Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          jjDIZTPzuJtp2lp8Iw16ImRu08ZbyUnNbbD9EZ/YK3o=
Subject key identifier:   05:F0:25:2C:85:ED:D0:49:F9:42:D4:1D:EA:1F:A2:EB:13:99:D0:CB
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       0197B6A0A699336D4330DBF0250E2D2A9E5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0EC9
Signing time:             Sat 28 Jun 2025 13:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:11 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: yywD4DJAGrdkFvh+7xTpBWTwdNVALeVCa0v29pSWp7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:a6:99:33:6d:43:30:db:f0:25:0e:2d:2a:9e:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Jun 28 13:01:11 2025 GMT
            Not After : Jun 29 13:01:11 2025 GMT
        Subject: CN=05f0252c85edd049f942d41dea1fa2eb1399d0cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:59:57:7d:b9:8a:38:a7:1d:b2:a6:83:d9:28:
                    f5:55:d7:5c:27:b1:98:77:0a:c4:fc:da:7d:60:fd:
                    3e:31:1f:24:c9:10:d9:5d:d4:a6:0c:3b:9c:55:fe:
                    af:50:ce:8a:48:e1:32:6f:de:b5:31:f9:37:42:9c:
                    5e:de:bf:73:b6:f2:b1:a0:53:63:c3:eb:16:f0:d4:
                    0f:49:ab:88:6e:56:84:93:49:4e:13:ac:99:51:d0:
                    9e:4b:e6:d2:30:2b:1e:0d:f4:95:f3:d6:75:05:22:
                    0b:be:36:bc:89:3f:e8:42:5c:fc:77:c2:16:a1:f1:
                    39:b0:b8:22:38:48:5e:26:1d:e5:3d:7b:31:dd:be:
                    ef:5a:f0:ba:b1:c9:fd:db:b6:b2:8b:0e:b2:16:97:
                    30:a2:5d:db:9b:20:75:71:eb:0e:af:c9:1e:50:63:
                    51:ff:2b:d6:90:7d:6f:43:90:54:8d:c7:36:55:c7:
                    6e:08:3d:42:17:86:48:3f:48:6b:67:05:79:20:6c:
                    30:2f:43:51:12:fe:2e:a8:c6:57:23:ae:05:c6:5b:
                    99:bb:a5:43:c7:3a:f5:85:21:87:f0:2b:38:6d:87:
                    18:68:8e:ff:4c:1b:69:e7:20:44:60:9f:c0:d4:8c:
                    96:0a:5d:f1:af:40:e3:4e:74:8c:bb:e5:a4:e3:4a:
                    19:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F0:25:2C:85:ED:D0:49:F9:42:D4:1D:EA:1F:A2:EB:13:99:D0:CB
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:69:c2:c8:38:b3:3e:65:19:97:16:12:82:cf:94:5b:f2:98:
         6a:f9:2a:1d:bf:08:a5:db:e6:9f:66:6f:2c:ef:1a:65:57:2c:
         5d:68:73:1a:2d:7c:bb:8c:e3:bc:9b:a0:5f:38:3a:76:0f:a1:
         1a:8d:8e:bc:8f:7e:4b:1f:69:f9:18:6e:72:6b:41:1f:e6:56:
         96:0d:d3:0f:f1:de:7a:c2:01:2d:db:ce:56:1d:8e:00:1f:ee:
         cd:04:97:82:eb:9d:37:34:77:03:cc:11:f4:a2:a3:a0:e0:80:
         30:94:1e:48:71:e6:70:46:62:fb:21:a5:06:bd:85:80:a7:eb:
         ce:64:9a:7d:2a:a8:d7:e2:51:17:ba:53:a5:22:d4:52:85:65:
         b4:21:28:71:a3:2a:89:2d:0b:b3:49:e4:08:97:6f:94:f7:5c:
         b9:08:1c:0c:58:3d:76:c1:84:d5:5c:92:74:cc:a7:ab:44:de:
         80:5f:84:58:61:6b:93:bf:34:da:b8:0b:37:9f:11:98:26:de:
         48:7d:ef:b4:e5:75:20:ac:5e:79:fe:90:06:f4:c6:41:7a:00:
         ea:84:a4:7f:2b:d5:6f:f4:cc:56:10:ae:ef:e9:9f:c7:e6:80:
         37:78:ed:0c:83:6c:03:f7:17:c9:e6:e2:01:a8:dd:b9:c0:6b:
         2d:82:18:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oKaZM21DMNvwJQ4tKp5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwNjI4MTMwMTExWhcNMjUwNjI5MTMwMTExWjAzMTEwLwYDVQQD
EygwNWYwMjUyYzg1ZWRkMDQ5Zjk0MmQ0MWRlYTFmYTJlYjEzOTlkMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVlXfbmKOKcdsqaD2Sj1VddcJ7GY
dwrE/Np9YP0+MR8kyRDZXdSmDDucVf6vUM6KSOEyb961Mfk3Qpxe3r9ztvKxoFNj
w+sW8NQPSauIblaEk0lOE6yZUdCeS+bSMCseDfSV89Z1BSILvja8iT/oQlz8d8IW
ofE5sLgiOEheJh3lPXsx3b7vWvC6scn927ayiw6yFpcwol3bmyB1cesOr8keUGNR
/yvWkH1vQ5BUjcc2VcduCD1CF4ZIP0hrZwV5IGwwL0NREv4uqMZXI64FxluZu6VD
xzr1hSGH8Cs4bYcYaI7/TBtp5yBEYJ/A1IyWCl3xr0DjTnSMu+Wk40oZBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXwJSyF7dBJ+ULUHeofousTmdDLMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmnCyDiz
PmUZlxYSgs+UW/KYavkqHb8Ipdvmn2ZvLO8aZVcsXWhzGi18u4zjvJugXzg6dg+h
Go2OvI9+Sx9p+RhucmtBH+ZWlg3TD/HeesIBLdvOVh2OAB/uzQSXguudNzR3A8wR
9KKjoOCAMJQeSHHmcEZi+yGlBr2FgKfrzmSafSqo1+JRF7pTpSLUUoVltCEocaMq
iS0Ls0nkCJdvlPdcuQgcDFg9dsGE1VySdMynq0TegF+EWGFrk7802rgLN58RmCbe
SH3vtOV1IKxeef6QBvTGQXoA6oSkfyvVb/TMVhCu7+mfx+aAN3jtDINsA/cXyebi
AajducBrLYIY8Q==
-----END CERTIFICATE-----