Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
File:                     kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft (raw, json)
Hash identifier:          y2TFKPtMz9MV529YEq4Rhz0QK2DID110f8CDTAeazx8=
Subject key identifier:   3C:B4:1D:10:A8:D7:96:40:0C:5D:A6:BE:C4:23:2E:8D:6E:31:19:D9
Authority key identifier: 91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4
Certificate issuer:       /CN=913836859c6ce1869340edf1f273709b8094d9d4
Certificate serial:       019764DF4C567562BA0F6E497F692EC3DDC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
Manifest number:          14F2
Signing time:             Thu 12 Jun 2025 16:00:45 +0000
Manifest this update:     Thu 12 Jun 2025 16:00:45 +0000
Manifest next update:     Fri 13 Jun 2025 16:00:45 +0000
Files and hashes:         1: i0znYyDIsk78QzCDDCTg60lK9ig.roa (hash: aeDo1wq5VczgcfrDX0J+4eB6IcjwVsRwiJM6vkXROSk=)
                          2: kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl (hash: eiI40EvYPBE+9M9ubXs5RyS6GnV2TYQuwdPYQPB956M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:df:4c:56:75:62:ba:0f:6e:49:7f:69:2e:c3:dd:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913836859c6ce1869340edf1f273709b8094d9d4
        Validity
            Not Before: Jun 12 16:00:45 2025 GMT
            Not After : Jun 13 16:00:45 2025 GMT
        Subject: CN=3cb41d10a8d796400c5da6bec4232e8d6e3119d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:24:04:fe:11:4b:d1:7b:80:ff:86:89:91:e6:
                    26:23:fb:83:90:66:54:76:ba:e4:82:36:6d:8c:52:
                    35:2e:fc:18:82:5a:71:39:cf:a2:a3:b1:9b:e9:b8:
                    fc:39:14:1e:74:ca:ff:6c:15:90:ef:52:8d:fa:c4:
                    99:a1:1e:94:e0:c1:eb:f2:53:ed:11:9b:97:c6:73:
                    15:23:9a:b0:a4:44:28:83:f3:29:b4:99:80:6f:49:
                    c4:30:b0:f8:7f:0f:e6:7b:d0:d7:16:43:39:3b:de:
                    18:a4:b3:88:48:a9:dc:70:f3:d1:9c:eb:d7:2c:2c:
                    c5:9d:9c:0a:ad:ca:d5:c8:e9:f6:04:b7:a4:65:7b:
                    14:77:e8:22:83:6c:80:dd:0d:2a:41:7d:81:57:75:
                    77:7e:0a:03:61:db:e2:69:de:71:28:16:0f:09:dd:
                    2b:dc:1c:2c:1b:5e:40:0c:61:66:fa:13:df:7f:90:
                    72:70:08:ed:70:45:5d:3b:d5:2b:0b:d8:08:ce:09:
                    af:13:9f:85:e4:56:ad:f0:df:8e:95:53:f9:a1:5b:
                    2b:7a:3b:47:4f:17:73:5d:e2:01:92:65:7d:34:d2:
                    49:e9:d0:6d:18:5e:2a:a7:65:f6:75:6c:b2:f4:ae:
                    76:b9:d7:11:2a:a3:7e:4d:a0:d2:d7:18:8d:0f:7b:
