Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          bqQnKQ3T1AMikmxBqNySU8VF74AtsdlsJtPPoJobl3Q=
Subject key identifier:   EB:69:AC:BE:FF:10:B6:9A:5B:88:ED:26:74:45:05:BE:44:29:F7:06
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       0198D5BB8125E9523505A35CF82BDAD738C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0E5F
Signing time:             Sat 23 Aug 2025 07:01:31 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:31 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:31 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: qn4dI0saBJyXijoJ8u6Q8hiJO9o17o2FRZ7bwEseeP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:81:25:e9:52:35:05:a3:5c:f8:2b:da:d7:38:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Aug 23 07:01:31 2025 GMT
            Not After : Aug 24 07:01:31 2025 GMT
        Subject: CN=eb69acbeff10b69a5b88ed26744505be4429f706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e0:2c:6a:66:ac:b1:3a:e5:bf:d0:49:cd:5d:
                    a3:42:fc:68:c3:89:e0:d6:b2:4e:e5:a6:4d:27:64:
                    dc:31:52:d1:6b:9a:93:0a:6f:01:8d:4b:79:e4:2e:
                    5b:19:c0:6e:12:f7:9b:61:fa:9b:4c:68:eb:9a:13:
                    fe:cb:df:7a:83:eb:ef:8e:b7:db:2f:0f:15:72:3e:
                    87:8e:a0:0d:99:fd:06:95:eb:c5:1b:92:2d:59:40:
                    69:0e:5c:21:0a:61:0b:b0:25:c0:e6:e0:f6:a4:11:
                    bd:1f:61:82:9f:e1:bf:65:0e:80:99:f4:8a:0a:e9:
                    14:3f:12:45:37:a7:e4:9a:f3:1c:fd:aa:84:87:7b:
                    e6:1f:49:c2:f9:fc:d0:f4:64:77:f4:b8:53:9a:de:
                    06:9c:c4:16:98:66:f3:a6:4a:31:85:ec:68:25:c8:
                    19:aa:21:8a:77:12:78:c8:82:ee:58:6d:c6:58:7f:
                    9b:9f:74:41:6b:84:fe:02:56:f1:24:79:0e:8c:ae:
                    b3:af:35:da:87:53:30:ac:6a:25:fe:cf:eb:c2:20:
                    f3:58:a1:d7:dc:e3:a1:47:ce:3f:12:49:45:8a:70:
                    1f:1d:ac:cb:8e:55:52:db:aa:ee:a2:f6:85:22:51:
                    5d:60:40:9a:5e:ed:b6:09:22:a8:f3:c6:0b:63:31:
                    3f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:69:AC:BE:FF:10:B6:9A:5B:88:ED:26:74:45:05:BE:44:29:F7:06
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:93:a4:41:81:2f:4f:9b:e3:b5:b7:a7:fc:5b:0a:91:6a:98:
         8d:54:c9:b7:79:8d:72:10:6c:37:67:a5:85:77:55:03:64:77:
         11:9f:cc:1a:ad:00:a0:d8:07:bc:4e:0f:af:63:18:83:d3:bb:
         6a:62:ae:3f:f7:f8:c2:b9:51:c9:05:0c:32:a4:42:66:d2:3a:
         65:2e:45:f2:3e:72:0f:5a:aa:12:a1:57:36:ef:64:b0:2b:47:
         ec:c6:49:2b:7e:7a:54:9d:95:65:71:cd:47:a7:d7:ea:ad:98:
         b8:3e:bb:ce:d5:c2:6e:d3:94:79:e3:dd:16:be:27:45:67:fb:
         fa:e4:41:61:c1:bd:c1:cc:48:33:9c:45:88:34:38:9d:9a:6c:
         96:ab:aa:f7:a2:9e:64:a4:44:a7:87:20:13:bf:0a:f9:af:a3:
         9f:d6:72:96:cf:88:e4:c1:66:79:1d:20:d2:d8:f5:22:42:5b:
         b0:9f:09:d0:1d:a7:10:6a:82:ff:dd:fe:6f:02:f6:bd:3b:69:
         8c:a5:e3:ab:d4:f0:be:dd:e2:f0:48:69:bc:a5:51:51:e0:4b:
         b0:4c:50:0d:b9:ee:96:31:9c:fe:f7:bd:bf:ad:c8:85:c8:dd:
         21:a5:d2:0f:57:76:57:5c:91:7c:70:7a:93:da:7c:99:78:35:
         5e:e0:7e:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu4El6VI1BaNc+Cva1zjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUwODIzMDcwMTMxWhcNMjUwODI0MDcwMTMxWjAzMTEwLwYDVQQD
EyhlYjY5YWNiZWZmMTBiNjlhNWI4OGVkMjY3NDQ1MDViZTQ0MjlmNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuAsamassTrlv9BJzV2jQvxow4ng
1rJO5aZNJ2TcMVLRa5qTCm8BjUt55C5bGcBuEvebYfqbTGjrmhP+y996g+vvjrfb
Lw8Vcj6HjqANmf0GlevFG5ItWUBpDlwhCmELsCXA5uD2pBG9H2GCn+G/ZQ6AmfSK
CukUPxJFN6fkmvMc/aqEh3vmH0nC+fzQ9GR39LhTmt4GnMQWmGbzpkoxhexoJcgZ
qiGKdxJ4yILuWG3GWH+bn3RBa4T+AlbxJHkOjK6zrzXah1MwrGol/s/rwiDzWKHX
3OOhR84/EklFinAfHazLjlVS26ruovaFIlFdYECaXu22CSKo88YLYzE//wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtprL7/ELaaW4jtJnRFBb5EKfcGMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZOkQYEv
T5vjtben/FsKkWqYjVTJt3mNchBsN2elhXdVA2R3EZ/MGq0AoNgHvE4Pr2MYg9O7
amKuP/f4wrlRyQUMMqRCZtI6ZS5F8j5yD1qqEqFXNu9ksCtH7MZJK356VJ2VZXHN
R6fX6q2YuD67ztXCbtOUeePdFr4nRWf7+uRBYcG9wcxIM5xFiDQ4nZpslquq96Ke
ZKREp4cgE78K+a+jn9Zyls+I5MFmeR0g0tj1IkJbsJ8J0B2nEGqC/93+bwL2vTtp
jKXjq9Twvt3i8EhpvKVRUeBLsExQDbnuljGc/ve9v63IhcjdIaXSD1d2V1yRfHB6
k9p8mXg1XuB+4w==
-----END CERTIFICATE-----