Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
File:                     KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft (raw, json)
Hash identifier:          1dChV+GJaYorszcjxH1MhG6f+lIvkGVuvpDswczs+2w=
Subject key identifier:   DD:48:75:A6:15:93:FE:39:74:4A:EA:6A:82:A6:41:87:3C:9C:38:12
Authority key identifier: 29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59
Certificate issuer:       /CN=2947987768647eeb8a0f3860c44176247ce6fc59
Certificate serial:       01967B3295BF80F317108A26072D3A117E85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
Manifest number:          0D29
Signing time:             Mon 28 Apr 2025 07:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 07:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 07:00:34 +0000
Files and hashes:         1: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl (hash: xNww1ZNSjq7dFAcuxEuuuaDptp0Mn56m5HqQq1UaJBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:32:95:bf:80:f3:17:10:8a:26:07:2d:3a:11:7e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2947987768647eeb8a0f3860c44176247ce6fc59
        Validity
            Not Before: Apr 28 07:00:34 2025 GMT
            Not After : Apr 29 07:00:34 2025 GMT
        Subject: CN=dd4875a61593fe39744aea6a82a641873c9c3812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e2:54:ef:e7:1c:2d:8d:02:97:af:6b:ab:e3:
                    00:ce:25:51:18:46:a3:b9:21:db:fd:37:d2:3e:be:
                    f9:c0:78:40:79:4f:f4:11:07:d3:1c:9d:a3:f8:aa:
                    b5:aa:82:47:b5:72:08:44:1d:83:dd:ae:a1:6c:24:
                    84:57:6e:5a:c5:b4:74:2b:11:58:de:a6:4e:b3:7f:
                    4a:ea:f5:3a:9b:db:a4:59:8a:4c:91:63:87:81:d1:
                    f7:c4:f4:2c:28:65:65:84:2a:74:0b:f5:b9:31:de:
                    87:ea:aa:68:83:af:17:9f:15:1b:59:4a:ab:78:5f:
                    1d:ef:3e:46:b0:61:2f:30:4c:98:ca:af:b8:cb:b5:
                    6f:57:81:66:ab:ef:89:69:69:16:0b:be:c5:db:ee:
                    80:78:71:15:9c:a7:3d:70:99:34:14:dd:9d:b0:e2:
                    5d:25:ff:a8:32:35:a2:4c:c5:e3:cb:27:3f:c9:4e:
                    7a:7b:ce:3b:95:94:2c:b1:8f:cf:36:ba:41:05:41:
                    02:d7:69:2c:d4:85:0f:28:eb:0d:eb:67:ab:92:65:
                    44:92:7c:06:7d:29:21:04:09:df:0b:28:84:62:be:
                    0e:61:bf:25:c5:28:a5:74:82:da:3f:d5:c7:91:6c:
                    9e:b7:03:4f:ad:16:6b:11:38:15:92:f8:9a:46:99:
                    a7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:48:75:A6:15:93:FE:39:74:4A:EA:6A:82:A6:41:87:3C:9C:38:12
            X509v3 Authority Key Identifier:
                keyid:29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:60:d4:42:39:c4:80:72:2c:c8:5c:96:14:2e:11:ce:88:71:
         0f:0a:12:f4:c5:72:66:97:93:f4:73:8a:a6:df:2a:f8:e4:41:
         33:e8:90:d3:16:2e:e2:a0:ef:c3:52:a3:a0:b7:6e:7b:1f:ea:
         c1:92:85:90:a6:ff:18:d6:ba:fe:44:86:cd:b7:88:55:73:0a:
         1d:c3:71:c2:7e:e0:70:04:21:a0:e0:11:62:c6:49:41:c2:45:
         03:93:66:ea:96:45:0c:d4:d8:83:02:e2:78:5f:2d:7d:16:bc:
         40:35:b2:dd:01:bf:40:1c:af:b1:8d:98:e9:c7:90:25:02:82:
         0a:d0:75:d0:2c:ed:ba:b4:58:55:c0:77:77:da:46:e3:5d:d1:
         2c:93:69:99:80:7a:7f:22:78:a8:62:cc:a3:5c:26:4d:10:b8:
         c2:8b:50:8e:1e:9e:2a:50:99:11:45:11:6b:ea:02:bf:08:2f:
         70:b7:89:95:ca:f1:9f:31:bc:0d:5e:fe:34:1a:20:39:29:f3:
         a3:f1:09:02:ec:00:2e:99:8b:ae:02:ce:81:96:c1:5f:26:98:
         1f:1e:ab:0b:ee:95:ad:ab:d8:5d:21:54:ed:e5:71:42:16:d1:
         49:6e:50:c7:f2:de:00:c6:da:e4:a1:e3:41:9c:67:47:38:ed:
         7f:42:86:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7MpW/gPMXEIomBy06EX6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDc5ODc3Njg2NDdlZWI4YTBmMzg2MGM0NDE3NjI0N2Nl
NmZjNTkwHhcNMjUwNDI4MDcwMDM0WhcNMjUwNDI5MDcwMDM0WjAzMTEwLwYDVQQD
EyhkZDQ4NzVhNjE1OTNmZTM5NzQ0YWVhNmE4MmE2NDE4NzNjOWMzODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+JU7+ccLY0Cl69rq+MAziVRGEaj
uSHb/TfSPr75wHhAeU/0EQfTHJ2j+Kq1qoJHtXIIRB2D3a6hbCSEV25axbR0KxFY
3qZOs39K6vU6m9ukWYpMkWOHgdH3xPQsKGVlhCp0C/W5Md6H6qpog68XnxUbWUqr
eF8d7z5GsGEvMEyYyq+4y7VvV4Fmq++JaWkWC77F2+6AeHEVnKc9cJk0FN2dsOJd
Jf+oMjWiTMXjyyc/yU56e847lZQssY/PNrpBBUEC12ks1IUPKOsN62erkmVEknwG
fSkhBAnfCyiEYr4OYb8lxSildILaP9XHkWyetwNPrRZrETgVkviaRpmnmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1IdaYVk/45dErqaoKmQYc8nDgSMB8GA1UdIwQY
MBaAFClHmHdoZH7rig84YMRBdiR85vxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODct
NWRhYjFiNGE1YzYxLzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODctNWRhYjFiNGE1YzYx
LzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmDUQjnE
gHIsyFyWFC4RzohxDwoS9MVyZpeT9HOKpt8q+ORBM+iQ0xYu4qDvw1KjoLduex/q
wZKFkKb/GNa6/kSGzbeIVXMKHcNxwn7gcAQhoOARYsZJQcJFA5Nm6pZFDNTYgwLi
eF8tfRa8QDWy3QG/QByvsY2Y6ceQJQKCCtB10CzturRYVcB3d9pG413RLJNpmYB6
fyJ4qGLMo1wmTRC4wotQjh6eKlCZEUURa+oCvwgvcLeJlcrxnzG8DV7+NBogOSnz
o/EJAuwALpmLrgLOgZbBXyaYHx6rC+6VravYXSFU7eVxQhbRSW5Qx/LeAMba5KHj
QZxnRzjtf0KG7w==
-----END CERTIFICATE-----