Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          ae31VqFhcSlb0XrEHWzKj5bgL6SFarE4UGSONQIIAgA=
Subject key identifier:   D7:16:ED:3B:F0:24:1D:35:F2:3A:50:5F:91:FD:C4:95:27:E6:9A:95
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       01975423770F3DC8C0EBCAB5BE7F2BA574C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          1580
Signing time:             Mon 09 Jun 2025 10:01:39 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:39 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:39 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: MTxfeAYXGd43fDtbiFinycn4mLCLYeXK/M7eX5WOt2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:77:0f:3d:c8:c0:eb:ca:b5:be:7f:2b:a5:74:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Jun  9 10:01:39 2025 GMT
            Not After : Jun 10 10:01:39 2025 GMT
        Subject: CN=d716ed3bf0241d35f23a505f91fdc49527e69a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:06:2a:82:aa:e8:b4:72:15:e8:9d:d8:85:8c:
                    da:00:20:0a:5f:04:2f:9a:ab:82:db:6e:fb:56:6b:
                    1c:23:fd:1f:49:21:34:6c:55:24:e1:f7:95:32:c7:
                    81:d8:ea:a1:98:a9:00:a0:bf:ba:6c:a4:cf:88:15:
                    46:d4:6f:42:35:ce:23:e4:11:3c:cd:d2:16:51:b9:
                    2e:b7:61:9f:ac:50:2f:eb:87:77:68:46:61:a5:d1:
                    e0:1f:05:b5:20:a8:8a:26:ae:32:27:b9:f3:c4:a4:
                    ca:ea:60:3a:56:f1:dd:6d:d6:56:e4:1d:e8:e9:cc:
                    e3:40:db:9d:a0:14:08:ed:37:1d:87:5a:30:55:8c:
                    56:7e:d2:74:49:8c:cf:73:1a:77:84:70:17:87:f0:
                    fd:39:5d:27:8c:59:8a:d1:0b:b6:26:27:48:19:c4:
                    a1:dc:67:0b:1f:8c:d8:95:c3:c7:b6:d2:5a:55:c1:
                    eb:2a:df:52:0d:f8:11:35:1d:df:8a:71:86:a4:d6:
                    0f:ff:bf:2d:53:3c:93:dc:5a:ca:da:49:d9:06:6d:
                    98:63:93:66:55:ce:85:11:27:32:a9:34:aa:af:9f:
                    b8:c7:7b:41:39:d6:ff:6b:ff:de:a4:8a:a5:44:11:
                    2a:59:b0:38:c2:af:f8:52:06:48:87:80:7d:3d:86:
                    b7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:16:ED:3B:F0:24:1D:35:F2:3A:50:5F:91:FD:C4:95:27:E6:9A:95
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:5d:7d:69:19:6d:21:d9:4e:9a:21:f7:cf:59:2e:f4:ee:17:
         51:84:c3:b3:ae:da:dc:7e:69:42:67:fe:a0:0c:25:c7:c2:51:
         ca:49:72:6b:c8:a4:2a:82:0c:78:db:73:ec:83:6c:dc:62:df:
         ec:df:10:ed:12:e1:7d:0c:37:f2:42:70:8e:38:05:31:47:82:
         2f:5b:a0:ee:c0:38:2b:1b:bd:61:cb:e6:22:68:76:b2:89:22:
         2f:08:2f:ab:38:98:b8:e3:76:70:36:88:f1:4e:87:c9:b5:10:
         60:a7:a2:e0:3d:cf:ff:3b:8e:61:e8:ca:51:c9:d8:94:fe:ee:
         4b:36:a7:e9:8a:64:6e:57:fa:2f:96:66:f6:54:cd:09:24:9b:
         97:22:8a:11:a5:87:47:8d:47:f5:5b:b7:8b:6c:f2:67:53:a9:
         25:71:33:81:ae:2b:10:21:9c:3f:2e:17:e8:19:25:03:ca:f8:
         d9:f1:a2:bd:f9:23:35:e9:4f:1e:f4:a7:92:1f:9b:db:29:62:
         b7:aa:0a:bb:14:8f:ef:f8:1c:6d:d7:5d:67:1b:d0:02:9b:bd:
         d8:23:7a:d2:26:cb:72:97:53:70:42:9b:ff:12:1e:bd:0d:7e:
         82:3c:bc:3a:15:ea:0f:2a:ca:4c:ae:5a:57:ce:73:06:60:bc:
         e9:1b:da:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI3cPPcjA68q1vn8rpXTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwNjA5MTAwMTM5WhcNMjUwNjEwMTAwMTM5WjAzMTEwLwYDVQQD
EyhkNzE2ZWQzYmYwMjQxZDM1ZjIzYTUwNWY5MWZkYzQ5NTI3ZTY5YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgYqgqrotHIV6J3YhYzaACAKXwQv
mquC2277VmscI/0fSSE0bFUk4feVMseB2OqhmKkAoL+6bKTPiBVG1G9CNc4j5BE8
zdIWUbkut2GfrFAv64d3aEZhpdHgHwW1IKiKJq4yJ7nzxKTK6mA6VvHdbdZW5B3o
6czjQNudoBQI7Tcdh1owVYxWftJ0SYzPcxp3hHAXh/D9OV0njFmK0Qu2JidIGcSh
3GcLH4zYlcPHttJaVcHrKt9SDfgRNR3finGGpNYP/78tUzyT3FrK2knZBm2YY5Nm
Vc6FEScyqTSqr5+4x3tBOdb/a//epIqlRBEqWbA4wq/4UgZIh4B9PYa3pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcW7TvwJB018jpQX5H9xJUn5pqVMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsF19aRlt
IdlOmiH3z1ku9O4XUYTDs67a3H5pQmf+oAwlx8JRyklya8ikKoIMeNtz7INs3GLf
7N8Q7RLhfQw38kJwjjgFMUeCL1ug7sA4Kxu9YcvmImh2sokiLwgvqziYuON2cDaI
8U6HybUQYKei4D3P/zuOYejKUcnYlP7uSzan6Ypkblf6L5Zm9lTNCSSblyKKEaWH
R41H9Vu3i2zyZ1OpJXEzga4rECGcPy4X6BklA8r42fGivfkjNelPHvSnkh+b2yli
t6oKuxSP7/gcbdddZxvQApu92CN60ibLcpdTcEKb/xIevQ1+gjy8OhXqDyrKTK5a
V85zBmC86Rvaww==
-----END CERTIFICATE-----