Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft
File:                     KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft (raw, json)
Hash identifier:          sQW9QhGaEEoVkTmPGqvKKoRTOJlS1/hsO8CttHHv+H4=
Subject key identifier:   F4:4C:8C:79:44:0B:32:E3:0B:A7:0B:78:27:4D:4B:F2:88:42:36:A1
Authority key identifier: 28:60:F1:5D:27:83:79:48:3A:AA:06:13:CB:F5:92:E7:2C:C8:1E:48
Certificate issuer:       /CN=2860f15d278379483aaa0613cbf592e72cc81e48
Certificate serial:       01975A926CE37DE01B8889B3C972B0DAD082
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft
Manifest number:          08A2
Signing time:             Tue 10 Jun 2025 16:00:34 +0000
Manifest this update:     Tue 10 Jun 2025 16:00:34 +0000
Manifest next update:     Wed 11 Jun 2025 16:00:34 +0000
Files and hashes:         1: KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl (hash: wfQ5TYY5lNyyTAFZ0oqwgktts5eD/E5TYeOd47PEJFg=)
                          2: vDGDX2wIiExO6AcsphzPX7w0rD8.roa (hash: 6H+fcKSw03UJYZabhwRmpHlYumXXGe9flqc+/pdyWXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:92:6c:e3:7d:e0:1b:88:89:b3:c9:72:b0:da:d0:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2860f15d278379483aaa0613cbf592e72cc81e48
        Validity
            Not Before: Jun 10 16:00:34 2025 GMT
            Not After : Jun 11 16:00:34 2025 GMT
        Subject: CN=f44c8c79440b32e30ba70b78274d4bf2884236a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:bb:79:a5:73:13:3e:61:c4:ac:df:23:2a:01:
                    ea:8f:e1:22:df:f0:7d:ce:ea:7c:3c:4f:cb:d1:9b:
                    2c:ab:e0:2f:45:78:3e:62:51:68:c6:e6:e5:2d:e9:
                    d8:56:14:86:31:3b:78:a7:cd:dd:0d:45:f4:29:36:
                    a3:42:31:61:5a:a4:25:7e:9a:f5:1f:57:20:1d:29:
                    74:31:2b:e5:5a:7f:7c:e8:c9:f2:3d:78:49:d2:85:
                    45:30:09:a2:68:00:4c:33:cf:5f:e9:06:25:8f:43:
                    9c:73:44:cd:80:d5:0d:53:9f:54:cb:53:47:95:62:
                    94:32:f9:cc:a6:9a:4a:03:0c:5c:6a:57:98:1c:92:
                    17:ac:a0:30:14:c6:41:3a:b0:1c:f8:13:f1:d9:5e:
                    3f:3c:4f:86:7c:59:81:1e:87:72:27:b2:8d:aa:92:
                    30:d2:db:25:e4:85:4e:7a:56:f5:51:95:c6:7d:2b:
                    8c:47:1b:2e:4e:5f:41:65:33:1c:78:cd:87:38:04:
                    51:6b:2a:1d:1a:31:16:40:1e:4c:66:ed:44:b6:76:
                    25:78:e6:09:d8:ee:f8:41:21:c4:61:10:a0:a3:45:
                    ca:d3:29:ba:db:9c:c6:0c:b5:88:0a:7d:b1:e6:86:
                    d0:e7:e3:ad:35:71:66:8c:6e:11:34:d9:65:a7:ca:
                    cb:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:4C:8C:79:44:0B:32:E3:0B:A7:0B:78:27:4D:4B:F2:88:42:36:A1
