Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          QeS9X38DuWs1bwL+rqCWU7m/8kttKYdis88MHVrSJI0=
Subject key identifier:   58:93:45:CD:54:F8:6B:66:1C:10:3B:09:1F:37:27:EA:50:4C:EC:52
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       01964F6C6AC6F744AA2F2A5D99FD38617080
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          0C9C
Signing time:             Sat 19 Apr 2025 19:00:27 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:27 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:27 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: pCLWhrdIdFre9vxS2TAcmd8Yd6Zii5nAzs1CnisQddw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:6a:c6:f7:44:aa:2f:2a:5d:99:fd:38:61:70:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: Apr 19 19:00:27 2025 GMT
            Not After : Apr 20 19:00:27 2025 GMT
        Subject: CN=589345cd54f86b661c103b091f3727ea504cec52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:99:5c:4e:40:17:c5:2e:de:f3:4c:77:9f:00:
                    68:bd:a1:5b:6b:ea:ff:0b:5b:fc:3a:46:ee:1e:2f:
                    16:f9:28:1c:97:0b:45:82:1d:92:6b:16:9e:62:83:
                    68:97:06:26:57:84:fa:6f:73:37:db:17:ad:d8:89:
                    c1:9f:f2:99:9f:31:e0:d8:c0:07:e1:e5:de:73:4f:
                    87:78:01:48:73:0c:22:de:c7:e0:4d:95:c9:40:a3:
                    cd:45:d9:d3:4b:06:de:8f:5a:57:9f:97:5f:58:6b:
                    79:14:09:40:21:fd:16:b2:95:50:d2:5c:d1:11:0f:
                    b7:60:a9:f4:07:60:23:c2:da:fa:9d:75:e4:ce:a2:
                    59:cf:42:9a:86:ff:5f:20:43:34:c3:66:c3:21:b5:
                    63:65:06:f5:20:2a:eb:ec:88:4c:e2:60:a6:d3:17:
                    c4:46:47:24:f5:05:88:28:0b:72:d9:a4:4b:22:50:
                    a3:2e:38:36:9d:05:4d:37:59:68:a6:c5:01:16:69:
                    f9:56:04:a1:7b:a6:36:0a:e4:c8:6d:ce:53:a1:e4:
                    28:45:ca:a3:41:c2:13:51:d6:54:cb:3b:7c:c5:b5:
                    d6:d3:0a:bf:5f:b4:47:93:16:0d:d0:80:fa:64:c2:
                    4a:97:c4:97:be:60:ba:8b:01:be:12:33:67:76:a3:
                    2c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:93:45:CD:54:F8:6B:66:1C:10:3B:09:1F:37:27:EA:50:4C:EC:52
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:c7:41:e1:23:f5:b5:cb:51:52:18:9d:0e:8a:6c:7c:be:2a:
         67:7e:eb:65:87:9e:a2:b3:9c:47:bb:d6:04:c7:64:fa:59:27:
         c5:dc:e2:7b:62:1f:ad:60:cf:89:be:b0:0a:5f:c8:19:dc:0a:
         b7:4e:6c:03:28:86:0a:c6:3c:57:e9:81:0c:a2:85:3b:02:70:
         8a:0d:5f:28:b6:e8:83:bf:42:d1:cb:ce:07:21:a8:02:d7:cc:
         a0:f3:eb:17:48:32:c3:48:3a:33:aa:bf:bb:fa:8f:6e:4b:c3:
         18:65:13:67:37:59:33:f1:63:96:6c:b7:b5:46:b6:6b:ae:93:
         3a:13:98:95:53:59:ca:9c:b4:71:b3:87:63:99:1f:22:eb:c6:
         a0:1b:81:d3:b7:ec:ee:3e:f0:6b:29:3c:81:22:95:3a:81:38:
         72:36:d1:27:bc:27:64:6f:4a:53:c1:56:a8:ec:33:f6:ac:e5:
         1b:ae:a2:16:ae:31:75:fa:98:b6:21:a4:21:89:8a:ca:c5:b4:
         74:e4:27:ed:23:f6:3f:42:80:b5:0b:26:c5:ea:59:c8:28:13:
         36:d5:7f:aa:44:77:68:0d:28:6e:3e:90:d9:50:10:62:a9:6f:
         a6:99:ae:de:46:af:11:a6:1a:6d:cc:f5:45:72:1e:1f:fd:23:
         f7:b7:01:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbGrG90SqLypdmf04YXCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjUwNDE5MTkwMDI3WhcNMjUwNDIwMTkwMDI3WjAzMTEwLwYDVQQD
Eyg1ODkzNDVjZDU0Zjg2YjY2MWMxMDNiMDkxZjM3MjdlYTUwNGNlYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmplcTkAXxS7e80x3nwBovaFba+r/
C1v8OkbuHi8W+SgclwtFgh2SaxaeYoNolwYmV4T6b3M32xet2InBn/KZnzHg2MAH
4eXec0+HeAFIcwwi3sfgTZXJQKPNRdnTSwbej1pXn5dfWGt5FAlAIf0WspVQ0lzR
EQ+3YKn0B2Ajwtr6nXXkzqJZz0Kahv9fIEM0w2bDIbVjZQb1ICrr7IhM4mCm0xfE
Rkck9QWIKAty2aRLIlCjLjg2nQVNN1lopsUBFmn5VgShe6Y2CuTIbc5ToeQoRcqj
QcITUdZUyzt8xbXW0wq/X7RHkxYN0ID6ZMJKl8SXvmC6iwG+EjNndqMsxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiTRc1U+GtmHBA7CR83J+pQTOxSMB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8dB4SP1
tctRUhidDopsfL4qZ37rZYeeorOcR7vWBMdk+lknxdzie2IfrWDPib6wCl/IGdwK
t05sAyiGCsY8V+mBDKKFOwJwig1fKLbog79C0cvOByGoAtfMoPPrF0gyw0g6M6q/
u/qPbkvDGGUTZzdZM/Fjlmy3tUa2a66TOhOYlVNZypy0cbOHY5kfIuvGoBuB07fs
7j7wayk8gSKVOoE4cjbRJ7wnZG9KU8FWqOwz9qzlG66iFq4xdfqYtiGkIYmKysW0
dOQn7SP2P0KAtQsmxepZyCgTNtV/qkR3aA0obj6Q2VAQYqlvppmu3kavEaYabcz1
RXIeH/0j97cBbg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:25:45 2025 by rpki-client