Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
File:                     kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json)
Hash identifier:          AJA1ulyAmD7hRTOmhibWKVz1I/Yo1FQ419XFlmoPY/8=
Subject key identifier:   9D:BB:72:23:9B:01:F6:55:3A:61:17:A3:27:29:A9:2B:37:BE:1C:AF
Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63
Certificate issuer:       /CN=90d44d04a2aa8586ee94c7a33536c36816ada163
Certificate serial:       0197B6A0742EA0DA87E912573A5A426F220F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:58 +0000
Files and hashes:         1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: RPPPDA1tZEIx93CShTUb/CKJPHwBhfVkHj5V9gM/ag4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:74:2e:a0:da:87:e9:12:57:3a:5a:42:6f:22:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163
        Validity
            Not Before: Jun 28 13:00:58 2025 GMT
            Not After : Jun 29 13:00:58 2025 GMT
        Subject: CN=9dbb72239b01f6553a6117a32729a92b37be1caf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:71:4c:8c:41:2d:bd:0e:08:c0:32:10:1d:8a:
                    78:99:d6:43:1a:ae:d5:cb:46:cf:5a:dd:0b:c5:85:
                    23:16:1e:9d:c8:d4:a1:f9:a4:a9:e9:33:25:88:78:
                    8a:7a:32:47:83:03:b7:c8:e5:b9:ef:90:36:3b:7b:
                    c6:54:c9:11:25:17:80:dc:df:fd:37:b4:83:e2:09:
                    ff:90:bc:e6:40:e5:0e:7b:a1:5f:ab:fa:ae:81:01:
                    5e:1d:17:27:16:49:40:09:b8:ba:24:42:1c:44:7e:
                    d9:fc:10:03:4f:09:ef:49:48:cf:14:a3:2b:9e:24:
                    dd:ae:78:9d:69:c7:25:cc:4d:22:9d:31:01:af:96:
                    17:4c:e4:66:29:67:d7:ec:28:9e:96:81:58:89:c3:
                    d2:c2:ee:13:d5:e1:3b:c4:fb:84:9f:60:53:dc:66:
                    ea:59:0a:7e:63:bd:41:9a:ac:70:1c:d6:5a:fc:c4:
                    42:e4:9d:47:1a:32:35:a5:0d:6f:ba:c2:b6:c0:16:
                    ad:fe:aa:f2:41:83:ff:2b:f3:a1:d0:a5:77:15:18:
                    bc:95:2f:a0:49:dc:52:95:68:88:a0:90:1e:10:c0:
                    a7:5d:1a:e8:ad:f3:26:90:22:5b:6d:02:b8:39:0e:
                    c0:19:88:bc:a7:c9:06:39:9b:29:4f:dc:7d:a0:aa:
                    88:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:BB:72:23:9B:01:F6:55:3A:61:17:A3:27:29:A9:2B:37:BE:1C:AF
            X509v3 Authority Key Identifier:
                keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:f6:1e:6a:6a:ef:47:c9:16:e8:f1:7f:9f:6b:57:6b:75:a3:
         3c:37:10:ad:b9:64:25:0d:32:7e:be:4b:f6:0f:e5:e1:43:59:
         0a:e1:0d:3f:cb:26:2f:e4:50:09:ed:af:30:f3:ff:23:1d:94:
         37:d3:63:6b:8e:70:ad:2f:59:5f:71:76:0c:87:1b:47:a0:93:
         07:8b:5c:2c:94:94:f7:74:17:7d:d2:f1:30:a1:aa:27:9d:e4:
         3d:34:a3:b4:d8:a5:cb:23:98:d6:89:89:35:fa:5c:6f:23:dc:
         35:81:5e:55:d0:1c:8f:df:b0:46:2e:06:dd:7b:60:c6:71:7d:
         1c:a8:f6:57:7b:9d:fc:ad:31:66:9f:2a:c1:bd:9b:e5:dd:5e:
         43:65:4b:c4:29:15:95:c3:c5:dd:f4:a2:10:94:0e:fe:da:85:
         c7:f6:56:48:e6:7c:57:4f:1f:9a:4e:95:1c:ad:65:fa:bb:7f:
         2d:a2:4e:93:1b:bf:ce:63:c9:68:39:c5:fc:bb:71:2c:78:5c:
         55:27:57:84:b3:e0:3c:6d:ea:a1:8f:27:96:12:a3:bb:f1:18:
         42:87:fb:6e:fe:0f:fe:fc:e1:dd:bf:f9:55:23:e3:21:00:f8:
         ea:b5:77:d1:84:8f:1b:e4:9f:2c:2a:76:3e:46:38:c9:26:83:
         9b:3f:76:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oHQuoNqH6RJXOlpCbyIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh
ZGExNjMwHhcNMjUwNjI4MTMwMDU4WhcNMjUwNjI5MTMwMDU4WjAzMTEwLwYDVQQD
Eyg5ZGJiNzIyMzliMDFmNjU1M2E2MTE3YTMyNzI5YTkyYjM3YmUxY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunFMjEEtvQ4IwDIQHYp4mdZDGq7V
y0bPWt0LxYUjFh6dyNSh+aSp6TMliHiKejJHgwO3yOW575A2O3vGVMkRJReA3N/9
N7SD4gn/kLzmQOUOe6Ffq/qugQFeHRcnFklACbi6JEIcRH7Z/BADTwnvSUjPFKMr
niTdrnidacclzE0inTEBr5YXTORmKWfX7CieloFYicPSwu4T1eE7xPuEn2BT3Gbq
WQp+Y71BmqxwHNZa/MRC5J1HGjI1pQ1vusK2wBat/qryQYP/K/Oh0KV3FRi8lS+g
SdxSlWiIoJAeEMCnXRrorfMmkCJbbQK4OQ7AGYi8p8kGOZspT9x9oKqI8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ27ciObAfZVOmEXoycpqSs3vhyvMB8GA1UdIwQY
MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt
NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5
LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs/Yeamrv
R8kW6PF/n2tXa3WjPDcQrblkJQ0yfr5L9g/l4UNZCuENP8smL+RQCe2vMPP/Ix2U
N9Nja45wrS9ZX3F2DIcbR6CTB4tcLJSU93QXfdLxMKGqJ53kPTSjtNilyyOY1omJ
NfpcbyPcNYFeVdAcj9+wRi4G3XtgxnF9HKj2V3ud/K0xZp8qwb2b5d1eQ2VLxCkV
lcPF3fSiEJQO/tqFx/ZWSOZ8V08fmk6VHK1l+rt/LaJOkxu/zmPJaDnF/LtxLHhc
VSdXhLPgPG3qoY8nlhKju/EYQof7bv4P/vzh3b/5VSPjIQD46rV30YSPG+SfLCp2
PkY4ySaDmz92mQ==
-----END CERTIFICATE-----