Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
File:                     WFRbn70B0owOptCPW0cts0-tLqM.mft (raw, json)
Hash identifier:          +eY8W4r4wwZxBWzihQVnAmHC9kbptQgVKJUhEldjd5A=
Subject key identifier:   7A:D6:C5:77:36:25:F4:62:FE:EA:D6:44:35:D6:45:91:72:5A:64:5E
Authority key identifier: 58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3
Certificate issuer:       /CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
Certificate serial:       01974EC5775ACB226A9F7D9BB09A6513176E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
Manifest number:          1545
Signing time:             Sun 08 Jun 2025 09:00:53 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:53 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:53 +0000
Files and hashes:         1: WFRbn70B0owOptCPW0cts0-tLqM.crl (hash: Fgz92ASkYoMWpRX7/ieAJc81f9WApN3nRah4E4rdHUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 09:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:77:5a:cb:22:6a:9f:7d:9b:b0:9a:65:13:17:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
        Validity
            Not Before: Jun  8 09:00:53 2025 GMT
            Not After : Jun  9 09:00:53 2025 GMT
        Subject: CN=7ad6c5773625f462feead64435d64591725a645e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:0d:b3:97:a3:bb:c6:5c:bb:90:e9:02:62:38:
                    37:37:65:e4:74:e8:77:91:cb:a4:27:63:af:10:cd:
                    46:88:ba:ee:0f:c8:54:e5:3a:ae:15:91:60:1d:c7:
                    1a:85:38:07:a6:6d:be:a8:db:86:7a:04:1e:7d:f6:
                    d6:07:a7:a4:6a:ed:b9:ed:b4:6a:f5:fb:70:74:fe:
                    f2:54:bc:55:a0:7f:bd:86:9b:fe:5f:94:ea:29:ed:
                    eb:0d:85:76:46:6b:70:46:90:99:94:27:b1:2f:06:
                    98:ab:c9:d4:53:66:61:ba:ef:d2:f1:8c:54:e1:f2:
                    53:46:d7:b9:56:e6:a1:35:20:96:a3:dd:a4:ed:00:
                    e2:78:f3:14:1c:ea:f0:a5:ed:31:40:25:d5:68:f2:
                    41:8e:ee:a0:5c:fb:14:b7:90:3e:73:2b:2b:a9:f7:
                    c8:dc:7f:f2:6e:60:d1:59:08:d5:b3:d3:ee:9a:93:
                    59:da:7f:80:80:08:02:00:b2:ba:f9:d3:79:35:ca:
                    78:76:94:91:5b:34:0f:18:40:60:75:8f:20:25:7f:
                    2d:47:3f:1e:cf:d3:c6:a6:3b:9b:27:c2:85:98:4f:
                    67:63:91:d1:5f:21:52:0f:a1:e0:b7:1b:03:33:d6:
                    26:41:74:8b:64:65:f7:ed:a0:c6:28:c2:1f:f4:8a:
                    9b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D6:C5:77:36:25:F4:62:FE:EA:D6:44:35:D6:45:91:72:5A:64:5E
            X509v3 Authority Key Identifier:
                keyid:58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:52:d3:f4:17:21:18:c0:0f:3b:39:2f:f3:da:d7:1f:30:b1:
         88:d5:92:07:fa:b6:0e:33:55:0c:ff:75:74:18:3c:91:51:f9:
         ed:b5:5d:68:bd:aa:0f:13:31:49:65:57:c9:97:c5:d9:0e:81:
         35:d4:bf:17:48:c8:be:0b:97:56:c4:da:89:50:69:1c:56:32:
         6d:60:10:6c:fd:00:a6:78:4e:19:29:43:f9:ed:be:09:3c:fc:
         9f:43:87:4d:72:c2:c3:a5:90:72:65:ae:ad:1d:99:2a:b9:09:
         2f:79:bf:f6:33:1f:48:f9:9a:1a:ad:8f:61:45:12:1c:7f:87:
         36:02:37:11:c6:ab:c9:49:7b:09:dc:a6:8c:c5:c5:94:47:bf:
         a3:81:bd:25:35:fe:48:99:6e:04:b8:3f:ef:bf:80:91:5a:4a:
         95:ef:e0:8e:a4:58:0c:5d:3e:06:80:ea:a6:cd:25:7b:86:7c:
         78:f4:87:38:65:d0:09:c0:26:d1:ba:74:77:58:24:a9:b9:67:
         b6:c4:8a:cb:94:02:03:d9:b5:76:d3:dd:17:d8:4a:d5:de:50:
         12:92:55:47:66:0a:59:6f:2e:24:1e:50:14:6c:49:be:3f:b9:
         65:3d:ab:f6:4a:64:69:48:19:7c:83:60:fd:2b:f8:23:8c:b5:
         e9:75:5f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxXdayyJqn32bsJplExduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTQ1YjlmYmQwMWQyOGMwZWE2ZDA4ZjViNDcyZGIzNGZh
ZDJlYTMwHhcNMjUwNjA4MDkwMDUzWhcNMjUwNjA5MDkwMDUzWjAzMTEwLwYDVQQD
Eyg3YWQ2YzU3NzM2MjVmNDYyZmVlYWQ2NDQzNWQ2NDU5MTcyNWE2NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA2zl6O7xly7kOkCYjg3N2XkdOh3
kcukJ2OvEM1GiLruD8hU5TquFZFgHccahTgHpm2+qNuGegQeffbWB6ekau257bRq
9ftwdP7yVLxVoH+9hpv+X5TqKe3rDYV2RmtwRpCZlCexLwaYq8nUU2Zhuu/S8YxU
4fJTRte5VuahNSCWo92k7QDiePMUHOrwpe0xQCXVaPJBju6gXPsUt5A+cysrqffI
3H/ybmDRWQjVs9PumpNZ2n+AgAgCALK6+dN5Ncp4dpSRWzQPGEBgdY8gJX8tRz8e
z9PGpjubJ8KFmE9nY5HRXyFSD6HgtxsDM9YmQXSLZGX37aDGKMIf9IqbpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrWxXc2JfRi/urWRDXWRZFyWmReMB8GA1UdIwQY
MBaAFFhUW5+9AdKMDqbQj1tHLbNPrS6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgt
NGY4ZDkzNTVkODYyLzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgtNGY4ZDkzNTVkODYy
LzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXlLT9Bch
GMAPOzkv89rXHzCxiNWSB/q2DjNVDP91dBg8kVH57bVdaL2qDxMxSWVXyZfF2Q6B
NdS/F0jIvguXVsTaiVBpHFYybWAQbP0ApnhOGSlD+e2+CTz8n0OHTXLCw6WQcmWu
rR2ZKrkJL3m/9jMfSPmaGq2PYUUSHH+HNgI3EcaryUl7CdymjMXFlEe/o4G9JTX+
SJluBLg/77+AkVpKle/gjqRYDF0+BoDqps0le4Z8ePSHOGXQCcAm0bp0d1gkqbln
tsSKy5QCA9m1dtPdF9hK1d5QEpJVR2YKWW8uJB5QFGxJvj+5ZT2r9kpkaUgZfINg
/Sv4I4y16XVfnQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:43:14 2025 by rpki-client