Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
File:                     KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json)
Hash identifier:          Sa91rRZS1kDgnq0SK338JLydgZTkch+YQsbf9EV+DYE=
Subject key identifier:   04:67:DB:53:59:5D:4C:96:AE:FE:C5:B3:89:10:FA:66:A0:E9:30:31
Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66
Certificate issuer:       /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
Certificate serial:       019A72CA23F0E2F1C48AD9C1B2FA039D92B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
Manifest number:          08B0
Signing time:             Tue 11 Nov 2025 12:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:41 +0000
Files and hashes:         1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: CEsFjeV0wXOlPmhXa/eJUPnE8Dqruxzj/ctraoB0PCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:23:f0:e2:f1:c4:8a:d9:c1:b2:fa:03:9d:92:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
        Validity
            Not Before: Nov 11 12:00:41 2025 GMT
            Not After : Nov 12 12:00:41 2025 GMT
        Subject: CN=0467db53595d4c96aefec5b38910fa66a0e93031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4e:04:f1:ea:26:84:5b:96:15:b9:a7:a5:46:
                    4b:70:12:46:bc:31:a3:35:6c:f7:10:1a:cb:60:5c:
                    7a:0b:e1:b6:09:9b:f5:96:35:3d:7a:06:f6:d1:84:
                    00:74:5d:9b:30:33:52:3b:d0:fb:f2:3d:d7:7e:77:
                    34:06:5a:0f:bb:33:a7:0a:95:b4:2a:c9:a6:c8:f6:
                    ab:61:6d:49:16:85:32:14:a9:46:27:14:73:6d:3f:
                    17:5b:b2:56:94:34:d1:7a:26:05:2d:f2:8e:bc:9b:
                    8b:e4:e9:f2:c3:dc:e5:bf:76:ca:e9:7e:70:89:96:
                    d7:f5:a2:09:0f:e1:cc:b8:c9:ef:3a:ff:f2:91:a2:
                    93:e1:10:93:56:72:bf:13:6a:1a:88:95:73:af:85:
                    e4:38:43:e7:de:7f:59:e4:99:49:95:25:49:8f:1b:
                    42:92:aa:ce:05:aa:e0:91:e4:40:43:9c:93:98:a9:
                    38:5d:f0:22:86:b0:d7:fa:39:84:82:eb:b9:57:b0:
                    4c:bf:0c:da:26:ad:39:62:52:a7:cb:f2:86:d4:c7:
                    2b:62:1d:83:8c:79:f7:8f:fa:3a:cc:60:cf:4e:ab:
                    c0:5b:22:ab:ff:5a:ca:14:b1:3c:3f:4c:f7:d2:69:
                    70:70:5e:14:4c:be:4d:97:3c:c2:73:1b:b3:f9:28:
                    7d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:67:DB:53:59:5D:4C:96:AE:FE:C5:B3:89:10:FA:66:A0:E9:30:31
            X509v3 Authority Key Identifier:
                keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:7a:e4:0b:f1:af:be:9f:ca:da:1f:82:28:6a:1a:88:96:c2:
         d9:fd:34:12:7d:f7:da:26:7f:a1:58:ce:b4:7f:2e:ee:96:6d:
         3f:09:56:28:fa:92:e3:66:a3:83:14:12:2a:5f:f2:79:6d:07:
         94:45:69:26:a0:89:33:7b:35:b7:69:2b:3d:50:1f:4d:c1:a9:
         93:40:91:c4:37:70:dd:90:e2:8e:17:b0:a8:ce:c9:4b:33:7a:
         bd:2a:31:10:9c:e2:97:b8:45:19:c7:5b:30:5a:e3:52:dd:e1:
         00:96:bb:f1:d1:68:86:5a:66:ac:95:7c:ef:95:e0:5c:13:0d:
         3c:91:a5:63:86:ca:6a:da:f5:a3:3d:0a:ba:23:09:77:a3:b3:
         45:54:52:1c:8a:09:4e:12:da:7f:72:8b:21:20:7e:23:fe:8d:
         32:d9:38:6a:68:31:b0:cb:d6:a7:9b:c2:cf:63:20:0a:84:8e:
         b0:de:14:52:4e:a0:5e:26:93:56:13:50:87:47:44:25:87:a1:
         d8:95:71:78:0a:e8:9e:70:2a:c2:8b:b2:59:b1:68:2f:1d:59:
         98:57:37:fb:23:8a:78:d2:5f:d6:95:d6:ea:a0:29:80:b8:9e:
         9b:e3:9f:82:82:37:81:5f:bc:03:03:41:e5:e6:70:19:ff:d6:
         5f:2c:ed:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyiPw4vHEitnBsvoDnZK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl
Zjg3NjYwHhcNMjUxMTExMTIwMDQxWhcNMjUxMTEyMTIwMDQxWjAzMTEwLwYDVQQD
EygwNDY3ZGI1MzU5NWQ0Yzk2YWVmZWM1YjM4OTEwZmE2NmEwZTkzMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU4E8eomhFuWFbmnpUZLcBJGvDGj
NWz3EBrLYFx6C+G2CZv1ljU9egb20YQAdF2bMDNSO9D78j3Xfnc0BloPuzOnCpW0
KsmmyParYW1JFoUyFKlGJxRzbT8XW7JWlDTReiYFLfKOvJuL5Onyw9zlv3bK6X5w
iZbX9aIJD+HMuMnvOv/ykaKT4RCTVnK/E2oaiJVzr4XkOEPn3n9Z5JlJlSVJjxtC
kqrOBargkeRAQ5yTmKk4XfAihrDX+jmEguu5V7BMvwzaJq05YlKny/KG1McrYh2D
jHn3j/o6zGDPTqvAWyKr/1rKFLE8P0z30mlwcF4UTL5NlzzCcxuz+Sh9VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARn21NZXUyWrv7Fs4kQ+mag6TAxMB8GA1UdIwQY
MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt
MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk
LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnrkC/Gv
vp/K2h+CKGoaiJbC2f00En332iZ/oVjOtH8u7pZtPwlWKPqS42ajgxQSKl/yeW0H
lEVpJqCJM3s1t2krPVAfTcGpk0CRxDdw3ZDijhewqM7JSzN6vSoxEJzil7hFGcdb
MFrjUt3hAJa78dFohlpmrJV875XgXBMNPJGlY4bKatr1oz0KuiMJd6OzRVRSHIoJ
ThLaf3KLISB+I/6NMtk4amgxsMvWp5vCz2MgCoSOsN4UUk6gXiaTVhNQh0dEJYeh
2JVxeAronnAqwouyWbFoLx1ZmFc3+yOKeNJf1pXW6qApgLiem+OfgoI3gV+8AwNB
5eZwGf/WXyztlw==
-----END CERTIFICATE-----