Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
File:                     KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json)
Hash identifier:          qrseQUdoqjN+ITjOkPDP0y20hTOCuEYjrkzuKQm4Ig8=
Subject key identifier:   49:4F:60:D5:7C:27:3E:6E:D2:67:13:1F:DB:1A:5D:A4:20:22:30:AB
Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04
Certificate issuer:       /CN=2880474a96161dde2942cfb9f1856c2ffc880904
Certificate serial:       01968623FC1B700C806075CB6AC1AE18CD46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
Manifest number:          D5
Signing time:             Wed 30 Apr 2025 10:00:27 +0000
Manifest this update:     Wed 30 Apr 2025 10:00:27 +0000
Manifest next update:     Thu 01 May 2025 10:00:27 +0000
Files and hashes:         1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: GbJzWv+sGRdhzFbK8Z1OwKZ15oF2YU6hAWj0bP9mW+M=)
                          2: q2_sbJziOr7rwxyhvKWnkNjMans.roa (hash: 0BH7DATsPfSUKJPP/TZdwOG931UfHO+OV4ftBhPZrwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:23:fc:1b:70:0c:80:60:75:cb:6a:c1:ae:18:cd:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904
        Validity
            Not Before: Apr 30 10:00:27 2025 GMT
            Not After : May  1 10:00:27 2025 GMT
        Subject: CN=494f60d57c273e6ed267131fdb1a5da4202230ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:06:4f:7d:a4:99:fc:b0:2c:73:60:2e:57:
                    16:19:ee:f1:9e:b7:1b:00:da:00:c9:02:6c:9c:e6:
                    45:b4:2e:cf:f4:74:43:1e:12:9e:14:61:38:54:e3:
                    4f:84:a8:48:64:b1:f0:49:89:7c:ce:8d:5c:37:54:
                    4a:d2:ea:ba:0e:91:09:df:df:8c:07:ca:50:a6:05:
                    97:6b:83:dc:29:52:b8:2d:94:22:fb:3d:11:22:83:
                    d3:d4:bd:0e:3f:47:1c:d6:de:43:1b:c6:4d:01:b6:
                    15:7e:20:67:b7:38:d8:15:13:08:bf:95:7e:6f:e6:
                    09:d5:da:6a:ba:ec:d4:97:83:0f:d0:90:cf:38:65:
                    d7:95:be:2e:53:e9:b8:6a:00:a2:67:08:2a:f5:41:
                    2c:25:a3:50:5b:ff:b9:2a:c5:b8:2f:b0:3f:3e:ff:
                    ab:b6:f3:fd:b3:73:9e:3d:aa:ec:3b:1b:54:ab:ba:
                    06:24:92:16:95:05:c6:cc:0f:80:42:7a:aa:e6:7f:
                    ce:b3:d7:5d:ed:56:d5:23:b7:e5:98:27:28:50:62:
                    24:e5:fa:a4:45:4d:11:04:cf:e1:83:cb:2d:4f:80:
                    63:ec:53:bf:2e:67:da:0b:fe:4d:86:dd:f6:30:23:
                    df:3d:b3:ad:ca:c9:b6:ea:b1:a9:b1:5e:cf:46:2b:
                    34:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4F:60:D5:7C:27:3E:6E:D2:67:13:1F:DB:1A:5D:A4:20:22:30:AB
            X509v3 Authority Key Identifier:
                keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:cf:bf:5d:28:2b:e4:35:b2:01:f9:a4:af:16:ce:0f:fa:02:
         57:82:f6:5d:ed:58:e9:f3:37:fe:b8:71:22:f3:b1:c6:56:43:
         db:5a:88:bd:5d:20:94:09:7b:51:25:76:26:8e:fa:5e:54:fd:
         aa:f4:23:70:32:ba:c9:b3:6d:e2:64:61:7e:bb:7f:29:bb:91:
         23:9b:e6:a8:56:e9:d6:35:49:97:6c:8d:ca:bf:d6:3a:80:8f:
         31:fc:02:b6:a2:cc:2a:44:3b:3a:70:d3:44:4e:c4:4c:fa:b9:
         a2:c7:29:73:3e:30:48:a0:90:d9:35:fc:1c:53:51:be:e5:6b:
         6e:48:34:64:0a:40:dd:12:86:bd:f7:58:f4:55:0f:22:69:5f:
         9e:cd:15:dd:1e:d3:3a:d7:7f:2e:5e:37:d5:71:e9:16:3b:ee:
         46:37:af:b4:33:2d:33:6e:ad:34:dc:69:82:eb:ed:b3:43:21:
         3e:fe:11:0e:99:4f:b7:50:25:c3:54:e6:87:58:1f:5a:b3:af:
         d6:73:15:cd:70:90:25:f9:7c:e1:5b:72:5b:05:96:9f:52:d5:
         cb:c8:ce:ef:d1:2a:b4:da:ca:91:46:60:f7:88:73:a8:80:1d:
         99:4b:9f:72:18:70:f3:2b:b1:64:08:b1:3d:0b:29:ab:f0:b0:
         a0:69:c9:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGI/wbcAyAYHXLasGuGM1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4
ODA5MDQwHhcNMjUwNDMwMTAwMDI3WhcNMjUwNTAxMTAwMDI3WjAzMTEwLwYDVQQD
Eyg0OTRmNjBkNTdjMjczZTZlZDI2NzEzMWZkYjFhNWRhNDIwMjIzMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2cGT32kmfywLHNgLlcWGe7xnrcb
ANoAyQJsnOZFtC7P9HRDHhKeFGE4VONPhKhIZLHwSYl8zo1cN1RK0uq6DpEJ39+M
B8pQpgWXa4PcKVK4LZQi+z0RIoPT1L0OP0cc1t5DG8ZNAbYVfiBntzjYFRMIv5V+
b+YJ1dpquuzUl4MP0JDPOGXXlb4uU+m4agCiZwgq9UEsJaNQW/+5KsW4L7A/Pv+r
tvP9s3OeParsOxtUq7oGJJIWlQXGzA+AQnqq5n/Os9dd7VbVI7flmCcoUGIk5fqk
RU0RBM/hg8stT4Bj7FO/LmfaC/5Nht32MCPfPbOtysm26rGpsV7PRis0HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElPYNV8Jz5u0mcTH9saXaQgIjCrMB8GA1UdIwQY
MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt
NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl
LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJc+/XSgr
5DWyAfmkrxbOD/oCV4L2Xe1Y6fM3/rhxIvOxxlZD21qIvV0glAl7USV2Jo76XlT9
qvQjcDK6ybNt4mRhfrt/KbuRI5vmqFbp1jVJl2yNyr/WOoCPMfwCtqLMKkQ7OnDT
RE7ETPq5oscpcz4wSKCQ2TX8HFNRvuVrbkg0ZApA3RKGvfdY9FUPImlfns0V3R7T
Otd/Ll431XHpFjvuRjevtDMtM26tNNxpguvts0MhPv4RDplPt1Alw1Tmh1gfWrOv
1nMVzXCQJfl84VtyWwWWn1LVy8jO79EqtNrKkUZg94hzqIAdmUufchhw8yuxZAix
PQspq/CwoGnJRQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 14:12:17 2025 by rpki-client