Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          DyjyNYQDwOEp2mFEZAudTGnfrAAEltBQuruLbj+Xyy8=
Subject key identifier:   D0:13:34:12:9F:34:0A:60:41:F9:13:38:AF:62:8D:53:70:E6:7B:A6
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       01975FB90ADFA3E3E83550940D0461593B2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          049A
Signing time:             Wed 11 Jun 2025 16:00:51 +0000
Manifest this update:     Wed 11 Jun 2025 16:00:51 +0000
Manifest next update:     Thu 12 Jun 2025 16:00:51 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: cvsk7M0Era22r+zKxkVI0IXti5QemKtK4b9JkcU4q/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:b9:0a:df:a3:e3:e8:35:50:94:0d:04:61:59:3b:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Jun 11 16:00:51 2025 GMT
            Not After : Jun 12 16:00:51 2025 GMT
        Subject: CN=d01334129f340a6041f91338af628d5370e67ba6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:13:72:7b:77:b4:2c:0e:39:81:ff:b8:c7:03:
                    65:fd:48:56:3d:6e:0e:8d:71:30:31:01:8f:70:6a:
                    63:e8:fe:39:de:48:9b:38:5a:4d:1a:28:7d:86:ab:
                    81:62:26:e7:bb:d8:ee:53:1b:f2:09:d0:26:c9:86:
                    36:e3:aa:5a:b7:a2:77:96:29:9d:b5:e7:70:ec:00:
                    78:cd:3a:7d:ee:72:0e:c9:d0:64:54:d8:ce:2c:83:
                    aa:d1:91:69:3a:aa:82:af:a4:03:06:36:ac:5d:cd:
                    72:5a:04:07:f5:8b:f2:83:64:96:69:b9:ce:9e:8a:
                    24:19:9f:12:65:43:d3:8c:a5:5b:b5:5a:5f:bd:a5:
                    a8:f1:19:fc:d8:db:5c:00:3a:19:94:84:7f:5a:4b:
                    57:06:f3:57:f3:e0:b5:13:83:69:15:81:58:2d:c2:
                    47:80:42:7e:52:0b:0b:3d:4f:e1:38:00:48:6c:2f:
                    29:97:49:d0:83:f1:07:b5:70:da:76:b8:12:5e:6a:
                    1b:61:e9:68:59:e3:2b:e6:6c:85:35:d0:fa:3c:fd:
                    43:98:63:0a:f2:11:35:07:05:aa:d2:f1:e0:e8:8f:
                    13:be:e8:ca:26:11:37:73:8e:5e:a9:3c:ac:2a:a9:
                    ba:59:78:34:b7:ed:71:17:ca:2b:b9:24:6e:fb:68:
                    88:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:13:34:12:9F:34:0A:60:41:F9:13:38:AF:62:8D:53:70:E6:7B:A6
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:85:e9:f8:a8:a6:31:f7:7d:fa:b1:d0:aa:3a:c0:1b:f4:9e:
         07:59:42:84:fa:fd:12:b4:e6:ea:be:d5:89:bb:c5:5f:49:4b:
         1b:58:22:6b:b0:a2:a0:09:90:7f:1a:d4:d6:bc:e3:be:cf:55:
         5b:e9:e9:8d:1a:1d:55:46:0e:00:46:1d:dd:67:67:a9:ae:b5:
         d0:18:d0:e8:f3:02:d2:ed:2c:19:cb:36:c1:7d:e9:c0:49:cd:
         07:a1:00:f3:83:b9:61:13:9f:69:f7:00:7e:a2:a0:65:81:45:
         59:60:bc:68:76:07:78:00:24:35:ec:f9:80:ea:3d:35:cf:43:
         4f:12:58:83:0a:ad:39:93:af:f2:14:ad:e6:2d:df:22:b8:d0:
         b6:3a:3c:6e:d7:ef:24:d9:78:31:bc:04:9d:76:19:de:2b:7f:
         70:0f:14:4f:58:4b:b8:b5:98:77:4d:f0:6d:64:6a:f7:56:e9:
         c0:fe:5c:a9:f5:2a:db:2f:5b:6f:ae:07:90:7b:fd:06:c8:6f:
         b3:39:7a:50:27:cf:b4:26:bb:db:a4:4c:1b:8f:15:62:4c:7e:
         77:d8:e2:2f:f8:2d:00:44:cd:9b:c1:24:22:93:07:14:5e:c5:
         d7:40:d8:3f:c5:0f:8a:68:33:1a:8f:7b:77:b2:07:a4:8f:11:
         9d:29:7d:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfuQrfo+PoNVCUDQRhWTsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjExMTYwMDUxWhcNMjUwNjEyMTYwMDUxWjAzMTEwLwYDVQQD
EyhkMDEzMzQxMjlmMzQwYTYwNDFmOTEzMzhhZjYyOGQ1MzcwZTY3YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxNye3e0LA45gf+4xwNl/UhWPW4O
jXEwMQGPcGpj6P453kibOFpNGih9hquBYibnu9juUxvyCdAmyYY246pat6J3limd
tedw7AB4zTp97nIOydBkVNjOLIOq0ZFpOqqCr6QDBjasXc1yWgQH9Yvyg2SWabnO
nookGZ8SZUPTjKVbtVpfvaWo8Rn82NtcADoZlIR/WktXBvNX8+C1E4NpFYFYLcJH
gEJ+UgsLPU/hOABIbC8pl0nQg/EHtXDadrgSXmobYeloWeMr5myFNdD6PP1DmGMK
8hE1BwWq0vHg6I8TvujKJhE3c45eqTysKqm6WXg0t+1xF8oruSRu+2iIDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNATNBKfNApgQfkTOK9ijVNw5numMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQIXp+Kim
Mfd9+rHQqjrAG/SeB1lChPr9ErTm6r7VibvFX0lLG1gia7CioAmQfxrU1rzjvs9V
W+npjRodVUYOAEYd3Wdnqa610BjQ6PMC0u0sGcs2wX3pwEnNB6EA84O5YROfafcA
fqKgZYFFWWC8aHYHeAAkNez5gOo9Nc9DTxJYgwqtOZOv8hSt5i3fIrjQtjo8btfv
JNl4MbwEnXYZ3it/cA8UT1hLuLWYd03wbWRq91bpwP5cqfUq2y9bb64HkHv9Bshv
szl6UCfPtCa726RMG48VYkx+d9jiL/gtAETNm8EkIpMHFF7F10DYP8UPimgzGo97
d7IHpI8RnSl9ow==
-----END CERTIFICATE-----