46:
                    8b:48:f4:14:c0:89:0a:0d:08:36:f2:c8:51:28:78:
                    ae:7d:54:8c:2c:ba:35:bc:2a:18:a6:ae:4c:91:fe:
                    58:e9:c4:69:6b:37:f3:b1:35:a8:ad:63:a6:dd:45:
                    cd:29:6d:de:3f:06:58:b2:d9:a9:54:4d:c8:89:40:
                    29:34:90:c5:2f:21:e4:54:7f:36:e9:80:47:d8:c7:
                    b7:1a:49:b7:ea:e1:6b:18:02:0b:2d:92:7a:fb:01:
                    f7:6a:e1:e0:18:30:16:6e:c8:26:28:b1:d8:09:ca:
                    ad:21:af:bc:85:36:9d:55:26:eb:33:46:4e:18:06:
                    8d:b5:41:a2:8f:1e:ed:04:40:63:38:6c:c1:01:0e:
                    27:26:25:9c:ca:24:a1:b3:6e:5a:e6:42:0d:31:0f:
                    3c:82:a9:8e:03:3d:ce:c6:3d:00:63:25:34:fd:b1:
                    df:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:77:AF:41:5C:B1:F8:65:D0:A5:01:D9:BD:A2:08:FE:62:B8:7C:28
            X509v3 Authority Key Identifier:
                keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:1d:2a:9c:bc:e2:04:6f:bd:b0:02:76:90:21:7b:5a:0e:0f:
         43:1c:4a:2d:9f:b0:e7:e2:fc:44:96:ce:03:44:17:0b:26:9f:
         33:00:c1:55:22:85:da:4f:02:85:7d:5d:8c:e6:cc:57:c2:38:
         53:22:2a:7c:a7:61:3f:5f:15:a3:02:27:ac:36:a5:52:a2:f2:
         d3:ef:b2:8d:56:20:ca:54:cb:88:41:f2:52:ff:13:bc:a8:04:
         9b:c6:12:bf:00:fa:48:90:f6:1b:c9:a3:3b:1d:ef:18:20:e6:
         e8:5e:85:6b:da:be:22:5e:dd:49:d1:cc:8b:5f:18:82:7e:d0:
         f6:0d:62:4d:e1:9c:13:6b:48:1f:4b:ef:80:28:aa:db:a7:29:
         20:f9:be:30:c1:91:43:18:92:a6:e5:5e:8a:b6:86:3d:83:8f:
         0a:8d:1e:d7:c7:00:d1:d7:7a:78:9b:b9:48:3b:f9:22:a6:b5:
         6f:97:76:10:f0:b1:19:ad:96:54:3f:31:b1:23:de:68:66:0e:
         70:da:4c:56:7f:a6:e0:27:80:92:2b:21:e8:d6:1b:34:e3:e9:
         21:f6:f0:98:b3:b4:74:fe:8f:fa:83:1b:3a:f2:9d:ea:c2:91:
         a0:ec:05:9a:e1:9a:62:05:3f:0f:c9:c0:7c:23:14:ed:a3:c0:
         2a:d9:96:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWMt71yByRXnKVsWTdYaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4
ODA5MDQwHhcNMjUwNDI5MDcwMDI0WhcNMjUwNDMwMDcwMDI0WjAzMTEwLwYDVQQD
Eyg1Nzc3YWY0MTVjYjFmODY1ZDBhNTAxZDliZGEyMDhmZTYyYjg3YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKFJgOrRPfe3ikQflxV5N+eB/9mh
weopdzE9WPz7RmlN8FrA/M0B6Kj9VJU9cn3d5fhXIc0XFtzQW9sqJEfJaG1yZfRD
h9eDToW4OMT4c7LhFsejf5eSOUaLSPQUwIkKDQg28shRKHiufVSMLLo1vCoYpq5M
kf5Y6cRpazfzsTWorWOm3UXNKW3ePwZYstmpVE3IiUApNJDFLyHkVH826YBH2Me3
Gkm36uFrGAILLZJ6+wH3auHgGDAWbsgmKLHYCcqtIa+8hTadVSbrM0ZOGAaNtUGi
jx7tBEBjOGzBAQ4nJiWcyiShs25a5kINMQ88gqmOAz3Oxj0AYyU0/bHfIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFd3r0Fcsfhl0KUB2b2iCP5iuHwoMB8GA1UdIwQY
MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt
NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl
LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJB0qnLzi
BG+9sAJ2kCF7Wg4PQxxKLZ+w5+L8RJbOA0QXCyafMwDBVSKF2k8ChX1djObMV8I4
UyIqfKdhP18VowInrDalUqLy0++yjVYgylTLiEHyUv8TvKgEm8YSvwD6SJD2G8mj
Ox3vGCDm6F6Fa9q+Il7dSdHMi18Ygn7Q9g1iTeGcE2tIH0vvgCiq26cpIPm+MMGR
QxiSpuVeiraGPYOPCo0e18cA0dd6eJu5SDv5Iqa1b5d2EPCxGa2WVD8xsSPeaGYO
cNpMVn+m4CeAkish6NYbNOPpIfbwmLO0dP6P+oMbOvKd6sKRoOwFmuGaYgU/D8nA
fCMU7aPAKtmWgg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:16:41 2025 by rpki-client