Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          1aOAUGqxJlmmu5DhIfRVLP9GAL8YEcTiOJ6k1++lq3g=
Subject key identifier:   B7:06:67:BD:58:0D:FE:5C:BA:18:70:22:4D:C8:C7:C0:17:99:5D:DE
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       0199240C88ED19F0A52B00FB57AAD7C102A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 12:00:25 +0000
Manifest this update:     Sun 07 Sep 2025 12:00:25 +0000
Manifest next update:     Mon 08 Sep 2025 12:00:25 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: DGWluvb3YhTbY+0eglRg9tFNyIh4W6QMs9kRRLM7qDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0c:88:ed:19:f0:a5:2b:00:fb:57:aa:d7:c1:02:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Sep  7 12:00:25 2025 GMT
            Not After : Sep  8 12:00:25 2025 GMT
        Subject: CN=b70667bd580dfe5cba1870224dc8c7c017995dde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:90:8c:d9:64:58:43:04:9a:c6:01:a2:b6:b4:
                    fd:b6:a4:13:70:7f:74:67:2d:08:04:5f:ce:56:dd:
                    ea:46:01:eb:35:57:6f:00:64:95:a9:c3:14:05:10:
                    be:c2:e4:7b:24:bb:8d:24:8f:6c:41:21:57:06:27:
                    99:e0:04:a3:3e:a2:a1:6f:28:91:f1:a4:7d:30:01:
                    50:94:66:a8:3c:c9:47:ab:31:1c:b9:46:7f:47:65:
                    8d:8a:ff:f4:39:d3:0a:b7:3a:e5:a9:dc:2e:1b:2a:
                    27:e2:be:43:71:0f:f8:c8:9f:c5:51:e4:11:12:59:
                    7e:26:77:ef:4b:98:e0:76:33:a6:f4:7f:eb:0c:f1:
                    be:5e:c1:42:24:80:e9:e7:98:f7:75:e5:68:2d:e1:
                    b2:9b:b1:ae:52:12:31:15:2a:92:ba:1a:f2:25:57:
                    d9:87:80:01:c8:8d:d4:82:c0:dc:fc:83:e5:e2:33:
                    56:31:01:11:14:18:b9:89:ab:20:aa:25:4d:4e:12:
                    af:4c:0d:97:55:2a:48:40:3b:11:bf:26:32:02:73:
                    85:da:54:d8:55:43:8f:8b:a1:37:bf:94:de:74:39:
                    0c:8f:25:85:0c:0c:46:d4:ba:ab:b0:3b:64:a6:d6:
                    bc:a9:11:40:32:ec:2b:c0:83:1a:3d:95:8f:e8:7f:
                    e1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:06:67:BD:58:0D:FE:5C:BA:18:70:22:4D:C8:C7:C0:17:99:5D:DE
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:94:f6:3d:f4:d9:ac:1c:fa:7c:e9:d3:0f:93:30:54:17:5b:
         ff:63:c5:6d:ec:18:ea:9a:97:a9:9f:9c:c9:2e:b9:da:65:fa:
         d4:ee:06:7d:db:83:1f:97:c0:d2:6b:9e:d6:a5:1a:46:80:3b:
         d7:a0:e2:af:a1:b6:3b:a2:4b:4d:1d:71:e3:15:b3:33:67:eb:
         bd:14:65:d2:94:cf:8d:89:bc:79:36:26:16:c4:34:25:c3:37:
         53:8e:a3:e0:9a:0d:3c:64:ad:bf:f4:4a:21:7d:d2:6e:d1:9c:
         09:0f:3f:48:ee:5c:cd:d7:d0:60:ce:c9:f6:f0:ca:90:3a:45:
         be:b1:60:d0:35:97:db:8f:f7:3c:bb:63:73:0a:95:d3:cf:69:
         9d:c6:46:12:a2:a7:03:39:72:cf:1c:96:70:ef:bd:ff:44:8c:
         5a:f6:5d:b0:8e:df:6c:22:93:9d:15:2c:20:8c:e1:56:b8:07:
         1e:1b:54:03:ed:00:07:1e:31:18:f4:be:92:3e:6a:f1:5a:0b:
         eb:90:d7:65:66:62:49:0b:5d:eb:b9:43:a5:e9:63:93:d1:ef:
         33:5b:dc:eb:28:0e:19:3f:c2:ba:ab:65:d8:b2:19:ed:f8:58:
         c2:25:73:78:bc:46:8e:b4:6c:2a:40:18:00:80:a1:5d:a8:cd:
         59:3d:e4:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDIjtGfClKwD7V6rXwQKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwOTA3MTIwMDI1WhcNMjUwOTA4MTIwMDI1WjAzMTEwLwYDVQQD
EyhiNzA2NjdiZDU4MGRmZTVjYmExODcwMjI0ZGM4YzdjMDE3OTk1ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpCM2WRYQwSaxgGitrT9tqQTcH90
Zy0IBF/OVt3qRgHrNVdvAGSVqcMUBRC+wuR7JLuNJI9sQSFXBieZ4ASjPqKhbyiR
8aR9MAFQlGaoPMlHqzEcuUZ/R2WNiv/0OdMKtzrlqdwuGyon4r5DcQ/4yJ/FUeQR
Ell+JnfvS5jgdjOm9H/rDPG+XsFCJIDp55j3deVoLeGym7GuUhIxFSqSuhryJVfZ
h4AByI3UgsDc/IPl4jNWMQERFBi5iasgqiVNThKvTA2XVSpIQDsRvyYyAnOF2lTY
VUOPi6E3v5TedDkMjyWFDAxG1LqrsDtkpta8qRFAMuwrwIMaPZWP6H/hSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcGZ71YDf5cuhhwIk3Ix8AXmV3eMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJT2PfTZ
rBz6fOnTD5MwVBdb/2PFbewY6pqXqZ+cyS652mX61O4GfduDH5fA0mue1qUaRoA7
16Dir6G2O6JLTR1x4xWzM2frvRRl0pTPjYm8eTYmFsQ0JcM3U46j4JoNPGStv/RK
IX3SbtGcCQ8/SO5czdfQYM7J9vDKkDpFvrFg0DWX24/3PLtjcwqV089pncZGEqKn
AzlyzxyWcO+9/0SMWvZdsI7fbCKTnRUsIIzhVrgHHhtUA+0ABx4xGPS+kj5q8VoL
65DXZWZiSQtd67lDpeljk9HvM1vc6ygOGT/Cuqtl2LIZ7fhYwiVzeLxGjrRsKkAY
AIChXajNWT3k4g==
-----END CERTIFICATE-----