Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          jIvD1jw7fDOdXI8YsC/D3SyLIKHCTbxwBwp69+78sgc=
Subject key identifier:   C6:CE:84:53:17:88:3D:5F:2E:EE:D3:4A:9D:9B:B3:0D:28:06:4B:7C
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01975DCB93E7226876C679D15449B1B464E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F9C
Signing time:             Wed 11 Jun 2025 07:01:52 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:52 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:52 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: EDSC727irK5P9gjXbRYNjx76+aU3oO8agO2ZbFLy7mU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 07:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:cb:93:e7:22:68:76:c6:79:d1:54:49:b1:b4:64:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 11 07:01:52 2025 GMT
            Not After : Jun 12 07:01:52 2025 GMT
        Subject: CN=c6ce845317883d5f2eeed34a9d9bb30d28064b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:8e:01:41:63:d7:45:92:62:a1:54:ea:cb:9c:
                    9f:ce:27:3d:68:41:08:68:c5:ff:d6:2a:b5:bb:59:
                    49:48:81:68:86:6b:22:23:53:ca:67:b5:f2:d0:60:
                    ce:f2:71:37:df:50:82:46:72:ce:8d:25:df:de:e8:
                    b3:2a:cb:f6:1e:c7:32:b6:1f:10:57:5b:4a:e3:87:
                    3d:45:e7:c5:dd:d1:c1:f7:32:a0:56:df:fc:3a:68:
                    e3:34:da:36:0e:a5:6d:90:dd:6e:86:05:f7:2d:81:
                    8c:3f:25:36:e2:3c:2b:ad:a1:39:2c:ed:8e:58:89:
                    7c:f2:5d:3f:5b:9f:a4:97:0a:06:73:58:77:7c:27:
                    a1:30:5b:66:eb:94:11:50:e5:52:16:9e:ec:51:42:
                    cf:94:da:1e:a2:3f:29:fd:29:34:00:66:fb:a9:d5:
                    b9:09:77:49:2b:32:fd:77:05:90:62:5c:db:df:0f:
                    73:01:0f:cd:91:a4:96:f4:5b:68:98:32:a3:b9:64:
                    02:7a:7f:2e:ab:38:e1:4e:c8:52:87:53:4c:2f:c9:
                    94:cd:a3:dd:5d:a3:b5:25:fb:e8:bd:d5:62:5e:1f:
                    1d:99:82:67:82:a6:fb:4d:1f:72:7e:b6:21:f7:d7:
                    cb:d4:c5:7a:44:5d:0c:fb:90:ad:f5:60:6f:30:60:
                    f4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:CE:84:53:17:88:3D:5F:2E:EE:D3:4A:9D:9B:B3:0D:28:06:4B:7C
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:e2:82:0b:fd:5a:7a:65:8c:f5:ee:86:09:e1:ab:5f:6b:e0:
         2c:f1:4b:d1:90:ed:10:ce:72:81:79:39:38:ec:94:8f:87:0e:
         58:3c:70:c7:fe:d6:11:ac:6b:60:5f:24:7a:d2:b1:8e:6b:9d:
         31:3b:f6:c7:d9:d6:a5:3d:38:e3:88:a9:3e:1f:eb:ba:c6:8c:
         72:30:8a:d4:d9:60:92:28:b8:49:63:70:4e:5e:4f:66:29:fc:
         28:ec:77:93:a2:3e:7b:c4:a3:1e:0a:77:21:ab:97:9c:93:87:
         14:79:09:63:17:02:16:72:15:12:bc:a9:85:19:ba:17:6c:5c:
         c0:b6:89:16:85:e5:97:76:69:4f:6b:ea:4a:40:05:ae:6a:7d:
         d5:3f:7a:5b:57:ab:cb:09:f4:24:ee:7d:12:84:f8:23:01:37:
         8e:48:7b:c1:ae:6f:8d:c5:79:14:85:08:3f:ec:bc:38:70:96:
         4b:dc:5f:30:ca:bf:fc:3b:64:7a:49:af:c9:b3:9c:69:47:31:
         7e:a3:70:6c:2a:01:83:90:b3:2e:9f:5a:36:25:b6:e9:e3:8c:
         9e:48:ca:9d:18:27:6a:55:26:a4:78:79:c7:a6:c8:7c:fc:9c:
         80:d4:6a:60:b5:7d:62:6b:c5:01:d9:b9:d2:e0:7d:04:83:fc:
         b1:9c:65:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddy5PnImh2xnnRVEmxtGTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjExMDcwMTUyWhcNMjUwNjEyMDcwMTUyWjAzMTEwLwYDVQQD
EyhjNmNlODQ1MzE3ODgzZDVmMmVlZWQzNGE5ZDliYjMwZDI4MDY0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o4BQWPXRZJioVTqy5yfzic9aEEI
aMX/1iq1u1lJSIFohmsiI1PKZ7Xy0GDO8nE331CCRnLOjSXf3uizKsv2Hscyth8Q
V1tK44c9RefF3dHB9zKgVt/8OmjjNNo2DqVtkN1uhgX3LYGMPyU24jwrraE5LO2O
WIl88l0/W5+klwoGc1h3fCehMFtm65QRUOVSFp7sUULPlNoeoj8p/Sk0AGb7qdW5
CXdJKzL9dwWQYlzb3w9zAQ/NkaSW9FtomDKjuWQCen8uqzjhTshSh1NML8mUzaPd
XaO1JfvovdViXh8dmYJngqb7TR9yfrYh99fL1MV6RF0M+5Ct9WBvMGD0KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbOhFMXiD1fLu7TSp2bsw0oBkt8MB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOKCC/1a
emWM9e6GCeGrX2vgLPFL0ZDtEM5ygXk5OOyUj4cOWDxwx/7WEaxrYF8ketKxjmud
MTv2x9nWpT0444ipPh/rusaMcjCK1Nlgkii4SWNwTl5PZin8KOx3k6I+e8SjHgp3
IauXnJOHFHkJYxcCFnIVEryphRm6F2xcwLaJFoXll3ZpT2vqSkAFrmp91T96W1er
ywn0JO59EoT4IwE3jkh7wa5vjcV5FIUIP+y8OHCWS9xfMMq//DtkekmvybOcaUcx
fqNwbCoBg5CzLp9aNiW26eOMnkjKnRgnalUmpHh5x6bIfPycgNRqYLV9YmvFAdm5
0uB9BIP8sZxltw==
-----END CERTIFICATE-----