Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
File:                     KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json)
Hash identifier:          L4jind9ssfKSo8Z90rNBX0zMSANfaJbKOcZdEr0DuuM=
Subject key identifier:   87:E5:9A:76:5F:70:30:6D:BD:27:CE:82:6C:43:DC:E5:D6:34:F8:C2
Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6
Certificate issuer:       /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
Certificate serial:       0198D5F13D3677459E96E1FB5E014A7DCA6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
Manifest number:          09DC
Signing time:             Sat 23 Aug 2025 08:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:13 +0000
Files and hashes:         1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: BlcxHM7t7V89iU1qNjzIJ7xVR3I8c6HftMCwHuoh+28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:3d:36:77:45:9e:96:e1:fb:5e:01:4a:7d:ca:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
        Validity
            Not Before: Aug 23 08:00:13 2025 GMT
            Not After : Aug 24 08:00:13 2025 GMT
        Subject: CN=87e59a765f70306dbd27ce826c43dce5d634f8c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ab:ef:dd:89:ad:28:1c:92:a6:23:a0:dc:5e:
                    be:69:ab:09:f6:7f:bd:1e:d6:19:99:fb:4e:0a:c4:
                    5a:51:c3:7c:39:e7:ec:33:24:e6:ee:3b:95:6c:42:
                    2e:89:74:c9:78:9f:2a:6a:76:3b:14:54:ae:3d:8a:
                    f8:c4:09:ac:f7:dd:40:b9:05:a4:f6:3d:b9:e2:a9:
                    d7:b3:34:5c:e5:8b:e2:a1:cc:90:37:54:b4:e9:fd:
                    d9:bc:c3:d3:91:df:f0:53:77:c0:2f:73:4c:80:c1:
                    91:12:81:4d:ad:6b:08:c5:32:fd:06:1c:bf:1a:9b:
                    7b:96:bb:cd:9b:57:0c:2f:f2:62:1a:4d:d4:5f:9c:
                    c9:26:8b:95:f8:65:55:36:05:42:a4:f9:76:5f:02:
                    a2:c0:58:75:49:00:0c:7d:10:50:c8:9e:99:dc:b6:
                    b8:22:37:4c:b6:e5:3e:04:25:22:0f:4a:fb:ba:f8:
                    89:a1:b1:9d:67:fb:36:69:14:e1:47:1a:41:51:78:
                    e4:40:eb:a5:96:9d:0a:f3:be:1a:88:7e:1c:75:10:
                    4a:92:81:40:30:33:2c:a4:23:cb:cf:15:74:8e:ec:
                    22:c1:2e:2a:6a:88:b7:53:1a:d5:13:8c:f8:78:5f:
                    f7:50:10:cd:b2:db:d3:37:50:0a:db:ca:9d:5c:2b:
                    1c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:E5:9A:76:5F:70:30:6D:BD:27:CE:82:6C:43:DC:E5:D6:34:F8:C2
            X509v3 Authority Key Identifier:
                keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:33:ec:63:1b:5b:b5:55:60:d3:eb:e0:b2:3a:6d:3e:65:e2:
         24:76:2b:30:9a:f3:64:98:9e:3f:d5:20:66:a5:e2:ef:e5:52:
         66:b7:5e:05:1d:bb:ff:fb:d7:d9:06:d9:07:8c:4c:d9:b3:cd:
         11:0d:ad:ea:ca:7c:74:11:f8:5b:bf:cb:f8:6a:cd:43:b3:60:
         a9:1c:d2:99:dd:bc:22:dd:99:6b:b1:3b:10:89:7d:df:da:a5:
         a3:37:70:4c:ff:3c:87:bc:09:29:8a:72:95:b2:4f:4c:76:68:
         6d:54:46:67:21:97:72:39:50:81:e7:6b:7b:85:d7:63:cb:8b:
         7f:4a:51:6b:2a:37:c2:6b:91:cf:da:17:68:d3:7b:a3:84:13:
         10:37:af:13:f3:c3:ed:e6:a1:07:3a:b0:8a:30:42:9a:ab:b9:
         97:10:25:dd:a2:41:f4:3c:33:3a:02:33:0c:7e:88:0a:18:55:
         e4:23:05:02:91:df:6e:e7:7e:96:b0:ba:84:d3:b6:e1:5c:77:
         64:7a:19:2b:a9:b8:98:ba:7b:3c:75:c6:a9:10:b4:58:be:3a:
         f0:70:3c:40:5f:09:75:d8:43:8d:c3:1c:73:d2:d9:09:04:1b:
         99:f7:4f:67:82:c1:0e:4a:80:af:9b:d9:2d:e8:dc:ca:44:b4:
         40:da:1a:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8T02d0WeluH7XgFKfcpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1
NDRiYTYwHhcNMjUwODIzMDgwMDEzWhcNMjUwODI0MDgwMDEzWjAzMTEwLwYDVQQD
Eyg4N2U1OWE3NjVmNzAzMDZkYmQyN2NlODI2YzQzZGNlNWQ2MzRmOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqvv3YmtKBySpiOg3F6+aasJ9n+9
HtYZmftOCsRaUcN8OefsMyTm7juVbEIuiXTJeJ8qanY7FFSuPYr4xAms991AuQWk
9j254qnXszRc5YviocyQN1S06f3ZvMPTkd/wU3fAL3NMgMGREoFNrWsIxTL9Bhy/
Gpt7lrvNm1cML/JiGk3UX5zJJouV+GVVNgVCpPl2XwKiwFh1SQAMfRBQyJ6Z3La4
IjdMtuU+BCUiD0r7uviJobGdZ/s2aRThRxpBUXjkQOullp0K874aiH4cdRBKkoFA
MDMspCPLzxV0juwiwS4qaoi3UxrVE4z4eF/3UBDNstvTN1AK28qdXCscywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIflmnZfcDBtvSfOgmxD3OXWNPjCMB8GA1UdIwQY
MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt
NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi
LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAozPsYxtb
tVVg0+vgsjptPmXiJHYrMJrzZJieP9UgZqXi7+VSZrdeBR27//vX2QbZB4xM2bPN
EQ2t6sp8dBH4W7/L+GrNQ7NgqRzSmd28It2Za7E7EIl939qlozdwTP88h7wJKYpy
lbJPTHZobVRGZyGXcjlQgedre4XXY8uLf0pRayo3wmuRz9oXaNN7o4QTEDevE/PD
7eahBzqwijBCmqu5lxAl3aJB9DwzOgIzDH6IChhV5CMFApHfbud+lrC6hNO24Vx3
ZHoZK6m4mLp7PHXGqRC0WL468HA8QF8JddhDjcMcc9LZCQQbmfdPZ4LBDkqAr5vZ
LejcykS0QNoaZw==
-----END CERTIFICATE-----