Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
File:                     K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft (raw, json)
Hash identifier:          KHM2zVNFolVAQ5tARduo37M6TapY75a+TmY1BB9lf14=
Subject key identifier:   AF:5C:68:3B:51:BD:CB:34:D4:4D:79:EF:F5:9B:B6:EF:4B:1E:4A:A9
Authority key identifier: 2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB
Certificate issuer:       /CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
Certificate serial:       019A71B88DF1DCEE586DEDEFE552130C8FDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:01:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:51 +0000
Files and hashes:         1: K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl (hash: L/fWud6mzNGeNnCgl5Z3s3RVTT8m2cH7Vn1r/S/FrR4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8d:f1:dc:ee:58:6d:ed:ef:e5:52:13:0c:8f:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
        Validity
            Not Before: Nov 11 07:01:51 2025 GMT
            Not After : Nov 12 07:01:51 2025 GMT
        Subject: CN=af5c683b51bdcb34d44d79eff59bb6ef4b1e4aa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:89:f4:61:64:99:46:f3:78:12:e7:5a:cb:b4:
                    79:d5:88:35:a4:11:f3:c5:cc:96:61:e2:ad:10:16:
                    a3:14:f8:72:12:d2:17:23:d5:64:35:39:87:86:1d:
                    b6:6b:50:dd:79:5e:17:8d:e0:a5:b6:2c:be:0d:d2:
                    93:15:35:18:9d:68:5c:16:ca:89:5b:ec:0f:cb:ce:
                    1b:35:77:7c:0a:b9:6f:d1:e3:bb:f2:84:53:da:8e:
                    6d:db:e1:5d:e0:c4:13:74:36:a9:4d:2b:0a:23:8e:
                    76:06:ff:1c:b9:3f:7e:d7:d2:a0:b3:9b:31:ec:71:
                    b3:a2:38:b2:28:37:21:3d:53:b7:b8:86:e8:4b:2f:
                    c1:eb:e3:52:47:9f:89:a0:c0:87:41:0c:09:c8:ca:
                    ec:3d:53:58:9a:90:f4:95:f8:42:a6:4f:89:9c:67:
                    04:bc:8f:a3:db:57:47:cd:a1:62:bd:6f:0e:48:fc:
                    0c:93:99:0d:d6:43:f4:e5:bc:e0:8c:ae:47:45:9a:
                    6f:31:df:cd:f2:da:be:c2:26:ac:13:89:00:42:a7:
                    3a:b4:95:31:03:50:97:1f:e4:a0:02:47:19:f2:ab:
                    f4:f5:95:3a:bd:bf:2f:54:c1:8b:c5:5e:e9:45:64:
                    97:7d:fc:04:ae:b5:cf:35:e8:4d:8a:2b:cd:3d:0f:
                    e8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:5C:68:3B:51:BD:CB:34:D4:4D:79:EF:F5:9B:B6:EF:4B:1E:4A:A9
            X509v3 Authority Key Identifier:
                keyid:2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:bf:bc:a6:e4:f4:e6:51:60:df:0d:52:1e:dc:8a:b5:dd:0d:
         42:d4:eb:b4:f8:61:cf:99:1d:66:22:40:ed:2b:60:01:b0:32:
         ce:66:29:5e:08:cc:56:62:27:10:9f:7a:9a:a0:fd:f2:ae:c1:
         e9:e2:2f:fb:a7:bd:83:db:45:f5:19:c2:03:84:a8:54:26:54:
         ee:07:12:39:5c:a2:6b:f8:5e:5f:33:9a:14:b5:f9:48:08:d5:
         b5:f7:77:4c:2b:d9:0a:a5:82:af:ee:ff:30:c4:aa:2d:14:60:
         74:68:7d:3e:25:09:b5:d2:fc:9a:06:9f:02:a3:3f:ac:ae:1a:
         34:ab:b0:cd:f1:49:af:ee:25:70:12:ee:d7:85:6d:b9:74:0d:
         3d:b2:35:d2:32:36:e9:d1:0f:b2:a2:3a:e2:07:2a:2b:87:7c:
         26:57:a8:b1:d1:f5:62:25:b7:61:f8:53:89:f6:8f:6a:e6:da:
         ea:b7:1e:2c:e6:61:b4:2c:2c:1c:d7:94:30:5d:0a:f9:ff:93:
         15:13:9d:96:58:ee:2c:4e:b7:be:c2:26:ce:0c:dc:cb:b9:4a:
         a9:62:e8:4b:e3:ec:40:f6:c7:5b:c5:9c:fe:6a:1d:29:21:d7:
         28:22:21:b8:61:81:4e:3d:95:59:4f:2e:16:e6:28:f1:83:89:
         bd:a4:61:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuI3x3O5Ybe3v5VITDI/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNDllODg0YTQ0MWYwNGI3ZjVlMmVkNDc0YjU4NDdlODMy
MTJiY2IwHhcNMjUxMTExMDcwMTUxWhcNMjUxMTEyMDcwMTUxWjAzMTEwLwYDVQQD
EyhhZjVjNjgzYjUxYmRjYjM0ZDQ0ZDc5ZWZmNTliYjZlZjRiMWU0YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0In0YWSZRvN4Euday7R51Yg1pBHz
xcyWYeKtEBajFPhyEtIXI9VkNTmHhh22a1DdeV4XjeCltiy+DdKTFTUYnWhcFsqJ
W+wPy84bNXd8Crlv0eO78oRT2o5t2+Fd4MQTdDapTSsKI452Bv8cuT9+19Kgs5sx
7HGzojiyKDchPVO3uIboSy/B6+NSR5+JoMCHQQwJyMrsPVNYmpD0lfhCpk+JnGcE
vI+j21dHzaFivW8OSPwMk5kN1kP05bzgjK5HRZpvMd/N8tq+wiasE4kAQqc6tJUx
A1CXH+SgAkcZ8qv09ZU6vb8vVMGLxV7pRWSXffwErrXPNehNiivNPQ/oMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9caDtRvcs01E157/Wbtu9LHkqpMB8GA1UdIwQY
MBaAFCtJ6ISkQfBLf14u1HS1hH6DISvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMt
NDJkZDk4NWNkN2IwLzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMtNDJkZDk4NWNkN2Iw
LzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL+8puT0
5lFg3w1SHtyKtd0NQtTrtPhhz5kdZiJA7StgAbAyzmYpXgjMVmInEJ96mqD98q7B
6eIv+6e9g9tF9RnCA4SoVCZU7gcSOVyia/heXzOaFLX5SAjVtfd3TCvZCqWCr+7/
MMSqLRRgdGh9PiUJtdL8mgafAqM/rK4aNKuwzfFJr+4lcBLu14VtuXQNPbI10jI2
6dEPsqI64gcqK4d8JleosdH1YiW3YfhTifaPauba6rceLOZhtCwsHNeUMF0K+f+T
FROdlljuLE63vsImzgzcy7lKqWLoS+PsQPbHW8Wc/modKSHXKCIhuGGBTj2VWU8u
FuYo8YOJvaRhdw==
-----END CERTIFICATE-----