Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
File:                     0jtkd-HIT1KQfNYMY-qD715Kx4I.mft (raw, json)
Hash identifier:          6Xo6WxsZb9M+fihmrEDMEP7ih4uAQZpJbIF4s3THuhg=
Subject key identifier:   09:D3:04:C8:2B:65:FD:71:19:DD:AD:DF:C4:87:3C:4F:E5:C1:96:14
Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82
Certificate issuer:       /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
Certificate serial:       0197597FB723704D2374A6238CCC1A45AC59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
Manifest number:          08D1
Signing time:             Tue 10 Jun 2025 11:00:31 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:31 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:31 +0000
Files and hashes:         1: 0jtkd-HIT1KQfNYMY-qD715Kx4I.crl (hash: VnbSc27K36bD8kKoGlNBABgh37zc2ooBrZ1fS5yUfZM=)
                          2: 99RaY9xH4qOYuC0KdiJQrFMbC5E.roa (hash: TZUHN/mcHmz7AzTn504QkH94CMbEPlnfBvzJqjhXWtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:7f:b7:23:70:4d:23:74:a6:23:8c:cc:1a:45:ac:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
        Validity
            Not Before: Jun 10 11:00:31 2025 GMT
            Not After : Jun 11 11:00:31 2025 GMT
        Subject: CN=09d304c82b65fd7119ddaddfc4873c4fe5c19614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:91:bd:69:94:79:29:4f:40:fa:82:cb:7a:a4:
                    6c:51:8c:3a:05:ea:9b:0b:2f:16:8d:25:80:40:32:
                    87:68:f7:28:bf:06:8b:67:61:61:6f:80:54:30:8a:
                    68:be:51:38:ea:8b:a0:50:a5:51:51:cc:81:84:b2:
                    50:13:f5:b4:fe:38:36:05:67:f1:c8:f9:44:11:5f:
                    1b:38:d0:dd:92:87:80:c2:99:24:84:e3:45:b1:0e:
                    03:cb:ba:78:86:1b:fc:e9:82:31:54:ce:3f:04:e5:
                    08:34:43:3d:d3:f7:03:5e:c1:e7:5d:75:3f:02:2b:
                    3d:c4:7f:6f:eb:77:8e:fe:45:33:32:1b:8a:b2:6c:
                    64:44:2e:35:f5:81:76:15:6f:fc:14:17:b9:2f:c1:
                    33:78:c6:fc:76:03:ef:87:54:bf:1f:df:fe:4c:4e:
                    37:07:8a:ac:d1:4a:d9:54:01:e2:40:20:97:a2:67:
                    66:5c:0b:16:c4:01:4e:11:b7:ba:b9:ce:d7:4c:14:
                    a3:36:4a:ab:72:58:14:41:b8:e5:25:51:4e:07:60:
                    d6:ac:9b:7b:31:e0:84:e5:0b:a0:78:99:4f:d0:e5:
                    1d:12:bb:d1:57:0c:59:d4:93:87:34:25:91:4c:c2:
                    4b:b4:39:52:f4:d6:a1:18:52:07:d5:76:42:43:84:
                    cc:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D3:04:C8:2B:65:FD:71:19:DD:AD:DF:C4:87:3C:4F:E5:C1:96:14
            X509v3 Authority Key Identifier:
                keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:1e:3f:26:ba:2f:93:11:40:07:c7:de:21:7b:28:9f:71:c0:
         b9:3f:1b:9b:db:8d:87:48:3a:a5:ed:24:e0:01:e3:b5:96:16:
         61:be:45:64:47:57:b6:91:c9:3d:fa:de:a8:df:b3:30:d4:2c:
         c0:94:52:a9:a0:2c:b3:b6:27:41:4e:f4:69:8e:65:d4:14:4c:
         9b:15:5e:75:38:8b:39:9a:26:ea:66:b0:0d:ae:37:af:14:c3:
         57:a4:11:2c:4b:d0:99:80:85:71:08:15:53:92:a9:4b:d3:a8:
         fc:1d:10:9e:dd:85:da:ae:fe:40:78:88:95:fb:06:d8:12:93:
         d8:3f:5b:5b:71:fb:04:9f:4c:f2:00:9b:99:c8:fa:a7:f6:49:
         42:18:34:41:b2:e4:28:fa:44:ac:9b:5b:65:c8:c6:32:0c:9d:
         ac:45:d6:40:94:2b:4b:5c:87:af:07:bf:8c:02:16:a7:c8:bb:
         40:bc:fb:1c:3b:ca:16:d9:dc:39:48:9d:a9:34:1a:0b:1a:bd:
         7c:d6:d9:4d:60:37:85:d1:23:a7:21:f0:55:b1:15:15:c2:43:
         2b:0f:0d:6f:49:7c:cb:0a:7d:86:9b:18:0b:c4:6d:ad:5e:db:
         e1:5a:e4:fc:85:73:d3:c0:01:fc:2f:1c:93:67:ac:9e:ff:c2:
         d1:a4:59:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf7cjcE0jdKYjjMwaRaxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0
YWM3ODIwHhcNMjUwNjEwMTEwMDMxWhcNMjUwNjExMTEwMDMxWjAzMTEwLwYDVQQD
EygwOWQzMDRjODJiNjVmZDcxMTlkZGFkZGZjNDg3M2M0ZmU1YzE5NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJG9aZR5KU9A+oLLeqRsUYw6Beqb
Cy8WjSWAQDKHaPcovwaLZ2Fhb4BUMIpovlE46ougUKVRUcyBhLJQE/W0/jg2BWfx
yPlEEV8bONDdkoeAwpkkhONFsQ4Dy7p4hhv86YIxVM4/BOUINEM90/cDXsHnXXU/
Ais9xH9v63eO/kUzMhuKsmxkRC419YF2FW/8FBe5L8EzeMb8dgPvh1S/H9/+TE43
B4qs0UrZVAHiQCCXomdmXAsWxAFOEbe6uc7XTBSjNkqrclgUQbjlJVFOB2DWrJt7
MeCE5QugeJlP0OUdErvRVwxZ1JOHNCWRTMJLtDlS9NahGFIH1XZCQ4TMuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnTBMgrZf1xGd2t38SHPE/lwZYUMB8GA1UdIwQY
MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt
MjI1NTU4NWRkZWNiLzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi
LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuB4/Jrov
kxFAB8feIXson3HAuT8bm9uNh0g6pe0k4AHjtZYWYb5FZEdXtpHJPfreqN+zMNQs
wJRSqaAss7YnQU70aY5l1BRMmxVedTiLOZom6mawDa43rxTDV6QRLEvQmYCFcQgV
U5KpS9Oo/B0Qnt2F2q7+QHiIlfsG2BKT2D9bW3H7BJ9M8gCbmcj6p/ZJQhg0QbLk
KPpErJtbZcjGMgydrEXWQJQrS1yHrwe/jAIWp8i7QLz7HDvKFtncOUidqTQaCxq9
fNbZTWA3hdEjpyHwVbEVFcJDKw8Nb0l8ywp9hpsYC8RtrV7b4Vrk/IVz08AB/C8c
k2esnv/C0aRZUA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:28:16 2025 by rpki-client