Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft
File:                     kwNiKzxU5F9BZvMBeY-G27pHGAw.mft (raw, json)
Hash identifier:          icox5dCNkOa9ThGkD3GYUnryDbuBgnWvHk7f2KYir9M=
Subject key identifier:   A3:E0:5C:79:96:BE:97:2E:2C:EA:C1:5E:6A:F9:38:06:B5:DF:30:52
Authority key identifier: 93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C
Certificate issuer:       /CN=9303622b3c54e45f4166f301798f86dbba47180c
Certificate serial:       01976C623CE8E61B32D2CAB9619C92C72B5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft
Manifest number:          0728
Signing time:             Sat 14 Jun 2025 03:01:06 +0000
Manifest this update:     Sat 14 Jun 2025 03:01:06 +0000
Manifest next update:     Sun 15 Jun 2025 03:01:06 +0000
Files and hashes:         1: kwNiKzxU5F9BZvMBeY-G27pHGAw.crl (hash: PPOdAQoZgUBr0PAY+IaMBHMBdUnFQbDix/49lfAiTD0=)
                          2: v_98mZARWXkG0c7MrFhUfz1ZnSk.roa (hash: CoGKVro1tI7BKUl2OeE8GJuS6b7gkbb5BZSSNbzRr+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:62:3c:e8:e6:1b:32:d2:ca:b9:61:9c:92:c7:2b:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9303622b3c54e45f4166f301798f86dbba47180c
        Validity
            Not Before: Jun 14 03:01:06 2025 GMT
            Not After : Jun 15 03:01:06 2025 GMT
        Subject: CN=a3e05c7996be972e2ceac15e6af93806b5df3052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9f:ef:07:e4:e7:00:68:86:98:45:43:90:5c:
                    66:e9:a7:41:6c:1c:be:de:c7:34:7f:cb:ed:62:dc:
                    ed:72:66:5c:b8:d6:3d:42:e5:9a:58:72:8a:a0:29:
                    31:44:4c:34:d0:af:48:1a:6c:3f:dc:d4:ba:4d:81:
                    ac:3b:86:8e:e5:c7:ce:e5:f2:e1:52:ac:c1:7a:69:
                    f9:86:0f:04:6b:75:f6:94:2e:1b:e9:22:34:34:d8:
                    cd:4e:0e:0d:c5:1b:81:37:8c:f7:83:8d:a9:a7:04:
                    a6:ef:f6:29:73:88:45:6c:c0:33:d2:16:e9:99:f8:
                    4f:f1:d6:19:d0:9e:ff:eb:7f:1b:37:a4:b0:03:95:
                    e5:08:d2:05:1e:23:6d:8c:ae:f9:0d:7b:b3:fe:34:
                    7b:75:9c:3f:c9:8e:f5:dc:c6:6d:ae:0e:22:40:91:
                    fd:ca:9e:ea:09:3f:fd:73:02:6d:a0:3a:6d:07:a1:
                    0e:63:92:49:01:a8:bf:8f:e8:27:93:cb:e7:c2:13:
                    85:5c:72:17:64:a9:08:26:b4:9a:db:dd:1d:ba:a9:
                    4d:f4:31:52:a6:11:92:8a:a0:87:0b:db:50:ed:0c:
                    c0:31:b8:66:cb:17:10:ae:d7:51:fb:77:fb:cc:32:
                    29:4d:66:67:41:13:10:a0:14:c7:e8:db:0c:50:b7:
