Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
File:                     THHp8j7qymjHIcvkKAYQC3XhV3A.mft (raw, json)
Hash identifier:          zUv+CfjkT8NW6ef4P6yRoVJjyjCz25/gGh39ifzG3Q0=
Subject key identifier:   4D:0F:E8:76:01:8B:B6:2E:7E:3E:98:83:60:A7:FF:C0:11:E6:C2:28
Authority key identifier: 4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70
Certificate issuer:       /CN=4c71e9f23eeaca68c721cbe42806100b75e15770
Certificate serial:       0197537D7C26E9B850B9A6CB591E96838D5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
Manifest number:          043F
Signing time:             Mon 09 Jun 2025 07:00:21 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:21 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:21 +0000
Files and hashes:         1: THHp8j7qymjHIcvkKAYQC3XhV3A.crl (hash: S5ZA7HzYIgn2I3zL1RVVix0kaqzsInohu/Ei8RrotxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:7c:26:e9:b8:50:b9:a6:cb:59:1e:96:83:8d:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c71e9f23eeaca68c721cbe42806100b75e15770
        Validity
            Not Before: Jun  9 07:00:21 2025 GMT
            Not After : Jun 10 07:00:21 2025 GMT
        Subject: CN=4d0fe876018bb62e7e3e988360a7ffc011e6c228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7b:d1:18:f1:7e:6a:f4:aa:6a:c2:f8:89:1d:
                    0b:f8:97:94:82:8e:98:89:b8:5f:76:51:df:c0:0d:
                    c7:3c:11:72:87:80:c8:77:4d:eb:a8:90:f4:c1:10:
                    51:65:68:2b:ac:0b:a4:37:6b:20:50:60:70:8c:fd:
                    58:2e:4e:32:63:01:7e:6c:be:9d:f5:e3:53:34:10:
                    1c:62:d0:d3:91:03:90:75:40:b6:64:bd:56:f9:e2:
                    0b:13:27:8b:73:7e:7a:42:2b:f2:a6:ac:c7:69:64:
                    85:f7:6e:0a:78:9a:65:36:c4:89:36:43:9c:1d:4a:
                    59:2a:d9:75:c6:95:29:97:b7:ba:31:1b:55:59:f0:
                    4a:2e:c2:26:7f:f9:0b:89:b8:d2:3a:a6:cc:a6:07:
                    f4:57:7c:ea:31:71:6d:a6:1a:42:2c:2f:b7:a7:d5:
                    8f:35:a2:49:81:ed:11:8c:0a:27:3e:e1:3f:00:26:
                    de:ba:84:be:d2:c9:8a:88:f0:0d:37:9e:1a:96:d9:
                    c1:e9:bc:11:aa:cb:83:85:51:33:0d:b2:47:89:1a:
                    81:8f:f6:03:9a:40:1b:5c:2a:f5:c7:0e:e1:fc:81:
                    ba:bb:7a:28:5c:91:d1:69:51:13:f1:a5:73:e9:9d:
                    05:c3:34:79:0c:6f:34:c0:4c:4e:06:1a:64:9d:1a:
                    81:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:0F:E8:76:01:8B:B6:2E:7E:3E:98:83:60:A7:FF:C0:11:E6:C2:28
            X509v3 Authority Key Identifier:
                keyid:4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:6b:54:66:c5:74:91:12:7b:25:1a:af:69:f9:52:f0:cc:db:
         cd:ae:a7:66:e2:a7:9c:c5:c7:69:47:c7:71:ae:55:27:2f:5c:
         86:b5:24:1e:ad:d2:ba:57:5a:fc:b3:1c:27:03:70:e6:97:64:
         b5:a7:3f:59:47:02:7a:a9:48:5a:e5:aa:6f:30:50:fc:40:89:
         27:19:92:77:a8:48:59:e3:8e:f6:f3:c0:a8:1e:41:59:89:80:
         f1:69:ce:02:5d:f9:54:f1:a2:a0:9c:36:c5:3e:81:9e:6e:0b:
         bd:44:b1:61:a9:8b:42:31:43:77:0a:28:b3:f7:b0:7b:e7:a9:
         82:a8:7a:d7:47:69:43:d1:40:bd:e1:c1:ee:70:30:b7:91:e0:
         07:7d:8c:df:8a:d0:0b:28:7f:b8:a3:b0:a9:1f:f8:30:69:54:
         95:49:ca:00:00:72:be:d0:5a:36:19:cd:e4:c7:a6:22:04:c3:
         d3:e8:be:77:9d:a6:3e:d6:e3:8a:67:3c:f1:14:8c:a1:de:5e:
         d4:32:eb:e8:70:a7:5d:73:d8:da:38:65:f8:b3:be:0c:f7:b3:
         bf:4f:64:1e:a7:74:f3:1e:35:54:ca:88:78:0b:01:0f:1e:a1:
         d3:83:4f:50:e4:58:33:5b:69:1c:ad:de:f9:30:96:cd:b3:f0:
         43:53:10:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfXwm6bhQuabLWR6Wg41aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFlOWYyM2VlYWNhNjhjNzIxY2JlNDI4MDYxMDBiNzVl
MTU3NzAwHhcNMjUwNjA5MDcwMDIxWhcNMjUwNjEwMDcwMDIxWjAzMTEwLwYDVQQD
Eyg0ZDBmZTg3NjAxOGJiNjJlN2UzZTk4ODM2MGE3ZmZjMDExZTZjMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknvRGPF+avSqasL4iR0L+JeUgo6Y
ibhfdlHfwA3HPBFyh4DId03rqJD0wRBRZWgrrAukN2sgUGBwjP1YLk4yYwF+bL6d
9eNTNBAcYtDTkQOQdUC2ZL1W+eILEyeLc356QivypqzHaWSF924KeJplNsSJNkOc
HUpZKtl1xpUpl7e6MRtVWfBKLsImf/kLibjSOqbMpgf0V3zqMXFtphpCLC+3p9WP
NaJJge0RjAonPuE/ACbeuoS+0smKiPANN54altnB6bwRqsuDhVEzDbJHiRqBj/YD
mkAbXCr1xw7h/IG6u3ooXJHRaVET8aVz6Z0FwzR5DG80wExOBhpknRqBbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0P6HYBi7Yufj6Yg2Cn/8AR5sIoMB8GA1UdIwQY
MBaAFExx6fI+6spoxyHL5CgGEAt14VdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEt
YzliN2ViMmNlYTU3LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEtYzliN2ViMmNlYTU3
LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdWtUZsV0
kRJ7JRqvaflS8Mzbza6nZuKnnMXHaUfHca5VJy9chrUkHq3Sulda/LMcJwNw5pdk
tac/WUcCeqlIWuWqbzBQ/ECJJxmSd6hIWeOO9vPAqB5BWYmA8WnOAl35VPGioJw2
xT6Bnm4LvUSxYamLQjFDdwoos/ewe+epgqh610dpQ9FAveHB7nAwt5HgB32M34rQ
Cyh/uKOwqR/4MGlUlUnKAAByvtBaNhnN5MemIgTD0+i+d52mPtbjimc88RSMod5e
1DLr6HCnXXPY2jhl+LO+DPezv09kHqd08x41VMqIeAsBDx6h04NPUORYM1tpHK3e
+TCWzbPwQ1MQXg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:13:11 2025 by rpki-client