            X509v3 Authority Key Identifier:
                keyid:28:60:F1:5D:27:83:79:48:3A:AA:06:13:CB:F5:92:E7:2C:C8:1E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:e5:75:f0:d8:3c:cc:82:3f:95:76:8c:77:02:a2:a5:6a:19:
         6b:b0:dd:3d:a4:f0:ea:ca:06:d4:0b:05:7a:ef:8e:24:a3:c1:
         da:fb:05:56:7d:69:f9:c3:b4:19:4b:8d:ef:6c:c1:06:12:6e:
         02:ec:79:03:ed:b4:f6:b9:8d:3d:84:01:98:a1:68:9b:20:74:
         1e:64:db:5d:22:42:5d:88:5f:60:96:17:7e:e9:45:44:78:75:
         d8:1f:b4:38:cd:e5:1a:04:30:cb:af:93:c6:d2:70:a2:b2:9d:
         f8:5a:70:77:71:b3:18:23:c3:ed:96:0a:08:f3:13:f3:f5:4f:
         6e:47:8f:5f:d1:12:4e:79:ec:11:c0:2a:4f:d7:e9:a1:ee:0e:
         d3:bd:95:ce:67:b6:a6:5c:2c:2d:89:a4:db:44:1c:87:d6:75:
         e7:8e:85:ef:26:63:34:ea:67:a3:ef:fe:8e:e1:b6:b7:12:c3:
         38:49:74:f1:1e:b9:7c:6f:7d:fe:62:1b:3b:c4:63:33:5c:54:
         42:f8:9e:b1:07:10:5e:84:d2:dc:45:dd:ef:68:f4:2b:98:40:
         aa:c3:46:71:f5:63:cb:f5:b2:45:a8:ad:aa:0a:0a:8d:ba:18:
         f1:ce:c2:b3:4d:9d:64:42:bd:91:ba:78:09:14:07:31:89:ac:
         d7:5c:1a:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdakmzjfeAbiImzyXKw2tCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjBmMTVkMjc4Mzc5NDgzYWFhMDYxM2NiZjU5MmU3MmNj
ODFlNDgwHhcNMjUwNjEwMTYwMDM0WhcNMjUwNjExMTYwMDM0WjAzMTEwLwYDVQQD
EyhmNDRjOGM3OTQ0MGIzMmUzMGJhNzBiNzgyNzRkNGJmMjg4NDIzNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLt5pXMTPmHErN8jKgHqj+Ei3/B9
zup8PE/L0Zssq+AvRXg+YlFoxublLenYVhSGMTt4p83dDUX0KTajQjFhWqQlfpr1
H1cgHSl0MSvlWn986MnyPXhJ0oVFMAmiaABMM89f6QYlj0Occ0TNgNUNU59Uy1NH
lWKUMvnMpppKAwxcaleYHJIXrKAwFMZBOrAc+BPx2V4/PE+GfFmBHodyJ7KNqpIw
0tsl5IVOelb1UZXGfSuMRxsuTl9BZTMceM2HOARRayodGjEWQB5MZu1EtnYleOYJ
2O74QSHEYRCgo0XK0ym625zGDLWICn2x5obQ5+OtNXFmjG4RNNllp8rLgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRMjHlECzLjC6cLeCdNS/KIQjahMB8GA1UdIwQY
MBaAFChg8V0ng3lIOqoGE8v1kucsyB5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDFiNzItOGJjZi00NTAwLTkxMjUt
MzIxYzE0ZGQ0NjM5LzEvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDFiNzItOGJjZi00NTAwLTkxMjUtMzIxYzE0ZGQ0NjM5
LzEvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAquV18Ng8
zII/lXaMdwKipWoZa7DdPaTw6soG1AsFeu+OJKPB2vsFVn1p+cO0GUuN72zBBhJu
Aux5A+209rmNPYQBmKFomyB0HmTbXSJCXYhfYJYXfulFRHh12B+0OM3lGgQwy6+T
xtJworKd+Fpwd3GzGCPD7ZYKCPMT8/VPbkePX9ESTnnsEcAqT9fpoe4O072Vzme2
plwsLYmk20Qch9Z1546F7yZjNOpno+/+juG2txLDOEl08R65fG99/mIbO8RjM1xU
QviesQcQXoTS3EXd72j0K5hAqsNGcfVjy/WyRaitqgoKjboY8c7Cs02dZEK9kbp4
CRQHMYms11wa0A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:31:27 2025 by rpki-client