Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          hdfzdJJ3pu70Ahl+ZZKaSzmuVu5UHeY7G6jfZ3POIsY=
Subject key identifier:   8B:18:14:72:D5:2C:00:B7:7F:10:23:46:89:EE:11:9C:86:ED:C3:36
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       0194C3F5E8E224DAC617DC18694564941946
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          142B
Signing time:             Sun 02 Feb 2025 00:01:00 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:00 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:00 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: AgDfyZVOi8b+y+ynaEePosHLyerfNcYPzi5THwXIIf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:e8:e2:24:da:c6:17:dc:18:69:45:64:94:19:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Feb  2 00:01:00 2025 GMT
            Not After : Feb  3 00:01:00 2025 GMT
        Subject: CN=8b181472d52c00b77f10234689ee119c86edc336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:da:99:7a:d4:51:7d:a9:bf:52:37:f6:d6:70:
                    f6:7e:44:ab:0f:0d:56:82:f7:21:25:a6:03:a2:f3:
                    7c:59:29:14:dc:df:32:10:cb:fb:03:48:8f:dd:3c:
                    80:88:0c:39:97:23:72:e4:ae:1b:ab:c5:a8:1d:0f:
                    4d:36:4f:43:b0:27:48:10:5f:f4:7e:6e:67:e2:c7:
                    c7:f5:71:c2:b2:76:40:ac:05:65:eb:64:ea:cc:85:
                    39:c6:42:76:0e:16:99:20:ec:24:54:73:36:52:76:
                    8c:4c:0f:80:68:44:15:04:0d:51:f6:21:a6:43:5c:
                    43:fa:dc:3b:b9:c8:f7:ca:5a:2c:e5:17:e2:be:19:
                    df:d4:25:4c:3e:bf:6d:58:39:07:c5:0d:ca:77:2d:
                    cb:97:d6:23:b1:9e:83:1c:f7:34:50:22:f6:f9:4f:
                    80:af:6a:18:d3:3d:c6:87:91:67:41:41:c9:a2:0c:
                    0b:5e:e0:97:5a:16:12:85:12:b5:9a:48:28:e4:f9:
                    f5:16:0c:3a:69:82:ae:66:7f:15:72:4e:57:25:b8:
                    12:74:30:d0:44:22:5e:1d:d3:b8:3d:f8:4f:e6:ac:
                    df:24:c7:86:11:06:f7:fd:4b:80:5b:b8:0f:4f:45:
                    5b:98:06:50:3f:f6:32:28:23:37:da:2b:d8:bd:c4:
                    0d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:18:14:72:D5:2C:00:B7:7F:10:23:46:89:EE:11:9C:86:ED:C3:36
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:a5:54:db:7a:d3:d0:aa:7a:2f:76:04:25:46:52:b6:ec:3d:
         64:d4:69:85:db:78:5c:fb:3e:e5:3b:bd:51:89:d7:9f:5d:bd:
         34:66:d5:ec:5b:48:15:19:cb:bd:12:44:11:e3:63:0d:c6:63:
         81:a0:46:04:08:07:e6:ab:5d:4e:4c:88:e3:24:55:fe:d3:d3:
         7c:f4:7d:6e:04:a8:69:ff:66:02:94:ba:c0:22:51:71:ed:53:
         32:56:fd:e3:25:b6:56:fe:a4:f7:09:f6:65:f3:29:7f:61:4e:
         da:2d:9a:d0:82:5f:b5:88:d0:b3:3d:56:ef:c7:3b:86:78:c8:
         06:4a:2e:39:81:dc:14:fe:ae:4d:c7:d6:27:7f:0d:97:e1:88:
         05:41:f0:54:a5:04:9f:c1:08:66:36:95:9e:3c:69:c8:43:76:
         0a:4a:43:bf:2e:d1:00:2e:1b:d2:fa:a1:ed:c5:48:73:4b:f9:
         28:0a:46:6d:5f:f0:22:b6:ec:dc:11:b9:ef:04:85:85:5f:c7:
         af:da:a1:31:12:0d:3c:1a:21:2f:d3:9b:f8:be:a6:61:4b:dc:
         dd:8e:1f:a9:de:aa:d3:a7:00:b4:ac:53:ae:15:aa:f7:8f:03:
         eb:ad:65:65:8d:15:c1:b4:ec:b7:65:d5:34:85:25:fd:61:1f:
         12:78:a0:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9ejiJNrGF9wYaUVklBlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwMjAyMDAwMTAwWhcNMjUwMjAzMDAwMTAwWjAzMTEwLwYDVQQD
Eyg4YjE4MTQ3MmQ1MmMwMGI3N2YxMDIzNDY4OWVlMTE5Yzg2ZWRjMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNqZetRRfam/Ujf21nD2fkSrDw1W
gvchJaYDovN8WSkU3N8yEMv7A0iP3TyAiAw5lyNy5K4bq8WoHQ9NNk9DsCdIEF/0
fm5n4sfH9XHCsnZArAVl62TqzIU5xkJ2DhaZIOwkVHM2UnaMTA+AaEQVBA1R9iGm
Q1xD+tw7ucj3ylos5Rfivhnf1CVMPr9tWDkHxQ3Kdy3Ll9YjsZ6DHPc0UCL2+U+A
r2oY0z3Gh5FnQUHJogwLXuCXWhYShRK1mkgo5Pn1Fgw6aYKuZn8Vck5XJbgSdDDQ
RCJeHdO4PfhP5qzfJMeGEQb3/UuAW7gPT0VbmAZQP/YyKCM32ivYvcQN1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsYFHLVLAC3fxAjRonuEZyG7cM2MB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6VU23rT
0Kp6L3YEJUZStuw9ZNRphdt4XPs+5Tu9UYnXn129NGbV7FtIFRnLvRJEEeNjDcZj
gaBGBAgH5qtdTkyI4yRV/tPTfPR9bgSoaf9mApS6wCJRce1TMlb94yW2Vv6k9wn2
ZfMpf2FO2i2a0IJftYjQsz1W78c7hnjIBkouOYHcFP6uTcfWJ38Nl+GIBUHwVKUE
n8EIZjaVnjxpyEN2CkpDvy7RAC4b0vqh7cVIc0v5KApGbV/wIrbs3BG57wSFhV/H
r9qhMRINPBohL9Ob+L6mYUvc3Y4fqd6q06cAtKxTrhWq948D661lZY0VwbTst2XV
NIUl/WEfEnigYA==
-----END CERTIFICATE-----