Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          GgmYH7f5p3e/ddUFg7Cy2AQ2R7jeCcdOAbd72vTEn+U=
Subject key identifier:   67:66:C8:32:02:08:D2:D5:FB:8E:42:9C:49:77:48:E8:CF:B3:E6:04
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       0198D73AFF444570DBA41548A0A27B867B1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          011F
Signing time:             Sat 23 Aug 2025 14:00:24 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:24 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:24 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: 4e4rsmORqLRiBjyCISsMe+25pbRL8Wz8Z2fmDbzBJWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3a:ff:44:45:70:db:a4:15:48:a0:a2:7b:86:7b:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Aug 23 14:00:24 2025 GMT
            Not After : Aug 24 14:00:24 2025 GMT
        Subject: CN=6766c8320208d2d5fb8e429c497748e8cfb3e604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:54:71:be:be:7f:d5:cd:ae:b7:60:11:91:05:
                    c8:af:54:8f:57:1e:68:ba:8f:e4:c3:1b:31:a8:c0:
                    ae:1e:f2:ce:a1:2b:18:e0:cb:ab:fd:21:58:63:1b:
                    c4:cc:57:56:a6:6d:80:09:33:b1:62:8d:c7:20:3b:
                    24:e6:8d:f2:30:b9:7e:c9:b6:21:dd:72:0d:f7:b3:
                    3b:45:d5:ad:02:c0:c5:58:bd:70:57:37:16:8d:63:
                    1c:36:91:cf:5d:d1:b2:fb:65:a4:bd:e4:ae:ea:56:
                    91:92:92:c2:8d:50:95:0b:e7:00:c1:3f:36:dd:c2:
                    02:89:9f:f5:38:fc:27:89:48:9c:32:f0:08:8a:47:
                    ba:3f:59:d0:f7:5d:9e:22:a3:77:45:22:6f:a5:61:
                    06:c1:1c:1a:42:51:8b:a7:dd:50:fe:13:6a:96:8b:
                    93:56:16:b5:07:b0:c3:48:4a:12:d7:9e:b5:8b:de:
                    2d:56:8f:e8:cb:f8:4e:79:71:0a:30:e1:3e:36:9d:
                    1a:39:74:74:23:4d:2b:05:2f:be:f2:62:8b:32:a1:
                    2c:09:5b:54:45:bc:09:58:0e:2a:9c:2f:c9:7e:1e:
                    1a:46:5f:a0:c4:27:a3:2b:da:14:26:41:5e:e0:49:
                    fa:77:f6:bf:c5:e9:b6:e3:e0:37:17:57:5c:5a:01:
                    47:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:66:C8:32:02:08:D2:D5:FB:8E:42:9C:49:77:48:E8:CF:B3:E6:04
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:04:c3:3a:33:70:fb:6f:18:22:c4:f7:42:a7:2b:1d:70:6a:
         da:ad:7a:67:24:67:6a:10:43:a0:db:43:ce:60:a3:0d:31:42:
         17:42:1d:2d:a3:0a:20:0c:64:cb:4f:26:ed:c4:8f:80:e2:d8:
         9e:93:5a:c1:96:0b:a3:bc:5b:5d:2b:64:fb:e9:b7:29:2a:ab:
         e2:77:d2:ef:6e:7d:8d:8a:1d:db:63:7f:90:de:3c:cb:14:1f:
         3a:8a:a0:ee:f7:eb:33:6e:96:db:83:2a:2b:da:9c:9b:7d:82:
         aa:92:e2:69:33:3e:ce:f0:41:1e:80:f2:69:34:b5:b2:3c:d1:
         d3:0c:72:8d:4b:2e:45:e5:10:91:8c:2e:a0:b0:b9:57:e1:32:
         eb:d8:76:1d:70:59:86:34:3b:fb:85:d4:ea:85:88:6e:fc:27:
         2e:ad:67:3c:ac:2c:57:c9:2f:17:c8:47:cd:cf:81:83:db:52:
         d9:e3:a5:0a:f8:66:39:1a:5b:e5:da:77:49:86:45:14:5f:2d:
         30:d1:09:bd:60:34:55:0b:42:c8:e2:dd:91:02:83:f5:8a:0d:
         08:66:38:b7:d2:7b:36:f9:6f:ee:e4:41:ac:af:10:87:5f:6f:
         b0:70:31:96:b5:0b:b0:18:ff:c3:2d:f8:ce:9c:76:e7:76:95:
         bc:ad:31:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOv9ERXDbpBVIoKJ7hnseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjUwODIzMTQwMDI0WhcNMjUwODI0MTQwMDI0WjAzMTEwLwYDVQQD
Eyg2NzY2YzgzMjAyMDhkMmQ1ZmI4ZTQyOWM0OTc3NDhlOGNmYjNlNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlRxvr5/1c2ut2ARkQXIr1SPVx5o
uo/kwxsxqMCuHvLOoSsY4Mur/SFYYxvEzFdWpm2ACTOxYo3HIDsk5o3yMLl+ybYh
3XIN97M7RdWtAsDFWL1wVzcWjWMcNpHPXdGy+2WkveSu6laRkpLCjVCVC+cAwT82
3cICiZ/1OPwniUicMvAIike6P1nQ912eIqN3RSJvpWEGwRwaQlGLp91Q/hNqlouT
Vha1B7DDSEoS1561i94tVo/oy/hOeXEKMOE+Np0aOXR0I00rBS++8mKLMqEsCVtU
RbwJWA4qnC/Jfh4aRl+gxCejK9oUJkFe4En6d/a/xem24+A3F1dcWgFHMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdmyDICCNLV+45CnEl3SOjPs+YEMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgTDOjNw
+28YIsT3QqcrHXBq2q16ZyRnahBDoNtDzmCjDTFCF0IdLaMKIAxky08m7cSPgOLY
npNawZYLo7xbXStk++m3KSqr4nfS7259jYod22N/kN48yxQfOoqg7vfrM26W24Mq
K9qcm32CqpLiaTM+zvBBHoDyaTS1sjzR0wxyjUsuReUQkYwuoLC5V+Ey69h2HXBZ
hjQ7+4XU6oWIbvwnLq1nPKwsV8kvF8hHzc+Bg9tS2eOlCvhmORpb5dp3SYZFFF8t
MNEJvWA0VQtCyOLdkQKD9YoNCGY4t9J7Nvlv7uRBrK8Qh19vsHAxlrULsBj/wy34
zpx253aVvK0xiA==
-----END CERTIFICATE-----