Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          yX97pD/3o+geIkkaOsexjcyB6E6lt4XL1/FiSuYBCmE=
Subject key identifier:   D9:DA:A2:C2:DC:04:5D:D1:5E:22:9F:7E:07:3C:E2:7D:D4:73:1B:A0
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       0198D65F7D8AD8FE26713E8F431B4E86F9AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          0F72
Signing time:             Sat 23 Aug 2025 10:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:38 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: ZF815FOFoX4xxoNKVBVFnu9MY5wO1ZSnC7KoG7GwBm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:7d:8a:d8:fe:26:71:3e:8f:43:1b:4e:86:f9:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Aug 23 10:00:38 2025 GMT
            Not After : Aug 24 10:00:38 2025 GMT
        Subject: CN=d9daa2c2dc045dd15e229f7e073ce27dd4731ba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:da:3b:b1:60:1f:2d:16:11:63:ea:f9:dd:5a:
                    fd:dc:d4:f6:40:dc:83:a4:8d:01:bb:55:9d:d5:3f:
                    15:65:93:5c:cd:12:38:04:0d:98:7c:d5:ac:fe:dc:
                    e9:c4:3f:d5:c5:22:5b:b5:54:41:81:72:e2:ae:b8:
                    e9:74:a1:17:50:5c:80:6e:cb:c2:b5:af:07:3d:8f:
                    9f:99:37:5d:0c:d8:ad:31:b7:e1:7c:69:09:bb:e4:
                    f2:2f:73:ce:1c:d5:b9:5a:05:2b:a6:54:f6:4b:08:
                    8a:6e:a6:95:75:99:fc:43:56:4c:30:52:61:2b:6b:
                    28:30:15:9c:5d:d1:d9:b3:e9:7b:55:eb:4b:ed:cb:
                    a9:81:50:ff:31:33:f0:8e:25:b3:4d:35:38:3d:1a:
                    a6:66:1d:4c:f1:6c:d0:c1:23:57:fc:96:33:ee:e5:
                    a2:c1:29:c1:a5:bf:24:68:cb:4d:99:ff:54:5e:03:
                    65:a6:cf:a7:e2:bc:e0:fe:7c:77:68:f4:7a:37:fd:
                    67:99:06:de:48:cd:42:72:ab:db:f2:4a:66:7f:d2:
                    d7:1e:3b:02:1c:1e:67:be:a9:cf:fb:fa:41:4e:c5:
                    88:dc:b7:3a:f5:bf:f4:a8:78:be:64:c2:58:cf:8c:
                    d5:90:2d:50:4a:d6:1c:11:a0:a4:60:1c:02:88:95:
                    06:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:DA:A2:C2:DC:04:5D:D1:5E:22:9F:7E:07:3C:E2:7D:D4:73:1B:A0
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:39:69:fc:37:e1:09:8e:19:69:00:73:5b:38:b2:3b:a4:bc:
         29:12:62:23:8c:18:01:84:90:e5:cc:4f:e3:23:d9:24:88:59:
         05:68:13:b6:35:dd:e5:2d:2a:27:b5:96:f0:38:23:a2:75:74:
         f6:ef:55:19:ba:bf:ba:cc:e8:92:35:12:de:4a:6f:d2:61:c4:
         67:38:1c:ab:60:4d:48:5f:e5:ec:64:1b:7b:fe:fb:78:12:47:
         ae:41:c5:1f:c5:3c:0f:03:48:c0:05:8f:21:26:83:55:b9:85:
         00:1c:0e:3e:5a:3d:57:22:9c:34:f7:df:72:8c:5e:8a:1c:c4:
         1f:e8:c4:96:4d:ff:ea:ee:bf:61:a0:ca:61:7f:bb:46:bd:3e:
         69:2c:7f:1d:01:2c:b7:2a:63:7e:b2:d4:3a:9b:d7:51:6d:2b:
         49:9a:19:20:9b:c2:8d:2d:4c:eb:33:fd:b6:fe:5c:b8:ba:99:
         5d:e9:b3:01:3d:e2:96:c9:be:be:c7:db:ad:54:37:02:fe:8a:
         9e:7e:af:b8:b7:8d:93:d9:89:9b:b5:98:25:cc:04:52:46:ff:
         63:32:d3:0b:8e:ac:37:41:dd:0e:37:82:19:82:2c:df:1d:0e:
         29:56:88:48:bc:65:44:db:77:1c:a6:e6:c1:da:68:3e:f7:82:
         3c:1b:21:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX32K2P4mcT6PQxtOhvmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjUwODIzMTAwMDM4WhcNMjUwODI0MTAwMDM4WjAzMTEwLwYDVQQD
EyhkOWRhYTJjMmRjMDQ1ZGQxNWUyMjlmN2UwNzNjZTI3ZGQ0NzMxYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdo7sWAfLRYRY+r53Vr93NT2QNyD
pI0Bu1Wd1T8VZZNczRI4BA2YfNWs/tzpxD/VxSJbtVRBgXLirrjpdKEXUFyAbsvC
ta8HPY+fmTddDNitMbfhfGkJu+TyL3POHNW5WgUrplT2SwiKbqaVdZn8Q1ZMMFJh
K2soMBWcXdHZs+l7VetL7cupgVD/MTPwjiWzTTU4PRqmZh1M8WzQwSNX/JYz7uWi
wSnBpb8kaMtNmf9UXgNlps+n4rzg/nx3aPR6N/1nmQbeSM1Ccqvb8kpmf9LXHjsC
HB5nvqnP+/pBTsWI3Lc69b/0qHi+ZMJYz4zVkC1QStYcEaCkYBwCiJUGQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnaosLcBF3RXiKffgc84n3UcxugMB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTlp/Dfh
CY4ZaQBzWziyO6S8KRJiI4wYAYSQ5cxP4yPZJIhZBWgTtjXd5S0qJ7WW8DgjonV0
9u9VGbq/uszokjUS3kpv0mHEZzgcq2BNSF/l7GQbe/77eBJHrkHFH8U8DwNIwAWP
ISaDVbmFABwOPlo9VyKcNPffcoxeihzEH+jElk3/6u6/YaDKYX+7Rr0+aSx/HQEs
typjfrLUOpvXUW0rSZoZIJvCjS1M6zP9tv5cuLqZXemzAT3ilsm+vsfbrVQ3Av6K
nn6vuLeNk9mJm7WYJcwEUkb/YzLTC46sN0HdDjeCGYIs3x0OKVaISLxlRNt3HKbm
wdpoPveCPBsh1g==
-----END CERTIFICATE-----