                    6f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E0:5C:79:96:BE:97:2E:2C:EA:C1:5E:6A:F9:38:06:B5:DF:30:52
            X509v3 Authority Key Identifier:
                keyid:93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:05:a8:26:34:77:b9:c4:7f:9e:b0:f1:e6:d8:58:4e:5b:87:
         e5:b0:56:91:fe:17:88:9d:0f:34:04:a9:95:7b:40:b9:91:f2:
         b3:64:a8:c5:ae:df:bd:95:41:59:1c:39:db:72:7b:24:c3:35:
         03:eb:f6:ac:8b:3c:af:59:8a:10:fc:3b:f5:81:1a:9a:cf:89:
         52:5d:be:4b:c4:a0:1a:d0:23:12:49:e4:23:44:04:2b:8d:63:
         2e:59:8b:6a:a8:db:2d:2d:0d:1d:b2:6e:a3:e9:fe:69:69:2d:
         72:97:d5:3a:5b:d1:f5:bd:e4:83:11:8c:a2:76:64:e1:6a:ea:
         47:6c:c7:c2:bb:af:54:e6:81:81:63:cf:d6:96:c4:44:7e:dd:
         bf:bd:9b:5c:e0:e5:59:fa:43:c4:47:7c:82:14:e9:5b:2b:a6:
         4a:d1:ac:80:3f:cb:9a:bf:2d:0c:2f:01:a1:11:94:d6:05:50:
         19:f2:38:52:54:c0:8b:78:61:9c:99:30:6f:2f:d5:b1:37:4f:
         4a:e8:f6:fe:79:75:60:9c:77:4d:f8:cf:0f:d8:bf:ea:5f:d5:
         55:6c:b8:f0:be:a6:a3:bd:af:df:43:42:36:6e:cd:d8:08:e4:
         13:8e:d2:7c:93:e4:d3:3b:be:e8:27:db:e9:a0:c3:b0:13:61:
         5d:44:aa:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsYjzo5hsy0sq5YZySxytfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDM2MjJiM2M1NGU0NWY0MTY2ZjMwMTc5OGY4NmRiYmE0
NzE4MGMwHhcNMjUwNjE0MDMwMTA2WhcNMjUwNjE1MDMwMTA2WjAzMTEwLwYDVQQD
EyhhM2UwNWM3OTk2YmU5NzJlMmNlYWMxNWU2YWY5MzgwNmI1ZGYzMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp/vB+TnAGiGmEVDkFxm6adBbBy+
3sc0f8vtYtztcmZcuNY9QuWaWHKKoCkxREw00K9IGmw/3NS6TYGsO4aO5cfO5fLh
UqzBemn5hg8Ea3X2lC4b6SI0NNjNTg4NxRuBN4z3g42ppwSm7/Ypc4hFbMAz0hbp
mfhP8dYZ0J7/638bN6SwA5XlCNIFHiNtjK75DXuz/jR7dZw/yY713MZtrg4iQJH9
yp7qCT/9cwJtoDptB6EOY5JJAai/j+gnk8vnwhOFXHIXZKkIJrSa290duqlN9DFS
phGSiqCHC9tQ7QzAMbhmyxcQrtdR+3f7zDIpTWZnQRMQoBTH6NsMULdvwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPgXHmWvpcuLOrBXmr5OAa13zBSMB8GA1UdIwQY
MBaAFJMDYis8VORfQWbzAXmPhtu6RxgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjkt
OTUwYzdlNzMyNDVjLzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjktOTUwYzdlNzMyNDVj
LzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAWoJjR3
ucR/nrDx5thYTluH5bBWkf4XiJ0PNASplXtAuZHys2Soxa7fvZVBWRw523J7JMM1
A+v2rIs8r1mKEPw79YEams+JUl2+S8SgGtAjEknkI0QEK41jLlmLaqjbLS0NHbJu
o+n+aWktcpfVOlvR9b3kgxGMonZk4WrqR2zHwruvVOaBgWPP1pbERH7dv72bXODl
WfpDxEd8ghTpWyumStGsgD/Lmr8tDC8BoRGU1gVQGfI4UlTAi3hhnJkwby/VsTdP
Suj2/nl1YJx3TfjPD9i/6l/VVWy48L6mo72v30NCNm7N2AjkE47SfJPk0zu+6Cfb
6aDDsBNhXUSq+A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:52:58 2025 by rpki-client