Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
File:                     001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json)
Hash identifier:          ZFVWu504w8UGSO1r63CZ31kF0VTPQviVyZ3LH3aLXas=
Subject key identifier:   DA:E2:60:50:78:99:CD:B2:CA:EB:8F:A8:28:34:51:9D:6E:2D:AC:F7
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Certificate issuer:       /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial:       0197613926C1B5BE63EDF4AD1DE33010645A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
Manifest number:          158A
Signing time:             Wed 11 Jun 2025 23:00:24 +0000
Manifest this update:     Wed 11 Jun 2025 23:00:24 +0000
Manifest next update:     Thu 12 Jun 2025 23:00:24 +0000
Files and hashes:         1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: zuSui3yVEx/xt4nzehH68XX09qTuqvL1Zwgfw5VRvkI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:39:26:c1:b5:be:63:ed:f4:ad:1d:e3:30:10:64:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
        Validity
            Not Before: Jun 11 23:00:24 2025 GMT
            Not After : Jun 12 23:00:24 2025 GMT
        Subject: CN=dae260507899cdb2caeb8fa82834519d6e2dacf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3e:c9:25:05:24:35:a6:b4:52:d1:73:0f:e1:
                    1d:fa:3a:7a:3f:17:a4:9d:49:50:b7:8d:a2:9a:cd:
                    5b:a3:09:89:89:a3:cd:37:bf:fd:f7:ac:dd:a5:72:
                    d0:f5:c0:89:40:58:e6:a6:95:4a:45:c0:b2:34:ed:
                    51:38:7a:25:8a:32:92:17:e8:29:57:fd:cf:6b:5e:
                    d7:7c:6b:91:79:6b:87:18:b2:68:8b:b0:26:b7:84:
                    a7:08:b9:e6:ac:9d:46:31:10:44:44:7c:cb:e2:5b:
                    d7:6a:97:7e:23:03:59:f4:e4:30:93:7d:66:b0:33:
                    f1:5a:49:cb:78:39:52:f4:72:dd:68:fe:51:c5:e7:
                    d8:10:6a:84:8f:13:c8:ce:c4:d5:3d:28:9e:a8:af:
                    59:1e:64:78:b8:24:5b:68:1d:19:96:c0:3a:49:99:
                    77:36:cd:68:81:fe:02:7a:69:6b:9f:f7:32:11:a1:
                    73:fe:2a:32:35:46:e5:a6:7e:8b:25:69:89:cf:d3:
                    8f:3a:88:94:df:19:69:90:89:08:a2:73:d8:73:6f:
                    d7:49:f9:69:64:ad:ec:6b:49:15:03:b9:77:c2:f2:
                    94:04:70:3d:41:e8:81:e9:55:f1:d6:ad:c9:a4:7a:
                    b2:70:56:97:aa:21:71:db:92:74:ea:73:b9:b9:71:
                    8e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:E2:60:50:78:99:CD:B2:CA:EB:8F:A8:28:34:51:9D:6E:2D:AC:F7
            X509v3 Authority Key Identifier:
                keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:4c:e1:00:a8:42:b8:5d:b0:de:c9:11:69:3a:20:d7:9f:d3:
         bc:a6:ca:a6:90:c4:8b:05:2c:12:0b:44:69:c3:09:a4:90:a9:
         11:c8:ce:3c:57:a3:64:93:ed:87:35:3e:f7:6c:f4:71:f9:58:
         d7:7f:6e:66:28:82:41:1d:b5:d9:d7:62:2c:f1:d3:e2:cd:da:
         f6:32:86:a9:4c:7a:4e:a0:76:e2:cd:15:4a:52:a3:9f:65:e4:
         be:51:aa:2a:03:b4:be:49:33:75:76:22:0c:d7:a4:34:53:5a:
         f0:78:f9:48:47:f3:fe:2e:23:9a:ef:bb:77:d5:07:37:c9:df:
         f5:74:81:c5:b2:e5:f2:25:c6:ee:df:b1:39:64:a7:06:b0:05:
         55:0e:14:6c:c7:4d:94:2f:9f:4f:23:52:d4:a4:05:ea:91:25:
         8d:8d:46:5e:c9:c6:be:af:72:16:c8:c2:19:41:22:c4:bf:d7:
         4d:f0:8e:be:f2:62:98:98:72:a6:1b:71:cc:6f:de:ab:3e:f1:
         ed:94:a0:77:19:60:1d:24:7f:17:64:30:77:1a:0f:b5:aa:70:
         03:6e:73:7c:f9:6a:c3:36:07:01:6f:1a:15:b1:e8:f1:91:95:
         5f:28:e5:15:5e:68:8c:77:5c:e6:1e:cf:9d:1c:96:6d:78:4f:
         cc:aa:42:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhOSbBtb5j7fStHeMwEGRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjUwNjExMjMwMDI0WhcNMjUwNjEyMjMwMDI0WjAzMTEwLwYDVQQD
EyhkYWUyNjA1MDc4OTljZGIyY2FlYjhmYTgyODM0NTE5ZDZlMmRhY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz7JJQUkNaa0UtFzD+Ed+jp6Pxek
nUlQt42ims1bowmJiaPNN7/996zdpXLQ9cCJQFjmppVKRcCyNO1ROHolijKSF+gp
V/3Pa17XfGuReWuHGLJoi7Amt4SnCLnmrJ1GMRBERHzL4lvXapd+IwNZ9OQwk31m
sDPxWknLeDlS9HLdaP5RxefYEGqEjxPIzsTVPSieqK9ZHmR4uCRbaB0ZlsA6SZl3
Ns1ogf4Cemlrn/cyEaFz/ioyNUblpn6LJWmJz9OPOoiU3xlpkIkIonPYc2/XSflp
ZK3sa0kVA7l3wvKUBHA9QeiB6VXx1q3JpHqycFaXqiFx25J06nO5uXGOhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNriYFB4mc2yyuuPqCg0UZ1uLaz3MB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxkzhAKhC
uF2w3skRaTog15/TvKbKppDEiwUsEgtEacMJpJCpEcjOPFejZJPthzU+92z0cflY
139uZiiCQR212ddiLPHT4s3a9jKGqUx6TqB24s0VSlKjn2XkvlGqKgO0vkkzdXYi
DNekNFNa8Hj5SEfz/i4jmu+7d9UHN8nf9XSBxbLl8iXG7t+xOWSnBrAFVQ4UbMdN
lC+fTyNS1KQF6pEljY1GXsnGvq9yFsjCGUEixL/XTfCOvvJimJhyphtxzG/eqz7x
7ZSgdxlgHSR/F2QwdxoPtapwA25zfPlqwzYHAW8aFbHo8ZGVXyjlFV5ojHdc5h7P
nRyWbXhPzKpCcA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 05:11:49 2025 by rpki-client