Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
File:                     kVijd10MXrOPIPDvmjYRBhpRlbM.mft (raw, json)
Hash identifier:          TJ8FYFVLMAcEqf7y0fkosE7eocm2Cjg2X0qXb41srIM=
Subject key identifier:   05:4F:7A:26:DD:B2:83:ED:65:6C:CB:BE:72:FF:BE:E8:81:7C:7B:85
Authority key identifier: 91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3
Certificate issuer:       /CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
Certificate serial:       019882B0EC166BBAF1D94A8B9A0701EB9EB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
Manifest number:          161C
Signing time:             Thu 07 Aug 2025 04:01:29 +0000
Manifest this update:     Thu 07 Aug 2025 04:01:29 +0000
Manifest next update:     Fri 08 Aug 2025 04:01:29 +0000
Files and hashes:         1: kVijd10MXrOPIPDvmjYRBhpRlbM.crl (hash: EyfKAxqYwavb3TcvT1cSP8Qd1AVW5z1j3Ctivlo4EYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 04:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:b0:ec:16:6b:ba:f1:d9:4a:8b:9a:07:01:eb:9e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
        Validity
            Not Before: Aug  7 04:01:29 2025 GMT
            Not After : Aug  8 04:01:29 2025 GMT
        Subject: CN=054f7a26ddb283ed656ccbbe72ffbee8817c7b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:de:89:86:31:15:20:ab:de:1c:d1:5c:5f:ed:
                    30:53:dc:09:70:bb:d3:bd:9c:c0:ab:f8:e9:b1:5d:
                    ca:57:06:1d:e4:a4:05:ac:bd:79:bf:11:77:56:32:
                    f9:f3:53:5e:cf:1b:12:b9:a7:84:b2:30:d5:1f:21:
                    49:79:68:f0:b6:d8:f0:ef:13:54:da:78:b6:ee:93:
                    0e:0b:07:24:bf:08:71:70:23:28:7a:73:7f:48:50:
                    5e:b6:50:73:28:8c:c4:f6:c3:77:f9:08:31:c7:80:
                    f1:3c:5c:5a:02:e9:60:80:65:9e:e9:0a:e1:e1:ea:
                    26:6d:43:a0:1e:44:00:f1:de:48:84:3e:d1:73:a2:
                    c5:93:33:d4:2e:e0:32:76:7e:8b:88:12:9a:d8:9a:
                    d2:99:0b:d7:88:ae:af:e7:d6:92:7b:4f:9d:46:a5:
                    b6:f0:08:d7:6f:5a:2d:01:3a:60:13:33:ae:14:72:
                    1b:6b:67:4b:ea:b9:cc:f4:b4:ee:a2:12:66:29:b1:
                    ff:03:18:49:41:58:f3:90:01:6b:40:a1:2f:f5:b0:
                    ca:06:ea:1d:c4:c7:4a:00:8b:81:8d:9c:b1:9f:78:
                    67:cf:ee:62:90:a1:28:10:7b:a6:53:6b:cc:b5:81:
                    53:64:ac:32:31:21:37:ee:7f:00:8a:60:d9:45:47:
                    60:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:4F:7A:26:DD:B2:83:ED:65:6C:CB:BE:72:FF:BE:E8:81:7C:7B:85
            X509v3 Authority Key Identifier:
                keyid:91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:76:79:45:a5:50:50:22:80:0d:05:3b:1c:9c:47:88:78:f5:
         2c:74:95:fe:ff:d2:d6:b4:bc:37:fc:4e:e6:75:2b:f1:de:e6:
         94:e3:fb:17:4a:76:0e:73:a4:4e:07:2b:e9:6e:7b:5c:0f:2e:
         e9:3b:b4:1b:34:c5:75:f0:aa:36:bd:e5:97:c3:fa:e2:c6:0d:
         cf:0e:bf:f3:43:03:15:96:e4:04:19:c3:f6:ed:0a:38:e5:42:
         16:aa:de:5d:f6:1f:67:b7:06:f2:f1:f7:cd:fd:39:2c:8d:eb:
         bb:28:82:3c:86:2a:73:ec:af:b2:9e:25:06:3f:70:b4:c7:fc:
         b6:41:fb:76:7f:b1:1c:c4:b2:c0:b1:1e:3f:1f:f7:0d:68:60:
         99:f0:e2:f8:74:0c:d6:8e:73:cb:af:b0:dc:09:1a:28:e5:6e:
         7e:42:28:ee:0c:fe:80:19:c8:70:a6:53:8f:52:2f:71:7b:ec:
         bd:6d:81:e4:c8:bc:ba:9d:3e:11:f7:cb:8e:d9:64:f0:19:e4:
         7c:87:95:5d:00:51:f4:5a:9b:30:1c:f8:71:c9:56:7e:18:bb:
         bb:33:72:41:3e:b9:b5:f8:17:a9:c4:b8:0a:fa:aa:b8:a9:8a:
         6b:02:09:47:68:41:0c:04:81:d9:2c:a5:fe:97:c5:2b:9d:54:
         e0:1c:ed:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCsOwWa7rx2UqLmgcB6565MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNThhMzc3NWQwYzVlYjM4ZjIwZjBlZjlhMzYxMTA2MWE1
MTk1YjMwHhcNMjUwODA3MDQwMTI5WhcNMjUwODA4MDQwMTI5WjAzMTEwLwYDVQQD
EygwNTRmN2EyNmRkYjI4M2VkNjU2Y2NiYmU3MmZmYmVlODgxN2M3Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj96JhjEVIKveHNFcX+0wU9wJcLvT
vZzAq/jpsV3KVwYd5KQFrL15vxF3VjL581NezxsSuaeEsjDVHyFJeWjwttjw7xNU
2ni27pMOCwckvwhxcCMoenN/SFBetlBzKIzE9sN3+Qgxx4DxPFxaAulggGWe6Qrh
4eombUOgHkQA8d5IhD7Rc6LFkzPULuAydn6LiBKa2JrSmQvXiK6v59aSe0+dRqW2
8AjXb1otATpgEzOuFHIba2dL6rnM9LTuohJmKbH/AxhJQVjzkAFrQKEv9bDKBuod
xMdKAIuBjZyxn3hnz+5ikKEoEHumU2vMtYFTZKwyMSE37n8AimDZRUdgcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVPeibdsoPtZWzLvnL/vuiBfHuFMB8GA1UdIwQY
MBaAFJFYo3ddDF6zjyDw75o2EQYaUZWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAt
OGQwNGY4Nzc5NDIzLzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAtOGQwNGY4Nzc5NDIz
LzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnZ5RaVQ
UCKADQU7HJxHiHj1LHSV/v/S1rS8N/xO5nUr8d7mlOP7F0p2DnOkTgcr6W57XA8u
6Tu0GzTFdfCqNr3ll8P64sYNzw6/80MDFZbkBBnD9u0KOOVCFqreXfYfZ7cG8vH3
zf05LI3ruyiCPIYqc+yvsp4lBj9wtMf8tkH7dn+xHMSywLEePx/3DWhgmfDi+HQM
1o5zy6+w3AkaKOVufkIo7gz+gBnIcKZTj1IvcXvsvW2B5Mi8up0+EffLjtlk8Bnk
fIeVXQBR9FqbMBz4cclWfhi7uzNyQT65tfgXqcS4CvqquKmKawIJR2hBDASB2Syl
/pfFK51U4Bztlw==
-----END CERTIFICATE-----