Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
File:                     kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft (raw, json)
Hash identifier:          FuiCKUYY01cAeGoG9qCLIF6xXmXAZb+Fh7VQwS17Ai4=
Subject key identifier:   BB:CF:60:8A:FC:98:A4:09:11:AD:42:FC:40:BD:6E:C2:C2:31:29:9C
Authority key identifier: 91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4
Certificate issuer:       /CN=913836859c6ce1869340edf1f273709b8094d9d4
Certificate serial:       019766CD5876F0363CEBA4937ABEE84E28EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
Manifest number:          14F3
Signing time:             Fri 13 Jun 2025 01:00:22 +0000
Manifest this update:     Fri 13 Jun 2025 01:00:22 +0000
Manifest next update:     Sat 14 Jun 2025 01:00:22 +0000
Files and hashes:         1: i0znYyDIsk78QzCDDCTg60lK9ig.roa (hash: aeDo1wq5VczgcfrDX0J+4eB6IcjwVsRwiJM6vkXROSk=)
                          2: kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl (hash: nXcAapQtkFgOKVHi0qXY4+c0wijMBkXQirPFNQHGDWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:cd:58:76:f0:36:3c:eb:a4:93:7a:be:e8:4e:28:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913836859c6ce1869340edf1f273709b8094d9d4
        Validity
            Not Before: Jun 13 01:00:22 2025 GMT
            Not After : Jun 14 01:00:22 2025 GMT
        Subject: CN=bbcf608afc98a40911ad42fc40bd6ec2c231299c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:1b:2c:46:7e:22:66:eb:09:e4:0f:06:b4:e6:
                    a6:2b:ed:69:b2:2b:9f:7b:88:b2:7a:33:00:54:30:
                    19:9f:56:8f:f1:17:19:5c:ed:d1:3f:51:ee:87:a3:
                    d9:3d:5f:fe:14:00:25:75:2d:60:22:18:49:72:37:
                    c0:81:b2:19:09:b6:77:29:86:52:05:61:f7:3b:68:
                    a4:71:4b:a0:54:74:be:a9:43:68:f0:f8:08:89:0d:
                    22:be:49:ff:82:ac:59:20:e4:c5:f8:77:ae:cc:c1:
                    26:a3:67:e4:3d:54:9c:dc:5c:37:c3:7d:19:96:46:
                    c9:83:ed:90:33:81:8d:9d:ab:87:14:41:6c:04:de:
                    ee:80:0d:7a:9a:3e:88:66:a2:bc:42:19:b0:b7:72:
                    31:37:ac:bf:0b:83:c1:3a:f9:84:01:f0:d7:76:92:
                    cd:9e:14:8c:6a:01:71:07:54:0b:1d:e4:31:53:62:
                    fd:8f:bc:be:b5:cc:7c:72:2f:46:67:b2:3c:7c:cb:
                    82:ef:a6:70:6a:24:79:b2:cc:79:9f:56:c7:9c:a0:
                    fb:76:a6:62:39:70:49:db:de:b2:95:62:3d:5d:45:
                    a5:84:f9:c1:e8:14:56:f5:97:4f:ea:dd:5f:88:19:
                    a2:5f:09:97:da:06:2e:27:61:96:38:79:73:66:8b:
                    85:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:CF:60:8A:FC:98:A4:09:11:AD:42:FC:40:BD:6E:C2:C2:31:29:9C
            X509v3 Authority Key Identifier:
                keyid:91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:78:9b:4f:01:2a:7a:f8:60:02:4c:f0:ee:26:00:6c:25:b9:
         44:16:a7:f5:0b:aa:c6:f4:64:3f:c1:6c:18:c4:a5:c9:8e:8e:
         2d:c7:6b:54:3e:f2:0c:7a:ee:74:3c:e9:02:a1:b9:b3:d8:89:
         0e:20:21:1a:48:28:9e:93:82:c8:ca:df:a9:0a:2d:e5:9f:b1:
         05:e1:ef:47:ca:fb:e3:7e:c5:90:ac:39:0a:9f:69:07:13:7a:
         30:df:8b:a7:c4:6b:74:78:37:32:73:ed:6c:4a:dd:f3:71:7f:
         6d:8d:66:32:35:76:73:dc:fb:86:5f:04:bc:98:60:c1:38:22:
         e5:eb:b7:31:60:5b:8b:9f:41:90:15:c4:42:40:0c:9c:b1:28:
         d1:a3:65:2a:b1:11:dd:31:71:36:66:81:f4:c3:c2:74:f5:1e:
         33:cf:f7:51:0d:cd:5e:46:01:60:09:e2:13:d2:f6:e1:4c:ba:
         da:c3:d9:e0:e5:ed:6d:6a:9a:7e:60:16:a0:b8:1f:62:19:a4:
         ca:a5:f6:05:b6:00:67:75:ce:15:2b:21:dc:81:21:33:cb:81:
         bf:5f:1b:28:23:9b:a8:e5:5e:a2:93:08:10:df:60:8d:8d:d1:
         8b:fe:7d:84:23:57:b0:10:ce:6e:a4:24:f2:11:ec:f4:9a:9e:
         23:b3:7c:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmzVh28DY866STer7oTijqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgzNjg1OWM2Y2UxODY5MzQwZWRmMWYyNzM3MDliODA5
NGQ5ZDQwHhcNMjUwNjEzMDEwMDIyWhcNMjUwNjE0MDEwMDIyWjAzMTEwLwYDVQQD
EyhiYmNmNjA4YWZjOThhNDA5MTFhZDQyZmM0MGJkNmVjMmMyMzEyOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixssRn4iZusJ5A8GtOamK+1psiuf
e4iyejMAVDAZn1aP8RcZXO3RP1Huh6PZPV/+FAAldS1gIhhJcjfAgbIZCbZ3KYZS
BWH3O2ikcUugVHS+qUNo8PgIiQ0ivkn/gqxZIOTF+HeuzMEmo2fkPVSc3Fw3w30Z
lkbJg+2QM4GNnauHFEFsBN7ugA16mj6IZqK8Qhmwt3IxN6y/C4PBOvmEAfDXdpLN
nhSMagFxB1QLHeQxU2L9j7y+tcx8ci9GZ7I8fMuC76ZwaiR5ssx5n1bHnKD7dqZi
OXBJ296ylWI9XUWlhPnB6BRW9ZdP6t1fiBmiXwmX2gYuJ2GWOHlzZouFQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvPYIr8mKQJEa1C/EC9bsLCMSmcMB8GA1UdIwQY
MBaAFJE4NoWcbOGGk0Dt8fJzcJuAlNnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2Et
NTI3YWM1NGMyMzU3LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2EtNTI3YWM1NGMyMzU3
LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj3ibTwEq
evhgAkzw7iYAbCW5RBan9QuqxvRkP8FsGMSlyY6OLcdrVD7yDHrudDzpAqG5s9iJ
DiAhGkgonpOCyMrfqQot5Z+xBeHvR8r7437FkKw5Cp9pBxN6MN+Lp8RrdHg3MnPt
bErd83F/bY1mMjV2c9z7hl8EvJhgwTgi5eu3MWBbi59BkBXEQkAMnLEo0aNlKrER
3TFxNmaB9MPCdPUeM8/3UQ3NXkYBYAniE9L24Uy62sPZ4OXtbWqafmAWoLgfYhmk
yqX2BbYAZ3XOFSsh3IEhM8uBv18bKCObqOVeopMIEN9gjY3Ri/59hCNXsBDObqQk
8hHs9JqeI7N8gg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:00:18 2025 by rpki-client