                    c3:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:B4:1D:10:A8:D7:96:40:0C:5D:A6:BE:C4:23:2E:8D:6E:31:19:D9
            X509v3 Authority Key Identifier:
                keyid:91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f8:4f:c5:d1:4a:8b:fa:23:7f:da:8a:4d:b5:93:7b:72:64:
         cc:41:58:00:33:b6:8c:bf:0d:78:35:a9:05:6a:38:08:d2:2d:
         0f:e1:24:4e:98:08:7e:b4:bc:dd:8c:da:e4:75:ff:10:a5:73:
         89:c4:03:6e:5a:7e:8d:82:24:db:e9:2f:2c:21:5b:5e:3e:04:
         0c:c7:02:60:e3:ed:cc:ef:1f:02:0a:08:48:c4:4d:d1:ad:00:
         ac:60:f5:e8:4d:46:09:dd:90:20:bb:f9:eb:16:78:4c:ea:b5:
         70:27:3c:4b:15:88:cf:02:d1:25:28:60:8b:ea:1c:aa:5c:9a:
         19:4d:7d:61:31:be:c3:48:cc:08:00:2f:df:e2:60:a0:7e:24:
         ad:97:95:8d:08:33:ca:c2:c7:39:79:bc:e6:75:bb:f7:e0:bb:
         28:30:ff:2c:32:3d:2c:0a:09:31:9c:2e:87:f5:5c:44:fa:3b:
         85:16:0d:e4:97:0f:58:80:2e:63:3b:4c:f3:08:c3:70:1d:c0:
         25:6f:56:1d:f0:9e:08:c2:37:9c:46:99:19:40:a4:81:2d:12:
         4e:ef:82:a2:a5:0d:db:36:6b:f4:0c:7f:9f:19:b7:56:f0:61:
         e6:92:69:8b:ad:1a:c0:9a:d3:c2:20:7d:41:9f:27:11:2f:7e:
         09:ed:dc:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk30xWdWK6D25Jf2kuw93HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgzNjg1OWM2Y2UxODY5MzQwZWRmMWYyNzM3MDliODA5
NGQ5ZDQwHhcNMjUwNjEyMTYwMDQ1WhcNMjUwNjEzMTYwMDQ1WjAzMTEwLwYDVQQD
EygzY2I0MWQxMGE4ZDc5NjQwMGM1ZGE2YmVjNDIzMmU4ZDZlMzExOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CQE/hFL0XuA/4aJkeYmI/uDkGZU
drrkgjZtjFI1LvwYglpxOc+io7Gb6bj8ORQedMr/bBWQ71KN+sSZoR6U4MHr8lPt
EZuXxnMVI5qwpEQog/MptJmAb0nEMLD4fw/me9DXFkM5O94YpLOISKnccPPRnOvX
LCzFnZwKrcrVyOn2BLekZXsUd+gig2yA3Q0qQX2BV3V3fgoDYdviad5xKBYPCd0r
3BwsG15ADGFm+hPff5BycAjtcEVdO9UrC9gIzgmvE5+F5Fat8N+OlVP5oVsrejtH
TxdzXeIBkmV9NNJJ6dBtGF4qp2X2dWyy9K52udcRKqN+TaDS1xiND3vDmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDy0HRCo15ZADF2mvsQjLo1uMRnZMB8GA1UdIwQY
MBaAFJE4NoWcbOGGk0Dt8fJzcJuAlNnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2Et
NTI3YWM1NGMyMzU3LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2EtNTI3YWM1NGMyMzU3
LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPhPxdFK
i/ojf9qKTbWTe3JkzEFYADO2jL8NeDWpBWo4CNItD+EkTpgIfrS83Yza5HX/EKVz
icQDblp+jYIk2+kvLCFbXj4EDMcCYOPtzO8fAgoISMRN0a0ArGD16E1GCd2QILv5
6xZ4TOq1cCc8SxWIzwLRJShgi+ocqlyaGU19YTG+w0jMCAAv3+JgoH4krZeVjQgz
ysLHOXm85nW79+C7KDD/LDI9LAoJMZwuh/VcRPo7hRYN5JcPWIAuYztM8wjDcB3A
JW9WHfCeCMI3nEaZGUCkgS0STu+CoqUN2zZr9Ax/nxm3VvBh5pJpi60awJrTwiB9
QZ8nES9+Ce3cow==
-----END CERTIFICATE-----
Generated at Fri Jun 13 00:02:10 2025 by rpki-client