Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
File:                     Km9uXKXbQ3eec6znzhbs4O55R5k.mft (raw, json)
Hash identifier:          9ApASxDGskHKEBXuFpsVNqiCciP3GWtO1EVJrJeT+n4=
Subject key identifier:   B4:A3:5E:5B:70:54:32:BC:05:15:85:95:27:51:A8:5B:F0:54:F2:08
Authority key identifier: 2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99
Certificate issuer:       /CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799
Certificate serial:       0196C75F09007D5C1B22F64A49C7607B684E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
Manifest number:          03BB
Signing time:             Tue 13 May 2025 02:00:16 +0000
Manifest this update:     Tue 13 May 2025 02:00:16 +0000
Manifest next update:     Wed 14 May 2025 02:00:16 +0000
Files and hashes:         1: Km9uXKXbQ3eec6znzhbs4O55R5k.crl (hash: g7kyGdzlnuNuwNwdtRgNzCEMW124tT39jPZgpIK90Xg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:5f:09:00:7d:5c:1b:22:f6:4a:49:c7:60:7b:68:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799
        Validity
            Not Before: May 13 02:00:16 2025 GMT
            Not After : May 14 02:00:16 2025 GMT
        Subject: CN=b4a35e5b705432bc051585952751a85bf054f208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:8b:35:56:53:5f:32:de:7f:5d:64:86:ad:79:
                    6f:b8:34:92:ef:aa:65:7e:39:83:ae:04:42:a7:3c:
                    86:18:72:bd:e3:40:cd:58:1e:2a:21:45:c1:3e:dd:
                    3b:7b:71:90:f9:cf:c2:06:e7:fb:40:9b:b5:7c:99:
                    3f:4d:c3:13:5d:63:69:b0:55:5f:cd:88:c5:27:99:
                    41:71:aa:55:6d:3a:14:f8:f1:76:f2:12:5d:2d:11:
                    e4:f3:2a:13:71:91:ae:65:12:68:40:b8:7a:6a:b3:
                    2e:2e:83:d1:f0:c1:3c:44:62:0d:d8:09:ce:99:83:
                    26:64:5d:84:90:62:ca:7a:51:ef:30:df:b0:4e:f3:
                    28:93:c0:89:87:5e:01:43:83:b6:c8:67:89:86:b0:
                    2b:99:45:86:2e:91:e4:c0:8c:70:fd:c5:b7:d4:ab:
                    47:1e:13:04:0f:58:7f:04:fd:95:b4:ab:88:11:0e:
                    d7:62:07:dc:16:37:96:8f:1d:9a:a9:39:5e:6e:17:
                    d3:f4:67:d2:be:4f:92:43:19:f9:42:18:af:b4:6f:
                    a0:d1:09:36:0c:88:ec:0b:95:8d:bf:b2:2f:aa:44:
                    ac:cd:ef:61:30:36:d7:1c:0f:47:5c:a5:a5:c1:6c:
                    c4:21:46:15:68:81:cc:81:84:16:9d:04:0d:4e:7d:
                    59:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A3:5E:5B:70:54:32:BC:05:15:85:95:27:51:A8:5B:F0:54:F2:08
            X509v3 Authority Key Identifier:
                keyid:2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:04:36:a8:0a:e2:25:5f:53:d2:ba:c7:90:15:cc:3c:ff:9c:
         62:a3:96:cf:fa:40:2e:15:98:94:5e:7e:9c:56:bc:d6:87:1e:
         33:52:35:8f:48:8a:e1:65:be:30:66:6a:06:4f:e9:b7:05:64:
         31:9a:09:e2:72:95:85:24:5e:0c:22:69:69:a5:26:10:1d:8d:
         88:5b:ca:de:fa:d9:d2:70:b4:ed:b6:14:18:fd:54:16:fb:b7:
         9d:6e:ae:99:73:6f:00:18:98:67:02:a7:af:e5:61:c4:b8:d8:
         8a:a7:6d:0f:e4:d6:04:84:3a:1b:58:62:da:c4:d0:23:f1:78:
         7b:ac:0c:b7:23:ad:4c:e4:6c:99:06:3e:32:94:4e:15:80:c4:
         3a:50:e2:56:a9:79:0b:9f:dd:bd:44:ad:a6:ec:e9:bf:e7:5f:
         55:7d:9c:30:3a:59:52:06:9e:7e:51:e0:1f:35:bc:d0:38:b2:
         84:e7:3d:f1:28:43:8e:03:39:2b:fc:cb:a4:54:24:31:74:df:
         8b:1c:85:27:9f:4c:c1:bc:a8:9c:bb:fd:df:2e:16:21:c1:84:
         1b:95:6b:45:fd:ef:e1:42:f6:df:cc:14:18:84:ed:ac:81:a1:
         2e:4b:35:13:44:f1:9f:52:cd:c9:62:9a:3c:24:4c:d7:f7:fc:
         c6:22:c6:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHXwkAfVwbIvZKScdge2hOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNmY2ZTVjYTVkYjQzNzc5ZTczYWNlN2NlMTZlY2UwZWU3
OTQ3OTkwHhcNMjUwNTEzMDIwMDE2WhcNMjUwNTE0MDIwMDE2WjAzMTEwLwYDVQQD
EyhiNGEzNWU1YjcwNTQzMmJjMDUxNTg1OTUyNzUxYTg1YmYwNTRmMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Is1VlNfMt5/XWSGrXlvuDSS76pl
fjmDrgRCpzyGGHK940DNWB4qIUXBPt07e3GQ+c/CBuf7QJu1fJk/TcMTXWNpsFVf
zYjFJ5lBcapVbToU+PF28hJdLRHk8yoTcZGuZRJoQLh6arMuLoPR8ME8RGIN2AnO
mYMmZF2EkGLKelHvMN+wTvMok8CJh14BQ4O2yGeJhrArmUWGLpHkwIxw/cW31KtH
HhMED1h/BP2VtKuIEQ7XYgfcFjeWjx2aqTlebhfT9GfSvk+SQxn5QhivtG+g0Qk2
DIjsC5WNv7IvqkSsze9hMDbXHA9HXKWlwWzEIUYVaIHMgYQWnQQNTn1ZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSjXltwVDK8BRWFlSdRqFvwVPIIMB8GA1UdIwQY
MBaAFCpvblyl20N3nnOs584W7ODueUeZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2Mjgt
NzJlOTllZTQ3NjZkLzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2MjgtNzJlOTllZTQ3NjZk
LzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgQ2qAri
JV9T0rrHkBXMPP+cYqOWz/pALhWYlF5+nFa81oceM1I1j0iK4WW+MGZqBk/ptwVk
MZoJ4nKVhSReDCJpaaUmEB2NiFvK3vrZ0nC07bYUGP1UFvu3nW6umXNvABiYZwKn
r+VhxLjYiqdtD+TWBIQ6G1hi2sTQI/F4e6wMtyOtTORsmQY+MpROFYDEOlDiVql5
C5/dvUStpuzpv+dfVX2cMDpZUgaeflHgHzW80DiyhOc98ShDjgM5K/zLpFQkMXTf
ixyFJ59MwbyonLv93y4WIcGEG5VrRf3v4UL238wUGITtrIGhLks1E0Txn1LNyWKa
PCRM1/f8xiLGIQ==
-----END CERTIFICATE-----