Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
File:                     001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json)
Hash identifier:          GBa4z1yYsV4sRb6RCSU1WSStyA84GzzpjPcxfN69TZY=
Subject key identifier:   25:E9:3F:0D:6B:D2:3C:16:A4:0D:BE:EE:E0:1E:92:B4:7A:C1:5D:CC
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Certificate issuer:       /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial:       01975D5CFA84A87229E3ECB99BB1FDCD08D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
Manifest number:          1588
Signing time:             Wed 11 Jun 2025 05:01:03 +0000
Manifest this update:     Wed 11 Jun 2025 05:01:03 +0000
Manifest next update:     Thu 12 Jun 2025 05:01:03 +0000
Files and hashes:         1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: TY1s9hLowGbjxhxt7cV449jvXBv6rmDN/46/4dGvbww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 05:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:5c:fa:84:a8:72:29:e3:ec:b9:9b:b1:fd:cd:08:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
        Validity
            Not Before: Jun 11 05:01:03 2025 GMT
            Not After : Jun 12 05:01:03 2025 GMT
        Subject: CN=25e93f0d6bd23c16a40dbeeee01e92b47ac15dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:65:dd:b7:9d:0d:80:87:5b:f4:88:cb:ad:4c:
                    da:83:45:d2:06:c3:28:47:bf:72:d5:2e:d2:cb:15:
                    e5:d8:48:d5:0c:b0:cc:4c:e9:ba:88:6e:2e:45:96:
                    c3:cc:c8:7c:7c:df:33:5d:ce:59:33:a2:ce:68:d4:
                    be:74:12:22:63:b9:2f:0e:ff:06:b8:37:9f:86:3c:
                    d0:91:5b:11:fe:34:dc:10:b6:dd:55:ac:fc:79:f3:
                    47:f4:58:74:f5:2c:bc:38:2f:4a:25:3f:37:b2:b2:
                    9c:59:ff:ff:a7:33:4a:39:3e:87:18:db:f3:c2:5a:
                    e0:f9:14:ad:b8:ca:ec:09:9e:80:d6:5e:3b:f9:c5:
                    1f:84:21:a4:82:f7:d0:26:20:27:e9:12:9c:78:15:
                    e7:82:35:8f:12:de:c0:81:5a:ef:95:53:6f:0b:b9:
                    18:5e:90:de:8f:83:4e:55:59:7b:5b:ff:e2:16:8f:
                    79:09:72:fe:b1:ae:50:40:0a:e1:49:e3:df:d2:1c:
                    f2:99:50:5e:4d:ce:dd:d8:3e:33:48:21:f4:5a:55:
                    44:36:34:22:3c:77:57:b9:8c:b0:6d:e4:f9:5c:7e:
                    0a:3c:7d:a4:3f:09:1f:36:41:63:57:dc:50:fa:15:
                    38:eb:12:29:9d:df:67:c7:54:56:90:dd:0c:5c:95:
                    26:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:E9:3F:0D:6B:D2:3C:16:A4:0D:BE:EE:E0:1E:92:B4:7A:C1:5D:CC
            X509v3 Authority Key Identifier:
                keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:27:64:26:d4:f4:ae:d6:19:37:67:ea:72:b0:41:1f:c6:e1:
         22:c4:d4:7d:c6:a0:eb:6e:29:e6:dc:88:58:ad:e8:1c:75:7c:
         d8:f3:a2:a3:78:7e:20:3d:b2:e3:6f:e2:06:a8:14:41:33:99:
         eb:c3:ee:85:d1:a7:f2:b6:35:bd:72:cf:aa:0a:39:37:03:03:
         69:46:e8:df:14:ab:dd:b4:19:d7:3d:86:d9:31:2f:3f:c7:1a:
         a3:e4:b6:c0:ac:8d:06:0e:d9:e4:0e:cd:15:2f:94:11:b2:f8:
         3e:ca:d8:ff:6c:27:d9:6c:05:c1:49:6a:c4:dd:9f:30:f3:0a:
         28:cb:b7:b9:a6:e6:78:cf:ff:6a:48:b9:79:1d:75:9d:2d:73:
         11:fe:04:f9:b2:78:73:4e:2b:99:aa:40:82:6a:84:06:9c:e8:
         47:71:a1:53:3f:59:e4:86:14:99:17:3e:3e:eb:74:eb:3f:93:
         de:5c:26:4d:e3:5b:5b:dc:ca:34:70:3e:41:f1:4b:00:fd:5e:
         23:9f:9d:cd:fc:53:d2:4f:49:ae:67:8c:43:6e:a2:85:48:1f:
         12:cc:1f:5b:33:bb:e4:27:b3:24:59:f2:d4:a1:47:03:da:df:
         d0:0f:b3:62:b9:fb:01:15:f5:52:32:fe:5d:15:cb:59:02:66:
         25:01:11:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddXPqEqHIp4+y5m7H9zQjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjUwNjExMDUwMTAzWhcNMjUwNjEyMDUwMTAzWjAzMTEwLwYDVQQD
EygyNWU5M2YwZDZiZDIzYzE2YTQwZGJlZWVlMDFlOTJiNDdhYzE1ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmXdt50NgIdb9IjLrUzag0XSBsMo
R79y1S7SyxXl2EjVDLDMTOm6iG4uRZbDzMh8fN8zXc5ZM6LOaNS+dBIiY7kvDv8G
uDefhjzQkVsR/jTcELbdVaz8efNH9Fh09Sy8OC9KJT83srKcWf//pzNKOT6HGNvz
wlrg+RStuMrsCZ6A1l47+cUfhCGkgvfQJiAn6RKceBXngjWPEt7AgVrvlVNvC7kY
XpDej4NOVVl7W//iFo95CXL+sa5QQArhSePf0hzymVBeTc7d2D4zSCH0WlVENjQi
PHdXuYywbeT5XH4KPH2kPwkfNkFjV9xQ+hU46xIpnd9nx1RWkN0MXJUmXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXpPw1r0jwWpA2+7uAekrR6wV3MMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmidkJtT0
rtYZN2fqcrBBH8bhIsTUfcag624p5tyIWK3oHHV82POio3h+ID2y42/iBqgUQTOZ
68PuhdGn8rY1vXLPqgo5NwMDaUbo3xSr3bQZ1z2G2TEvP8cao+S2wKyNBg7Z5A7N
FS+UEbL4PsrY/2wn2WwFwUlqxN2fMPMKKMu3uabmeM//aki5eR11nS1zEf4E+bJ4
c04rmapAgmqEBpzoR3GhUz9Z5IYUmRc+Put06z+T3lwmTeNbW9zKNHA+QfFLAP1e
I5+dzfxT0k9JrmeMQ26ihUgfEswfWzO75CezJFny1KFHA9rf0A+zYrn7ARX1UjL+
XRXLWQJmJQERVw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:33:51 2025 by rpki-client