Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
File:                     0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft (raw, json)
Hash identifier:          kYTkRf/eDjYogEaxcxLPDKgQrbsKtrkrb9k9rwli2XQ=
Subject key identifier:   FA:4D:8A:14:27:E2:01:1E:A7:75:19:31:52:37:EF:BD:3D:82:D3:EF
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       01108DC71821054844C2C12B0FB934133C1335B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
Manifest number:          03FB
Signing time:             Sat 28 Jun 2025 12:33:02 +0000
Manifest this update:     Sat 28 Jun 2025 12:28:02 +0000
Manifest next update:     Sun 29 Jun 2025 15:32:02 +0000
Files and hashes:         1: 0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl (hash: pkm/HksOaC22fZDXK02G0a9qwYOdhlt+90aErLbQ0BE=)
                          2: AS50555.asa (hash: 6Tb3JWAiG3HB18+QURZTnhnTtpjs1INvbgLT/78hSiM=)
Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:10:8d:c7:18:21:05:48:44:c2:c1:2b:0f:b9:34:13:3c:13:35:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Jun 28 12:28:02 2025 GMT
            Not After : Jun 29 15:32:02 2025 GMT
        Subject: CN=FA4D8A1427E2011EA77519315237EFBD3D82D3EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4a:8f:f0:75:f8:df:58:81:54:1e:a9:f0:68:
                    4c:65:f7:c4:21:27:e2:ba:6e:1d:0d:07:0a:11:ec:
                    5c:36:21:ea:cb:1a:ca:47:25:f2:38:44:66:9f:66:
                    64:56:14:0f:55:2b:09:81:f4:38:ca:e2:ba:27:6d:
                    b9:34:2a:f0:43:be:33:9a:ea:92:e0:05:4b:3c:57:
                    e5:8b:6f:f3:98:47:54:98:93:ca:b9:dc:c5:81:ca:
                    16:12:fa:ff:69:30:67:15:5b:13:72:b0:b3:23:2f:
                    62:3b:ae:17:99:98:89:02:17:bc:87:e8:29:34:a4:
                    d6:ea:2a:c3:78:5c:33:f9:9f:99:9d:e7:ee:7e:62:
                    dd:c6:ad:17:81:fd:75:c8:b5:8c:6c:1a:15:fd:38:
                    fc:77:98:ad:13:ca:a3:76:46:65:56:34:3b:ba:a1:
                    48:53:ba:64:cc:b4:39:23:c6:01:d9:e7:ac:58:94:
                    dc:57:67:06:54:55:f9:5f:f3:d9:12:3c:82:bc:28:
                    4e:fd:3b:6c:ac:1b:58:40:5f:55:25:c7:be:3d:9b:
                    39:e6:a3:36:03:8c:ec:e8:b0:a2:3c:86:8c:7c:e1:
                    22:9b:e5:f3:8c:5c:91:ce:a8:42:ff:97:7b:9b:1e:
                    1f:76:59:1c:0a:83:4b:84:df:6f:57:3c:16:6f:b2:
                    e2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:4D:8A:14:27:E2:01:1E:A7:75:19:31:52:37:EF:BD:3D:82:D3:EF
            X509v3 Authority Key Identifier:
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:93:ad:1e:24:97:d6:fc:5e:4e:19:5e:9b:22:40:0d:b0:96:
         24:73:60:b9:9c:af:6c:5f:76:7b:79:1a:e4:bc:12:b6:80:bb:
         6b:15:8d:7a:f0:21:9c:f3:79:fe:9c:62:0a:7b:f8:2d:59:d1:
         24:8c:5d:80:01:b6:53:c6:1a:04:09:e6:55:83:29:b7:15:6b:
         84:57:fa:a1:36:e3:4f:e7:17:e0:28:12:43:af:b7:00:c5:6e:
         3e:4d:e4:24:be:34:2f:2e:aa:a0:b3:11:d2:73:59:d2:6c:1f:
         2c:ca:8b:15:22:f7:4f:28:5a:d5:11:6e:1b:26:7a:b6:3b:2f:
         98:e3:4d:35:be:07:dc:00:c9:13:81:d7:fb:20:f4:6b:a2:a1:
         65:00:0d:e2:4d:a7:0a:8d:d1:9b:d6:c1:39:83:90:ca:b3:3f:
         6b:db:c4:c5:a8:f2:23:f1:d9:04:15:35:9a:dc:4c:e7:f6:3f:
         d9:65:13:39:46:78:34:90:6a:b3:d1:0a:ad:79:06:23:7c:37:
         22:af:7d:26:2b:15:5a:15:c0:4c:15:10:75:57:2c:3e:74:1c:
         81:01:fc:85:7d:82:1b:c7:85:85:36:37:6a:49:9c:0a:d8:40:
         1f:ba:9f:83:65:9c:13:d7:58:5f:88:7e:48:c7:b6:2c:2d:b1:
         94:1d:bc:6b
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUARCNxxghBUhEwsErD7k0EzwTNbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yNTA2MjgxMjI4MDJaFw0yNTA2MjkxNTMyMDJaMDMxMTAvBgNV
BAMTKEZBNEQ4QTE0MjdFMjAxMUVBNzc1MTkzMTUyMzdFRkJEM0Q4MkQzRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXSo/wdfjfWIFUHqnwaExl98Qh
J+K6bh0NBwoR7Fw2IerLGspHJfI4RGafZmRWFA9VKwmB9DjK4ronbbk0KvBDvjOa
6pLgBUs8V+WLb/OYR1SYk8q53MWByhYS+v9pMGcVWxNysLMjL2I7rheZmIkCF7yH
6Ck0pNbqKsN4XDP5n5md5+5+Yt3GrReB/XXItYxsGhX9OPx3mK0TyqN2RmVWNDu6
oUhTumTMtDkjxgHZ56xYlNxXZwZUVflf89kSPIK8KE79O2ysG1hAX1Ulx749mznm
ozYDjOzosKI8hox84SKb5fOMXJHOqEL/l3ubHh92WRwKg0uE329XPBZvsuKZAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQU+k2KFCfiAR6ndRkxUjfvvT2C0+8wHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC8wRDEwRThB
NzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1MjMyLm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJOt
HiSX1vxeThlemyJADbCWJHNguZyvbF92e3ka5LwStoC7axWNevAhnPN5/pxiCnv4
LVnRJIxdgAG2U8YaBAnmVYMptxVrhFf6oTbjT+cX4CgSQ6+3AMVuPk3kJL40Ly6q
oLMR0nNZ0mwfLMqLFSL3Tyha1RFuGyZ6tjsvmONNNb4H3ADJE4HX+yD0a6KhZQAN
4k2nCo3Rm9bBOYOQyrM/a9vExajyI/HZBBU1mtxM5/Y/2WUTOUZ4NJBqs9EKrXkG
I3w3Iq99JisVWhXATBUQdVcsPnQcgQH8hX2CG8eFhTY3akmcCthAH7qfg2WcE9dY
X4h+SMe2LC2xlB28aw==
-----END CERTIFICATE-----