Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
File:                     Kksu12XR1HipbYLxJgEen7dS_Ic.mft (raw, json)
Hash identifier:          kPVVFGDxu2NLh8UybHMuNzUqmb+Q4fspDnM5jQbhvxQ=
Subject key identifier:   B7:16:4D:9C:A8:44:40:27:30:38:8A:38:CD:91:1F:25:DA:03:C7:C6
Authority key identifier: 2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87
Certificate issuer:       /CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
Certificate serial:       01988242B618F3AED3FD6A6911C94696CA1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
Manifest number:          161A
Signing time:             Thu 07 Aug 2025 02:01:06 +0000
Manifest this update:     Thu 07 Aug 2025 02:01:06 +0000
Manifest next update:     Fri 08 Aug 2025 02:01:06 +0000
Files and hashes:         1: Kksu12XR1HipbYLxJgEen7dS_Ic.crl (hash: YcOAFx2e2DiUjbrCbsmrp4Z8ehzwxrQdBmIL2r9pPbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:42:b6:18:f3:ae:d3:fd:6a:69:11:c9:46:96:ca:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
        Validity
            Not Before: Aug  7 02:01:06 2025 GMT
            Not After : Aug  8 02:01:06 2025 GMT
        Subject: CN=b7164d9ca844402730388a38cd911f25da03c7c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:31:62:da:e0:a3:55:b8:cc:3d:80:23:d3:1c:
                    18:1e:ae:19:11:cb:d3:0c:70:4c:91:e6:3a:f9:56:
                    ba:63:28:c9:71:50:4f:b5:2f:30:df:eb:f9:12:d6:
                    01:38:5e:fd:45:7c:55:61:98:f0:0e:bc:31:a7:fa:
                    a4:59:1f:b5:b3:a1:46:14:4a:d6:09:12:fb:7e:7f:
                    65:88:e2:bb:32:58:44:af:bd:02:86:7d:b0:26:df:
                    35:12:d5:8c:cc:5b:1e:86:3d:4d:2c:95:e8:c2:99:
                    d5:7f:80:75:71:32:12:09:b4:00:db:56:8a:97:ac:
                    b8:2b:82:72:7b:08:e0:e2:6f:d4:6e:95:6f:67:0d:
                    82:2f:65:47:44:84:c6:d1:55:b6:59:5d:23:b0:02:
                    d8:b4:8d:16:8b:af:84:31:7d:16:41:ae:79:4e:d5:
                    12:99:17:e6:9b:90:90:6e:e9:18:a9:51:8b:b6:0e:
                    47:3d:4f:d5:45:a8:0c:4f:6a:a0:9e:e8:36:72:d2:
                    32:b0:46:8b:15:54:73:f3:f3:9f:07:9c:fc:0c:77:
                    5f:5e:66:28:d8:75:07:ef:7d:50:48:0a:38:82:08:
                    63:ce:66:bb:f2:29:a9:ff:ea:fa:12:be:22:ba:1e:
                    3a:ad:f6:77:96:f2:c1:bf:dc:d2:56:54:72:df:e7:
                    ff:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:16:4D:9C:A8:44:40:27:30:38:8A:38:CD:91:1F:25:DA:03:C7:C6
            X509v3 Authority Key Identifier:
                keyid:2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:97:fa:70:cb:d9:b1:56:2a:ad:36:f2:51:4f:2d:77:a2:be:
         d1:c0:da:c4:95:74:fa:bf:94:5c:42:65:7f:0a:b1:88:e3:e1:
         e1:f0:0f:9f:f6:6e:b7:ec:d9:0a:be:2b:bc:f2:a6:14:e6:af:
         4d:ff:a0:27:42:ad:57:a3:20:5a:68:5e:bf:36:c7:c4:eb:85:
         46:8c:0e:6a:3e:1c:ac:b8:82:5e:38:3d:ea:60:32:fa:6e:7a:
         ce:4c:c1:47:a4:5c:5b:61:7d:8b:10:7f:aa:07:0d:77:9a:1e:
         25:a3:1d:bb:18:4b:2f:d6:e0:d6:db:97:6f:d1:40:48:38:68:
         a7:17:2b:33:07:f7:96:c6:d4:c1:64:85:c8:73:61:dd:0b:cc:
         d8:f0:f6:93:33:37:cf:5d:6c:0b:92:f8:83:39:58:dd:0a:f6:
         f8:38:e9:3e:07:c4:7d:dc:ad:78:dc:be:40:5c:08:13:72:37:
         c0:2b:d4:53:1a:77:1b:49:b0:14:14:bc:47:59:d8:c6:70:68:
         c4:a0:ae:3b:a4:bf:e3:74:e4:eb:ab:8b:e1:35:8f:88:a2:35:
         72:a5:44:06:76:6f:53:14:05:ee:e2:c4:61:51:dc:e0:01:43:
         b9:d7:37:f7:44:2c:39:94:26:42:8e:35:1d:7b:34:8b:34:f4:
         14:d6:2a:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCQrYY867T/WppEclGlsobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGIyZWQ3NjVkMWQ0NzhhOTZkODJmMTI2MDExZTlmYjc1
MmZjODcwHhcNMjUwODA3MDIwMTA2WhcNMjUwODA4MDIwMTA2WjAzMTEwLwYDVQQD
EyhiNzE2NGQ5Y2E4NDQ0MDI3MzAzODhhMzhjZDkxMWYyNWRhMDNjN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/jFi2uCjVbjMPYAj0xwYHq4ZEcvT
DHBMkeY6+Va6YyjJcVBPtS8w3+v5EtYBOF79RXxVYZjwDrwxp/qkWR+1s6FGFErW
CRL7fn9liOK7MlhEr70Chn2wJt81EtWMzFsehj1NLJXowpnVf4B1cTISCbQA21aK
l6y4K4Jyewjg4m/UbpVvZw2CL2VHRITG0VW2WV0jsALYtI0Wi6+EMX0WQa55TtUS
mRfmm5CQbukYqVGLtg5HPU/VRagMT2qgnug2ctIysEaLFVRz8/OfB5z8DHdfXmYo
2HUH731QSAo4gghjzma78imp/+r6Er4iuh46rfZ3lvLBv9zSVlRy3+f/mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcWTZyoREAnMDiKOM2RHyXaA8fGMB8GA1UdIwQY
MBaAFCpLLtdl0dR4qW2C8SYBHp+3UvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTkt
MTE1OTg4ZDgxMjg5LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTktMTE1OTg4ZDgxMjg5
LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYpf6cMvZ
sVYqrTbyUU8td6K+0cDaxJV0+r+UXEJlfwqxiOPh4fAPn/Zut+zZCr4rvPKmFOav
Tf+gJ0KtV6MgWmhevzbHxOuFRowOaj4crLiCXjg96mAy+m56zkzBR6RcW2F9ixB/
qgcNd5oeJaMduxhLL9bg1tuXb9FASDhopxcrMwf3lsbUwWSFyHNh3QvM2PD2kzM3
z11sC5L4gzlY3Qr2+DjpPgfEfdyteNy+QFwIE3I3wCvUUxp3G0mwFBS8R1nYxnBo
xKCuO6S/43Tk66uL4TWPiKI1cqVEBnZvUxQF7uLEYVHc4AFDudc390QsOZQmQo41
HXs0izT0FNYqiQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:29:17 2025 by rpki-client