Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
File:                     6Md5F2XIhNCFX-0_-MPycJmpoBo.mft (raw, json)
Hash identifier:          Pk4ezAheyvyTkUt0Zxlz/36JekyxGCv4bbMn6zmqqSw=
Subject key identifier:   BF:C1:9F:85:CF:C2:A1:87:40:B9:BB:83:88:3E:E3:A7:8F:8D:AB:97
Authority key identifier: E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A
Certificate issuer:       /CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
Certificate serial:       019752A1BEF00DEDECCF1F170D57F767F411
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
Manifest number:          157E
Signing time:             Mon 09 Jun 2025 03:00:21 +0000
Manifest this update:     Mon 09 Jun 2025 03:00:21 +0000
Manifest next update:     Tue 10 Jun 2025 03:00:21 +0000
Files and hashes:         1: 6Md5F2XIhNCFX-0_-MPycJmpoBo.crl (hash: UnFBs/a4P3OwxzKmrh3gZgGOdP51sTYBKJYuLGropS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:a1:be:f0:0d:ed:ec:cf:1f:17:0d:57:f7:67:f4:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
        Validity
            Not Before: Jun  9 03:00:21 2025 GMT
            Not After : Jun 10 03:00:21 2025 GMT
        Subject: CN=bfc19f85cfc2a18740b9bb83883ee3a78f8dab97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:f6:a8:a6:df:e2:3e:24:ab:21:5d:cd:5b:
                    ee:76:01:1b:7a:78:78:3f:1b:5f:1f:0e:93:9f:7e:
                    93:df:ed:0f:07:59:a9:f3:3c:02:0c:31:2a:7b:78:
                    ec:e7:12:48:13:b8:ec:05:22:b7:93:1c:f2:ae:97:
                    e7:34:81:8c:bb:46:10:38:c1:d4:72:a3:bc:ef:04:
                    46:89:14:9f:89:ea:9a:e0:99:7d:4c:50:92:0e:82:
                    6e:f9:cd:cb:83:14:7a:ea:89:fa:59:1d:df:ef:7c:
                    97:b5:96:39:c6:63:40:13:89:0e:1b:a8:4b:c7:3d:
                    e0:e4:9b:20:f1:9b:f6:99:41:d6:20:e6:4e:76:62:
                    f1:74:91:54:a2:cb:48:e3:eb:06:05:b7:3d:e0:94:
                    0e:60:52:f7:9a:a8:9d:a3:c0:5e:d7:97:14:df:c5:
                    aa:b0:ff:78:62:39:0e:b8:a4:61:4b:62:a0:a7:ca:
                    7b:e3:28:0c:42:f8:df:01:de:f0:f5:bc:50:15:61:
                    53:82:ee:4e:9b:06:0e:2f:be:8c:cd:38:0a:0c:ad:
                    e8:8c:22:03:73:60:7e:17:78:45:c0:f1:85:34:a3:
                    9b:9b:54:97:53:f6:8c:cf:5b:bc:c4:e6:cc:df:eb:
                    d1:19:55:57:db:8f:45:cc:c7:62:1c:d1:ac:1b:b7:
                    a0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:C1:9F:85:CF:C2:A1:87:40:B9:BB:83:88:3E:E3:A7:8F:8D:AB:97
            X509v3 Authority Key Identifier:
                keyid:E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:19:c8:c3:9a:a1:ab:57:a0:54:e6:6e:3d:f9:0c:63:69:d4:
         f1:ba:9f:bf:48:55:cc:7c:41:38:46:91:c8:b5:dc:14:3a:29:
         40:69:df:e7:1c:6f:72:c6:90:92:7e:61:00:9f:3d:8d:ab:0c:
         fc:0e:5e:73:17:b7:60:84:d2:d1:fc:95:2f:d4:48:30:5d:9f:
         ff:f1:1e:81:c4:eb:6b:ab:be:06:c4:18:a6:0b:d2:c3:a4:23:
         19:8b:07:e0:41:fb:9c:f4:3d:fa:40:92:72:d5:dc:77:6a:40:
         a2:35:ad:1c:4d:9b:ac:6d:23:8c:0a:94:17:98:74:49:bd:ca:
         73:bb:68:11:8e:c1:84:6c:30:ca:91:f7:b7:b9:da:fa:c1:37:
         23:bb:06:ee:13:80:6f:8f:42:ee:21:03:f6:0e:42:a3:ac:1d:
         88:38:9a:13:0a:b7:70:ff:84:d0:d8:cd:3f:93:28:5c:ed:50:
         26:e0:88:7d:23:b6:aa:15:48:2f:c8:a7:07:c8:12:8a:76:48:
         f0:3e:25:63:07:49:2f:2e:c0:20:58:80:5f:a4:3e:9a:ca:e0:
         14:09:96:3a:3f:dd:cd:bd:cd:84:83:44:27:70:a2:3b:ff:4e:
         87:26:5b:ec:a0:20:df:30:e8:b1:83:29:fe:78:2d:a2:bd:40:
         7a:27:fc:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSob7wDe3szx8XDVf3Z/QRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Yzc3OTE3NjVjODg0ZDA4NTVmZWQzZmY4YzNmMjcwOTlh
OWEwMWEwHhcNMjUwNjA5MDMwMDIxWhcNMjUwNjEwMDMwMDIxWjAzMTEwLwYDVQQD
EyhiZmMxOWY4NWNmYzJhMTg3NDBiOWJiODM4ODNlZTNhNzhmOGRhYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/L2qKbf4j4kqyFdzVvudgEbenh4
PxtfHw6Tn36T3+0PB1mp8zwCDDEqe3js5xJIE7jsBSK3kxzyrpfnNIGMu0YQOMHU
cqO87wRGiRSfieqa4Jl9TFCSDoJu+c3LgxR66on6WR3f73yXtZY5xmNAE4kOG6hL
xz3g5Jsg8Zv2mUHWIOZOdmLxdJFUostI4+sGBbc94JQOYFL3mqido8Be15cU38Wq
sP94YjkOuKRhS2Kgp8p74ygMQvjfAd7w9bxQFWFTgu5OmwYOL76MzTgKDK3ojCID
c2B+F3hFwPGFNKObm1SXU/aMz1u8xObM3+vRGVVX249FzMdiHNGsG7egSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/Bn4XPwqGHQLm7g4g+46ePjauXMB8GA1UdIwQY
MBaAFOjHeRdlyITQhV/tP/jD8nCZqaAaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEt
OTViMWQ3MWJjYzg5LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEtOTViMWQ3MWJjYzg5
LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsxnIw5qh
q1egVOZuPfkMY2nU8bqfv0hVzHxBOEaRyLXcFDopQGnf5xxvcsaQkn5hAJ89jasM
/A5ecxe3YITS0fyVL9RIMF2f//EegcTra6u+BsQYpgvSw6QjGYsH4EH7nPQ9+kCS
ctXcd2pAojWtHE2brG0jjAqUF5h0Sb3Kc7toEY7BhGwwypH3t7na+sE3I7sG7hOA
b49C7iED9g5Co6wdiDiaEwq3cP+E0NjNP5MoXO1QJuCIfSO2qhVIL8inB8gSinZI
8D4lYwdJLy7AIFiAX6Q+msrgFAmWOj/dzb3NhINEJ3CiO/9OhyZb7KAg3zDosYMp
/ngtor1Aeif8qA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:19:59 2025 by rpki-client