Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          52BKy34sht5Ty7LASh1Yk41WiKs1u0jMLaPrGYgpEHI=
Subject key identifier:   EB:5E:F9:1E:11:28:ED:49:E7:09:3B:0C:41:F5:48:58:38:BF:7C:D8
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       0196CCF4322F248368E0C5B18CAFECA1863F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          153A
Signing time:             Wed 14 May 2025 04:01:17 +0000
Manifest this update:     Wed 14 May 2025 04:01:17 +0000
Manifest next update:     Thu 15 May 2025 04:01:17 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: KO4YaGiBQMqaAPAsLqXyVbyOtgiZFaUGiE2ZUstMwN8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 04:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cc:f4:32:2f:24:83:68:e0:c5:b1:8c:af:ec:a1:86:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: May 14 04:01:17 2025 GMT
            Not After : May 15 04:01:17 2025 GMT
        Subject: CN=eb5ef91e1128ed49e7093b0c41f5485838bf7cd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d8:8e:94:96:2b:e2:bd:ea:d6:fa:31:42:9a:
                    99:3c:95:ac:9f:18:07:cc:2b:b6:f8:6d:82:69:36:
                    53:4d:a3:2f:b7:a5:1a:28:c1:f1:a3:a3:0a:07:08:
                    9c:5d:51:e0:b2:98:dc:4e:5d:42:3e:94:8d:a3:f6:
                    8a:93:2d:22:a2:00:8e:20:af:f6:62:96:95:89:42:
                    e2:ea:ab:c3:5f:d1:1a:a1:c8:27:cd:fc:65:ca:a5:
                    f2:05:eb:92:fa:4d:04:8c:6e:b7:98:85:77:af:7b:
                    b8:e5:03:52:c9:44:c9:bb:70:9e:84:af:e5:c4:9c:
                    43:ac:7d:ad:2c:a9:d8:b7:00:08:4a:24:0d:4b:f5:
                    6b:28:dc:88:37:96:a3:d9:fe:b9:42:0b:87:53:9b:
                    39:b7:6d:16:1e:a6:79:43:5a:9d:c3:89:87:4a:04:
                    08:59:b0:3f:07:99:33:8e:03:12:78:f7:4c:d8:10:
                    63:f2:8f:13:90:89:c7:52:9e:95:88:f5:d9:43:59:
                    d5:f2:e3:b7:3e:94:d6:8c:5d:34:25:78:27:6d:55:
                    14:5f:45:f3:db:8a:a5:0a:ff:93:b6:ab:7b:d2:5c:
                    da:0b:6f:a1:ab:0e:16:18:b4:e0:7f:f8:d2:2d:99:
                    94:b1:78:72:1c:4d:ff:d3:5e:7b:7c:b6:82:8d:4a:
                    8b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:5E:F9:1E:11:28:ED:49:E7:09:3B:0C:41:F5:48:58:38:BF:7C:D8
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:b1:32:b4:d4:83:db:ff:56:a7:80:92:ef:88:17:ef:10:2d:
         99:98:a5:f8:ed:69:c6:05:83:11:a9:f7:76:c3:f4:74:6a:1c:
         9b:44:e6:15:b5:61:4b:49:78:9f:41:08:df:17:78:25:ef:e8:
         58:79:c7:e5:d6:b0:46:73:4a:69:31:85:ea:33:a0:2a:ff:31:
         41:89:e1:21:ba:aa:4b:29:cd:38:60:3d:3c:a0:d8:52:1e:ba:
         20:ae:fa:bd:cb:42:98:56:fa:0f:b5:e3:90:bf:24:fe:a6:9c:
         97:03:88:b9:ab:cc:f2:99:40:40:db:80:fc:ec:ff:e3:0b:b1:
         21:2a:c8:25:bc:c7:f0:0f:60:7d:72:b1:dc:2b:31:da:08:be:
         bc:a8:19:21:b0:f8:6e:c3:18:26:8c:d1:46:55:26:55:e4:11:
         ba:af:9c:ec:6a:dd:6f:15:c2:a3:d8:4d:9d:4d:4d:5c:69:f6:
         6d:b3:0b:e5:0c:7e:3e:05:02:03:f9:83:b7:2a:d5:39:7a:df:
         b7:59:b3:e8:51:97:a1:26:26:29:b6:a4:c1:8a:f5:98:ac:f3:
         f7:3d:f6:f1:ac:d0:6b:27:52:34:e7:d8:71:5e:ee:a8:e9:3d:
         e5:40:69:b0:3e:3d:42:46:fc:26:62:ea:aa:40:34:78:63:cd:
         20:34:d5:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbM9DIvJINo4MWxjK/soYY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwNTE0MDQwMTE3WhcNMjUwNTE1MDQwMTE3WjAzMTEwLwYDVQQD
EyhlYjVlZjkxZTExMjhlZDQ5ZTcwOTNiMGM0MWY1NDg1ODM4YmY3Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptiOlJYr4r3q1voxQpqZPJWsnxgH
zCu2+G2CaTZTTaMvt6UaKMHxo6MKBwicXVHgspjcTl1CPpSNo/aKky0iogCOIK/2
YpaViULi6qvDX9EaocgnzfxlyqXyBeuS+k0EjG63mIV3r3u45QNSyUTJu3CehK/l
xJxDrH2tLKnYtwAISiQNS/VrKNyIN5aj2f65QguHU5s5t20WHqZ5Q1qdw4mHSgQI
WbA/B5kzjgMSePdM2BBj8o8TkInHUp6ViPXZQ1nV8uO3PpTWjF00JXgnbVUUX0Xz
24qlCv+Ttqt70lzaC2+hqw4WGLTgf/jSLZmUsXhyHE3/0157fLaCjUqLFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOte+R4RKO1J5wk7DEH1SFg4v3zYMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLEytNSD
2/9Wp4CS74gX7xAtmZil+O1pxgWDEan3dsP0dGocm0TmFbVhS0l4n0EI3xd4Je/o
WHnH5dawRnNKaTGF6jOgKv8xQYnhIbqqSynNOGA9PKDYUh66IK76vctCmFb6D7Xj
kL8k/qaclwOIuavM8plAQNuA/Oz/4wuxISrIJbzH8A9gfXKx3Csx2gi+vKgZIbD4
bsMYJozRRlUmVeQRuq+c7GrdbxXCo9hNnU1NXGn2bbML5Qx+PgUCA/mDtyrVOXrf
t1mz6FGXoSYmKbakwYr1mKzz9z328azQaydSNOfYcV7uqOk95UBpsD49Qkb8JmLq
qkA0eGPNIDTVqw==
-----END CERTIFICATE-----