Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          F8b7H3st7DHk/mKiA6dW3NhzhmLR/UQD5Xor8JGYNa4=
Subject key identifier:   D3:3D:08:91:DC:70:02:1D:75:39:50:9B:26:C0:75:D6:B8:C1:ED:3D
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019757FF635F121810A2A85F9BF1CB6126C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          09FA
Signing time:             Tue 10 Jun 2025 04:00:44 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:44 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:44 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: ye5JKiYKzszJVxKppnI6+KlGPTqSN2E23qyKT/HWtGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:63:5f:12:18:10:a2:a8:5f:9b:f1:cb:61:26:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Jun 10 04:00:44 2025 GMT
            Not After : Jun 11 04:00:44 2025 GMT
        Subject: CN=d33d0891dc70021d7539509b26c075d6b8c1ed3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:19:2c:88:47:e8:dc:c0:69:b0:8b:77:7b:5d:
                    49:b6:30:01:82:2e:b5:93:4d:db:26:bb:26:06:3c:
                    7f:dd:37:9a:0c:ac:55:24:20:fa:4e:ee:15:75:43:
                    fe:1e:d7:00:b2:fb:0c:0b:4c:80:76:4f:49:b4:23:
                    a5:46:c1:4d:65:da:bb:dd:ab:ca:df:e7:a9:15:6b:
                    4d:a2:4d:09:6f:5f:d2:a5:19:ad:fb:2a:d1:31:57:
                    84:3d:6e:03:0e:fc:aa:37:2b:dc:90:f2:33:e1:4e:
                    ed:df:26:41:31:5f:ff:05:a9:ab:ca:d3:ef:9f:eb:
                    e7:4d:3f:f8:fa:ca:82:69:6b:67:d6:1c:95:20:26:
                    1b:3f:37:fe:3f:fe:14:77:2b:39:45:9a:35:3c:f9:
                    85:b9:0c:df:42:94:a1:cd:ad:d4:ef:29:6d:f0:a1:
                    71:91:d8:84:1d:74:15:3a:37:3e:76:25:78:90:65:
                    77:67:05:d4:55:9f:03:9c:51:94:8f:64:23:e2:90:
                    a8:3c:6e:ea:d3:08:2c:96:f0:a0:ef:a3:f6:eb:67:
                    92:4a:fa:6b:3b:4f:8c:b2:1c:7c:e4:b3:d9:46:f0:
                    47:ed:14:72:59:81:61:7b:70:69:bb:11:a9:6d:0f:
                    de:f0:d0:50:4a:d0:19:fe:f2:2f:45:a2:35:a4:fd:
                    47:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:3D:08:91:DC:70:02:1D:75:39:50:9B:26:C0:75:D6:B8:C1:ED:3D
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:8c:37:c0:ca:cd:96:87:77:ed:95:48:df:13:04:cf:b5:ab:
         a9:14:9a:cb:97:a5:7d:54:5a:99:dd:4d:38:8b:4f:b8:0e:1c:
         9d:ca:48:c1:67:d6:38:e5:5a:53:4f:97:e5:d2:96:90:f4:bb:
         29:0e:1b:d6:0b:93:1f:40:0f:99:d3:58:e7:6d:71:c5:7c:b9:
         a1:fa:9e:fd:6f:bf:22:26:86:14:33:24:45:27:80:49:80:87:
         5f:68:12:83:ce:8c:26:35:f3:5a:9d:9c:cb:42:58:55:f1:4b:
         42:af:1b:39:31:fc:73:54:c1:1c:52:b6:dd:d8:61:82:5e:62:
         43:a7:c2:94:8d:dc:81:54:88:ce:c0:48:9c:2b:e2:79:fa:7a:
         39:8e:76:30:69:cd:7b:b5:72:ad:e5:23:c8:78:6b:89:d6:55:
         6e:fd:ee:bb:1d:ed:a3:d3:a7:5c:37:df:4c:19:7d:09:58:aa:
         1e:21:20:0f:9d:c9:e6:76:71:1b:7b:55:e3:d7:df:8e:9e:68:
         cb:50:b1:a8:86:25:f6:90:e2:48:6f:b6:ea:6c:ec:c7:fe:e9:
         28:f8:fe:4d:56:bf:7b:1a:35:2b:4c:ac:10:0f:d3:e5:e8:56:
         31:1d:bd:9f:7f:17:9c:e8:0c:c8:7c:de:51:a9:31:c9:77:bc:
         69:a5:b3:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/2NfEhgQoqhfm/HLYSbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNjEwMDQwMDQ0WhcNMjUwNjExMDQwMDQ0WjAzMTEwLwYDVQQD
EyhkMzNkMDg5MWRjNzAwMjFkNzUzOTUwOWIyNmMwNzVkNmI4YzFlZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxksiEfo3MBpsIt3e11JtjABgi61
k03bJrsmBjx/3TeaDKxVJCD6Tu4VdUP+HtcAsvsMC0yAdk9JtCOlRsFNZdq73avK
3+epFWtNok0Jb1/SpRmt+yrRMVeEPW4DDvyqNyvckPIz4U7t3yZBMV//BamrytPv
n+vnTT/4+sqCaWtn1hyVICYbPzf+P/4Udys5RZo1PPmFuQzfQpShza3U7ylt8KFx
kdiEHXQVOjc+diV4kGV3ZwXUVZ8DnFGUj2Qj4pCoPG7q0wgslvCg76P262eSSvpr
O0+Mshx85LPZRvBH7RRyWYFhe3BpuxGpbQ/e8NBQStAZ/vIvRaI1pP1HxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNM9CJHccAIddTlQmybAdda4we09MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ4w3wMrN
lod37ZVI3xMEz7WrqRSay5elfVRamd1NOItPuA4cncpIwWfWOOVaU0+X5dKWkPS7
KQ4b1guTH0APmdNY521xxXy5ofqe/W+/IiaGFDMkRSeASYCHX2gSg86MJjXzWp2c
y0JYVfFLQq8bOTH8c1TBHFK23dhhgl5iQ6fClI3cgVSIzsBInCviefp6OY52MGnN
e7VyreUjyHhridZVbv3uux3to9OnXDffTBl9CViqHiEgD53J5nZxG3tV49ffjp5o
y1CxqIYl9pDiSG+26mzsx/7pKPj+TVa/exo1K0ysEA/T5ehWMR29n38XnOgMyHze
UakxyXe8aaWz+g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:09:44 2025 by rpki-client