Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
File:                     0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft (raw, json)
Hash identifier:          REDDndwC5PUt0+Cyl7yhpFAVy1cq7Prr+Gg85443q2E=
Subject key identifier:   6F:F6:7A:6B:9A:B5:61:43:6A:25:67:60:2A:CA:BD:23:E0:F4:82:EA
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       3041D13D027DCE2A2B3241E244318FD08AFA923F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
Manifest number:          0447
Signing time:             Sun 31 Aug 2025 14:44:47 +0000
Manifest this update:     Sun 31 Aug 2025 14:39:47 +0000
Manifest next update:     Mon 01 Sep 2025 16:46:47 +0000
Files and hashes:         1: 0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl (hash: 5O71tMwl6fZ/pytLhTnHczo1ouzprg+nI9uWVYRggdY=)
                          2: AS50555.asa (hash: LjdwvWRESIW+xX7gFaEDRAOSkbJXZ8dRIBmfTXSbc1w=)
Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 01 Sep 2025 13:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:41:d1:3d:02:7d:ce:2a:2b:32:41:e2:44:31:8f:d0:8a:fa:92:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Aug 31 14:39:47 2025 GMT
            Not After : Sep  1 16:46:47 2025 GMT
        Subject: CN=6FF67A6B9AB561436A2567602ACABD23E0F482EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d2:e9:05:0b:3f:ae:3e:76:52:c7:1e:3d:cb:
                    51:16:ff:79:b4:7a:b0:48:d4:6a:f5:90:10:26:23:
                    36:c5:52:41:92:9e:df:d3:0b:ed:ea:54:ac:82:45:
                    23:f2:5d:6b:37:14:af:79:e1:9e:31:5e:09:45:51:
                    28:9d:14:7f:85:55:1e:e0:20:1e:22:2b:74:a7:ab:
                    70:10:5d:6b:62:c9:1c:61:d5:6f:cb:11:54:f2:4a:
                    0b:4e:9f:23:e9:4a:9b:7d:a6:f8:6f:0d:80:05:d5:
                    6c:82:28:89:e7:a9:45:c4:62:b6:e2:98:eb:c3:74:
                    c8:fe:3e:87:f7:ee:d5:49:23:ec:27:1c:33:76:88:
                    bc:57:53:0a:08:83:00:f7:b6:a6:8f:af:b9:c9:1a:
                    4e:1a:a8:6f:66:be:68:bf:98:e2:5c:81:e2:70:0b:
                    28:05:99:9d:5c:88:da:3c:aa:0d:ba:d5:54:1d:07:
                    d3:6a:a3:77:c0:92:b3:d1:8b:26:60:11:6a:b3:31:
                    24:75:a0:1a:3f:e1:e4:26:4f:42:0e:e8:77:41:e8:
                    ba:49:00:77:ba:91:9d:98:bd:c7:77:dc:88:f4:b6:
                    61:d6:8a:d3:8b:37:a8:57:fd:c0:0f:00:92:ce:44:
                    b5:2e:89:26:28:b8:7f:33:b0:57:20:a4:54:f9:95:
                    92:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:F6:7A:6B:9A:B5:61:43:6A:25:67:60:2A:CA:BD:23:E0:F4:82:EA
            X509v3 Authority Key Identifier:
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:ad:6b:57:73:83:03:17:0f:43:bf:32:69:c3:ba:c9:00:52:
         77:de:33:c5:49:70:06:7c:e2:7c:eb:c7:f6:f0:3b:07:db:21:
         8b:0d:da:16:06:80:51:c1:0d:92:1c:f0:52:58:2e:7f:e9:60:
         d3:51:d9:be:90:3f:df:69:16:d4:fa:24:56:d1:45:72:84:53:
         bd:cb:ae:36:82:ae:40:08:cf:76:73:da:b5:f7:79:8d:4e:f9:
         5c:81:b0:14:eb:2e:c7:90:8d:af:f7:24:e7:3a:b8:eb:e0:e3:
         49:d8:cc:53:cc:b0:47:eb:f9:7b:20:7c:29:37:10:ae:38:25:
         bb:a5:75:c0:fd:53:47:4d:70:ea:a1:d3:51:4b:7f:8a:e3:12:
         ba:93:de:44:e2:59:d4:a8:94:5b:04:c9:1b:da:80:63:3c:bd:
         df:62:c1:c7:e9:a3:44:40:bd:c4:2e:23:e4:72:02:9a:4c:80:
         fb:b1:9a:f4:75:88:9b:76:11:6c:2d:a6:14:46:a7:7f:2f:3a:
         b1:f4:34:69:b4:c9:cf:57:3b:1b:44:3a:16:d6:a1:74:4d:6c:
         37:06:84:91:7c:a4:2b:92:92:ea:ad:3d:e9:30:0e:2a:ee:24:
         ea:12:83:1c:e7:7c:c9:1c:a8:48:26:b6:92:a3:11:5e:95:b6:
         f3:bc:41:76
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUMEHRPQJ9ziorMkHiRDGP0Ir6kj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yNTA4MzExNDM5NDdaFw0yNTA5MDExNjQ2NDdaMDMxMTAvBgNV
BAMTKDZGRjY3QTZCOUFCNTYxNDM2QTI1Njc2MDJBQ0FCRDIzRTBGNDgyRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20ukFCz+uPnZSxx49y1EW/3m0
erBI1Gr1kBAmIzbFUkGSnt/TC+3qVKyCRSPyXWs3FK954Z4xXglFUSidFH+FVR7g
IB4iK3Snq3AQXWtiyRxh1W/LEVTySgtOnyPpSpt9pvhvDYAF1WyCKInnqUXEYrbi
mOvDdMj+Pof37tVJI+wnHDN2iLxXUwoIgwD3tqaPr7nJGk4aqG9mvmi/mOJcgeJw
CygFmZ1ciNo8qg261VQdB9Nqo3fAkrPRiyZgEWqzMSR1oBo/4eQmT0IO6HdB6LpJ
AHe6kZ2Yvcd33Ij0tmHWitOLN6hX/cAPAJLORLUuiSYouH8zsFcgpFT5lZK3AgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUb/Z6a5q1YUNqJWdgKsq9I+D0guowHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC8wRDEwRThB
NzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1MjMyLm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfq1r
V3ODAxcPQ78yacO6yQBSd94zxUlwBnzifOvH9vA7B9shiw3aFgaAUcENkhzwUlgu
f+lg01HZvpA/32kW1PokVtFFcoRTvcuuNoKuQAjPdnPatfd5jU75XIGwFOsux5CN
r/ck5zq46+DjSdjMU8ywR+v5eyB8KTcQrjglu6V1wP1TR01w6qHTUUt/iuMSupPe
ROJZ1KiUWwTJG9qAYzy932LBx+mjREC9xC4j5HICmkyA+7Ga9HWIm3YRbC2mFEan
fy86sfQ0abTJz1c7G0Q6FtahdE1sNwaEkXykK5KS6q096TAOKu4k6hKDHOd8yRyo
SCa2kqMRXpW287xBdg==
-----END CERTIFICATE-----