Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          HYtoBg+dbbCdKi0wH84JFxhPhI9gaiYzxUCEDI6dIVw=
Subject key identifier:   C4:23:0D:DF:01:41:0B:B8:9C:E8:92:27:45:7E:9E:21:36:EC:C0:63
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       0197B6A0845C47413C166FBC79EE91E2FA09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:01:02 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:02 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:02 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: S0AJ2T4qmXk+PtvFXljWzyG8w2NtKDA95prZnnEYvB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:84:5c:47:41:3c:16:6f:bc:79:ee:91:e2:fa:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Jun 28 13:01:02 2025 GMT
            Not After : Jun 29 13:01:02 2025 GMT
        Subject: CN=c4230ddf01410bb89ce89227457e9e2136ecc063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7f:34:c2:2c:fb:b7:87:70:af:ad:96:f5:f1:
                    54:fd:ff:9e:10:f1:7e:36:8a:31:0b:17:35:04:a6:
                    11:8d:90:0f:fc:ce:02:df:3b:7c:70:0c:38:ad:1a:
                    58:0c:60:c5:71:8f:bc:51:f9:eb:ed:be:dc:51:17:
                    22:05:32:fb:04:73:fc:7a:6b:03:95:bd:d5:9b:e7:
                    8d:d5:a4:f1:d7:ba:a9:40:1f:ce:3e:6b:d0:df:6f:
                    3e:bd:5e:55:ac:78:f9:e1:ce:d8:b9:00:8f:17:6a:
                    20:a5:0e:a6:c7:be:20:2c:df:5c:27:4c:5c:fc:9e:
                    1e:b8:0b:e8:33:f7:8e:82:b5:2c:ca:5a:20:77:53:
                    60:18:52:8f:17:80:c0:fb:2b:b5:05:a8:7e:a1:d7:
                    c3:a1:6b:2f:e7:a5:87:ae:8b:b2:68:8f:ba:76:d2:
                    13:81:48:0d:c3:86:47:b0:31:81:64:9d:18:b7:b5:
                    86:80:46:ae:ae:f3:d1:30:c9:7d:45:f0:4b:5b:f9:
                    ff:a0:4a:31:cb:12:e6:57:da:05:e9:e8:30:b8:a4:
                    ec:6b:e6:7f:dc:89:36:61:5b:56:c3:b9:15:26:76:
                    d9:de:94:83:e7:1b:d2:8a:27:fb:9f:85:ed:9a:fb:
                    15:ee:41:06:27:2d:fe:c5:18:d0:53:09:36:fc:1a:
                    e6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:23:0D:DF:01:41:0B:B8:9C:E8:92:27:45:7E:9E:21:36:EC:C0:63
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:40:c1:fe:39:df:67:7c:b5:d0:2e:af:da:32:e6:24:b4:b3:
         cb:d1:a5:9a:00:dc:09:1f:b3:22:e9:a1:86:b1:73:b3:b9:9a:
         0e:47:95:b4:1b:ba:65:47:14:bf:36:9b:e3:8c:31:4f:f8:93:
         9c:0f:e2:4a:ea:0b:d7:17:16:6b:2a:57:12:f9:00:ab:4b:ae:
         89:47:39:71:9e:37:e3:94:08:e3:44:05:93:32:e3:01:3e:6d:
         d2:d3:c6:bc:d4:91:62:e5:b9:56:cf:14:3d:12:41:ec:8b:f5:
         dd:3a:9b:75:96:5c:d0:98:52:5b:f6:f4:2a:65:71:b7:01:d4:
         41:a8:a8:f3:fe:7d:df:a7:65:5a:96:5f:38:77:19:82:a1:04:
         50:41:95:31:ea:32:00:28:96:9d:7f:73:3d:f5:30:fb:73:aa:
         21:4b:a2:7d:4e:1e:17:49:6a:be:90:9b:3a:0f:19:1d:aa:93:
         41:01:bd:d8:d9:aa:35:f5:3d:0c:53:32:ab:0b:ca:94:ca:34:
         da:74:36:d1:86:96:93:b7:35:98:ab:6c:ad:f2:75:01:15:ef:
         cb:27:c1:23:be:3f:d0:08:e9:68:46:b8:f5:0e:df:42:98:c7:
         6c:f2:a9:7d:be:ae:7c:65:13:dc:cd:28:bf:10:98:48:49:d1:
         2f:83:53:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIRcR0E8Fm+8ee6R4voJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUwNjI4MTMwMTAyWhcNMjUwNjI5MTMwMTAyWjAzMTEwLwYDVQQD
EyhjNDIzMGRkZjAxNDEwYmI4OWNlODkyMjc0NTdlOWUyMTM2ZWNjMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX80wiz7t4dwr62W9fFU/f+eEPF+
NooxCxc1BKYRjZAP/M4C3zt8cAw4rRpYDGDFcY+8Ufnr7b7cURciBTL7BHP8emsD
lb3Vm+eN1aTx17qpQB/OPmvQ328+vV5VrHj54c7YuQCPF2ogpQ6mx74gLN9cJ0xc
/J4euAvoM/eOgrUsylogd1NgGFKPF4DA+yu1Bah+odfDoWsv56WHrouyaI+6dtIT
gUgNw4ZHsDGBZJ0Yt7WGgEaurvPRMMl9RfBLW/n/oEoxyxLmV9oF6egwuKTsa+Z/
3Ik2YVtWw7kVJnbZ3pSD5xvSiif7n4XtmvsV7kEGJy3+xRjQUwk2/BrmGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQjDd8BQQu4nOiSJ0V+niE27MBjMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwEDB/jnf
Z3y10C6v2jLmJLSzy9GlmgDcCR+zIumhhrFzs7maDkeVtBu6ZUcUvzab44wxT/iT
nA/iSuoL1xcWaypXEvkAq0uuiUc5cZ4345QI40QFkzLjAT5t0tPGvNSRYuW5Vs8U
PRJB7Iv13TqbdZZc0JhSW/b0KmVxtwHUQaio8/5936dlWpZfOHcZgqEEUEGVMeoy
ACiWnX9zPfUw+3OqIUuifU4eF0lqvpCbOg8ZHaqTQQG92NmqNfU9DFMyqwvKlMo0
2nQ20YaWk7c1mKtsrfJ1ARXvyyfBI74/0AjpaEa49Q7fQpjHbPKpfb6ufGUT3M0o
vxCYSEnRL4NTgQ==
-----END CERTIFICATE-----