Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File:                     kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier:          BTugPPShQBe6GGbVLJDjkWa6k3WnzvzkY520tarww+Q=
Subject key identifier:   3D:6B:70:F1:2A:98:6B:53:EC:E6:7B:16:B4:17:C3:1D:00:91:1E:7A
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer:       /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial:       0197C6137C72DF38CC0DDD3C61FC8458B8F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number:          15BE
Signing time:             Tue 01 Jul 2025 13:00:55 +0000
Manifest this update:     Tue 01 Jul 2025 13:00:55 +0000
Manifest next update:     Wed 02 Jul 2025 13:00:55 +0000
Files and hashes:         1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: gZyA+MtvD+50phTLU0SeLB+JtyXEzJzxHbSeKiKNfNg=)
                          2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:13:7c:72:df:38:cc:0d:dd:3c:61:fc:84:58:b8:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
        Validity
            Not Before: Jul  1 13:00:55 2025 GMT
            Not After : Jul  2 13:00:55 2025 GMT
        Subject: CN=3d6b70f12a986b53ece67b16b417c31d00911e7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:24:aa:1f:f6:5c:f8:40:8e:c3:ed:f3:dc:15:
                    da:d7:9e:0b:c1:12:93:7f:b8:5a:ce:21:9b:3d:cc:
                    ff:be:1c:8f:71:51:f9:e9:91:9c:05:eb:1d:53:cf:
                    7c:3c:98:38:48:3e:ae:63:14:07:89:97:fa:e4:fd:
                    36:14:e4:9e:87:35:c4:a1:c4:5a:36:51:08:b1:cd:
                    5b:29:60:52:95:ab:d9:22:bd:f8:2c:85:0b:cc:9a:
                    fb:b7:f8:9c:c9:4c:4a:7d:f0:cd:22:b5:b6:cc:f3:
                    b5:0f:e8:93:81:11:9d:3c:0c:24:74:a2:ec:38:9b:
                    8e:e9:82:6e:5b:63:ba:24:cc:d0:b8:4e:89:48:3c:
                    6b:5f:cd:18:89:96:e0:33:47:83:bd:c0:88:bb:5f:
                    f5:0b:10:fd:08:ee:14:50:6e:6c:7c:0a:95:a9:a9:
                    22:fe:45:66:7b:81:7c:b1:71:e0:cb:74:31:66:e7:
                    a4:2a:6d:b8:91:62:34:65:c1:c1:61:64:52:97:e6:
                    23:ec:4a:fd:1a:56:19:54:f5:68:ef:2e:65:92:f8:
                    6c:35:03:30:65:df:e4:bd:f9:b7:3e:50:50:c2:9c:
                    41:3e:67:d4:20:b6:f6:2d:f5:29:c6:d7:82:1b:9a:
                    43:9a:c0:3b:9d:90:3d:22:c4:69:33:ab:50:e1:93:
                    2f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:6B:70:F1:2A:98:6B:53:EC:E6:7B:16:B4:17:C3:1D:00:91:1E:7A
            X509v3 Authority Key Identifier:
                keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:0e:4d:b1:23:e3:78:b9:ec:1e:49:87:1b:5d:67:0a:e9:ef:
         d9:e3:c0:e7:f1:06:20:5a:aa:30:ae:a0:b9:03:34:48:c0:21:
         79:f5:d1:c7:f5:98:8d:60:27:92:ec:80:26:d8:46:21:e2:98:
         e8:fc:a2:c3:ca:bb:ff:3b:7c:fd:b9:4b:2b:8a:fe:e2:8d:af:
         7b:df:67:a3:3c:cf:be:1e:87:1f:cf:30:90:f2:97:59:9b:e9:
         fa:43:e8:be:21:61:e1:13:5f:b6:3a:14:e3:a2:c2:10:0f:08:
         e5:0f:a1:0d:3e:d8:8f:68:f6:d3:37:47:26:d6:18:4e:cc:19:
         2e:40:f4:40:c4:f4:0c:ea:62:4f:1c:91:cd:80:6f:1f:22:03:
         a5:92:08:70:e1:b6:7f:dc:9e:75:35:64:d5:f7:ed:22:ef:09:
         b9:41:36:c5:23:b2:af:32:19:74:2f:ee:25:de:8c:cf:8a:42:
         73:c5:e4:bf:86:b4:9e:ae:6d:e6:bf:e4:86:bb:d7:7f:dc:01:
         75:79:b8:f6:3a:1e:6d:0c:0f:a5:c1:63:3d:95:61:46:5e:a6:
         3e:09:69:26:22:a2:fe:b6:2d:0f:00:18:da:c7:53:ea:64:da:
         f7:62:e0:e5:06:cf:43:97:f8:c7:61:6e:ee:a3:f0:d6:7e:53:
         07:bd:60:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGE3xy3zjMDd08YfyEWLjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUwNzAxMTMwMDU1WhcNMjUwNzAyMTMwMDU1WjAzMTEwLwYDVQQD
EygzZDZiNzBmMTJhOTg2YjUzZWNlNjdiMTZiNDE3YzMxZDAwOTExZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmySqH/Zc+ECOw+3z3BXa154LwRKT
f7haziGbPcz/vhyPcVH56ZGcBesdU898PJg4SD6uYxQHiZf65P02FOSehzXEocRa
NlEIsc1bKWBSlavZIr34LIULzJr7t/icyUxKffDNIrW2zPO1D+iTgRGdPAwkdKLs
OJuO6YJuW2O6JMzQuE6JSDxrX80YiZbgM0eDvcCIu1/1CxD9CO4UUG5sfAqVqaki
/kVme4F8sXHgy3QxZuekKm24kWI0ZcHBYWRSl+Yj7Er9GlYZVPVo7y5lkvhsNQMw
Zd/kvfm3PlBQwpxBPmfUILb2LfUpxteCG5pDmsA7nZA9IsRpM6tQ4ZMvZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1rcPEqmGtT7OZ7FrQXwx0AkR56MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA5NsSPj
eLnsHkmHG11nCunv2ePA5/EGIFqqMK6guQM0SMAhefXRx/WYjWAnkuyAJthGIeKY
6Pyiw8q7/zt8/blLK4r+4o2ve99nozzPvh6HH88wkPKXWZvp+kPoviFh4RNftjoU
46LCEA8I5Q+hDT7Yj2j20zdHJtYYTswZLkD0QMT0DOpiTxyRzYBvHyIDpZIIcOG2
f9yedTVk1fftIu8JuUE2xSOyrzIZdC/uJd6Mz4pCc8Xkv4a0nq5t5r/khrvXf9wB
dXm49joebQwPpcFjPZVhRl6mPglpJiKi/rYtDwAY2sdT6mTa92Lg5QbPQ5f4x2Fu
7qPw1n5TB71gmQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:57:27 2025 by rpki-client