Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
File:                     kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json)
Hash identifier:          AkPn7/9YEmCucwyH+4aUChY/yZT8YNPOJcRB/YsmO4w=
Subject key identifier:   83:83:7F:E8:DE:61:F2:1F:4A:1D:4B:4E:2C:8B:B2:A4:2C:AE:F8:96
Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94
Certificate issuer:       /CN=91b0c1e076a3469668125b8dd395f304dfa2e794
Certificate serial:       019A71B9114459CBD20A00E01D55187C4986
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
Manifest number:          011B
Signing time:             Tue 11 Nov 2025 07:02:25 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:25 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:25 +0000
Files and hashes:         1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: 32u/u8ENx2ar5y3M1vPxEa5XupR/YoPatt6Tdk2XA+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:11:44:59:cb:d2:0a:00:e0:1d:55:18:7c:49:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794
        Validity
            Not Before: Nov 11 07:02:25 2025 GMT
            Not After : Nov 12 07:02:25 2025 GMT
        Subject: CN=83837fe8de61f21f4a1d4b4e2c8bb2a42caef896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:dd:5f:aa:60:f9:c5:0c:9f:e9:13:bf:f6:f0:
                    7e:66:a0:76:32:cf:18:ee:10:51:67:2d:45:ba:40:
                    c8:a3:18:80:77:15:b2:bd:8f:45:f9:71:82:42:35:
                    48:87:56:3a:ba:2a:3b:0f:1f:a5:32:a6:03:70:67:
                    bb:6a:69:e5:88:9b:df:00:60:b1:77:2b:df:9d:72:
                    77:12:ec:57:f2:c7:14:00:cf:89:53:a1:db:de:e9:
                    46:98:fe:6f:9c:36:df:26:4c:c4:1f:dd:dc:16:5c:
                    d2:e5:c0:13:a7:6a:bd:85:10:50:a5:3f:63:41:67:
                    d0:a5:e7:a4:2f:aa:dc:d9:93:ca:18:a9:4f:32:54:
                    38:de:82:22:fe:45:e1:13:c8:29:b9:41:5b:52:f0:
                    54:a3:19:4f:d9:90:37:04:a5:6a:b2:12:cf:68:b1:
                    50:cc:78:22:17:3a:2d:a1:1b:31:e2:e2:c9:45:7c:
                    74:ba:90:2e:d5:35:14:44:f9:4e:a0:44:86:47:a9:
                    ed:24:3c:72:4d:50:b9:d4:bf:30:c1:4c:c5:76:b8:
                    39:84:95:9f:55:d7:49:6d:93:eb:9e:bd:89:35:58:
                    cc:1a:b2:d6:5a:3c:fd:d9:29:b0:56:41:fc:25:71:
                    61:0c:6f:07:76:3d:05:ba:40:05:0b:c7:52:82:33:
                    18:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:83:7F:E8:DE:61:F2:1F:4A:1D:4B:4E:2C:8B:B2:A4:2C:AE:F8:96
            X509v3 Authority Key Identifier:
                keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fc:f3:1e:45:01:8f:1a:49:0d:d9:eb:75:49:27:0f:6c:9d:
         40:4b:18:9e:f1:91:15:60:52:5a:3d:c0:5f:da:50:90:b9:01:
         53:42:a8:42:23:b0:dd:8d:86:86:9d:3c:d0:34:b9:a3:2d:68:
         5f:f8:ff:32:44:b1:07:23:ab:e8:b6:89:00:19:4a:35:50:cc:
         82:45:b7:aa:14:a1:7f:7e:bd:3d:5d:ec:ca:c5:11:58:d8:0b:
         08:f8:2d:3a:6b:a0:d0:ee:fa:b1:58:59:34:54:fa:05:0f:89:
         60:89:b5:09:17:38:ea:1f:23:da:69:c1:9b:95:56:ec:ac:b6:
         eb:ef:4e:ca:17:38:67:95:ab:40:2c:66:4d:a4:1c:14:44:ae:
         a8:e6:c7:9c:1b:09:e1:76:c5:aa:6a:2a:93:e0:ac:bf:32:c2:
         ec:27:4d:70:fd:d2:73:66:27:12:f0:f6:2b:ba:2c:b8:49:f8:
         d4:de:72:b3:56:75:7f:bd:e4:3b:6f:a1:1a:0f:6a:42:fa:db:
         af:8d:d9:2b:2c:c4:64:de:f5:59:03:ab:a2:29:be:c7:06:75:
         e8:89:fb:d1:5e:fa:23:60:4b:b9:ab:00:44:f3:f2:be:24:95:
         03:b8:cd:ac:cf:52:58:2a:52:9a:7d:99:85:bd:5b:2f:59:8d:
         9b:eb:b8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRFEWcvSCgDgHVUYfEmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh
MmU3OTQwHhcNMjUxMTExMDcwMjI1WhcNMjUxMTEyMDcwMjI1WjAzMTEwLwYDVQQD
Eyg4MzgzN2ZlOGRlNjFmMjFmNGExZDRiNGUyYzhiYjJhNDJjYWVmODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt1fqmD5xQyf6RO/9vB+ZqB2Ms8Y
7hBRZy1FukDIoxiAdxWyvY9F+XGCQjVIh1Y6uio7Dx+lMqYDcGe7amnliJvfAGCx
dyvfnXJ3EuxX8scUAM+JU6Hb3ulGmP5vnDbfJkzEH93cFlzS5cATp2q9hRBQpT9j
QWfQpeekL6rc2ZPKGKlPMlQ43oIi/kXhE8gpuUFbUvBUoxlP2ZA3BKVqshLPaLFQ
zHgiFzotoRsx4uLJRXx0upAu1TUURPlOoESGR6ntJDxyTVC51L8wwUzFdrg5hJWf
VddJbZPrnr2JNVjMGrLWWjz92SmwVkH8JXFhDG8Hdj0FukAFC8dSgjMYYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIODf+jeYfIfSh1LTiyLsqQsrviWMB8GA1UdIwQY
MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt
ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy
LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivzzHkUB
jxpJDdnrdUknD2ydQEsYnvGRFWBSWj3AX9pQkLkBU0KoQiOw3Y2Ghp080DS5oy1o
X/j/MkSxByOr6LaJABlKNVDMgkW3qhShf369PV3sysURWNgLCPgtOmug0O76sVhZ
NFT6BQ+JYIm1CRc46h8j2mnBm5VW7Ky26+9Oyhc4Z5WrQCxmTaQcFESuqObHnBsJ
4XbFqmoqk+CsvzLC7CdNcP3Sc2YnEvD2K7osuEn41N5ys1Z1f73kO2+hGg9qQvrb
r43ZKyzEZN71WQOroim+xwZ16In70V76I2BLuasARPPyviSVA7jNrM9SWCpSmn2Z
hb1bL1mNm+u4fw==
-----END CERTIFICATE-----