Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          BKsu+FIs9atSInjM/GA5QfnRxv9/eH7zBU7bBmxt61s=
Subject key identifier:   3E:E0:4B:10:89:8B:21:03:F0:C7:1E:C0:14:55:79:73:C3:7E:A1:07
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       01975C49FB53026234E8C48970226E19B1FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          0DEE
Signing time:             Wed 11 Jun 2025 00:00:41 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:41 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:41 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: Sf3Ab/tvvJLQqSvtHqGzBfTppLN4ajYsPVcs3jb7WQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:49:fb:53:02:62:34:e8:c4:89:70:22:6e:19:b1:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Jun 11 00:00:41 2025 GMT
            Not After : Jun 12 00:00:41 2025 GMT
        Subject: CN=3ee04b10898b2103f0c71ec014557973c37ea107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:44:83:7a:8a:b2:c1:30:9a:93:f5:7a:2c:a1:
                    30:6e:c3:1e:f1:9c:ec:55:b6:2e:b0:ff:86:32:f3:
                    1e:8d:a1:dc:04:dd:6b:0a:34:e9:c7:b1:ca:b3:a3:
                    4b:1f:a4:b4:b4:cf:8d:e9:97:79:ff:a2:52:4d:c8:
                    df:9e:b0:20:e2:47:4e:b7:cf:f9:f7:bf:af:ff:7c:
                    fd:90:58:63:22:b7:5f:90:fd:ea:a8:10:c6:0d:a3:
                    6d:d9:c4:ea:f6:03:17:55:8d:17:e1:25:72:82:7d:
                    ad:b8:b3:d4:7b:10:97:30:6c:fa:5b:cd:b8:55:2f:
                    8f:40:fd:86:d8:7e:23:14:d3:95:64:5c:e0:97:1e:
                    7b:a6:84:2e:84:68:ee:d4:6d:21:e7:a2:5a:9b:d8:
                    74:f0:35:f5:d7:a1:9b:37:8b:b5:00:61:70:58:3d:
                    b8:6d:bb:d2:33:55:34:3f:85:be:2c:8a:46:e8:2e:
                    5b:68:fe:51:75:7c:df:68:be:eb:87:55:98:10:27:
                    04:66:fb:f6:69:bb:b5:f0:93:94:6c:6e:bf:62:07:
                    ec:85:1f:72:93:19:50:bb:f8:c4:b6:90:b5:53:4d:
                    8a:1a:b3:bc:ec:5c:1b:66:24:0a:7e:ad:e6:e2:67:
                    79:34:1f:02:7d:04:0a:af:11:f0:d8:e1:6e:ff:2f:
                    30:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:E0:4B:10:89:8B:21:03:F0:C7:1E:C0:14:55:79:73:C3:7E:A1:07
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:38:65:c1:8a:34:ed:fe:77:f9:97:5f:44:6a:92:c3:9e:4c:
         d8:ff:6f:4b:31:0e:a3:0d:35:91:e3:35:3a:8f:01:2b:15:04:
         6f:2e:5c:1a:bc:0b:25:72:5f:68:f5:ab:f1:ba:27:02:22:f2:
         9b:1e:1d:34:38:9a:a1:98:e9:b6:75:5c:a8:11:b1:0d:fa:eb:
         5c:c0:73:02:e5:3e:06:28:e0:4a:1b:62:cc:ec:30:b3:72:b6:
         25:b1:94:91:56:61:ec:25:51:88:4c:b6:d7:82:c7:3a:2a:ff:
         d1:ef:4a:68:84:3a:77:40:f6:d6:ca:07:0e:87:3d:60:a7:a2:
         b0:70:cf:e7:9f:dd:a6:b0:6d:70:71:8a:ab:8c:d0:1c:5b:8c:
         6e:b0:9b:e7:4d:e5:21:cf:23:3a:a0:94:40:42:f2:ec:8d:5a:
         20:52:ab:04:d8:37:38:e1:5d:8d:63:82:b5:be:fb:11:8f:52:
         bf:7a:77:13:6c:62:59:49:e3:dc:11:4d:f8:1d:5e:0b:72:78:
         3d:f0:a5:1f:0f:14:1c:e5:3e:3c:21:23:68:80:78:7d:11:63:
         0e:be:39:83:e4:76:41:c3:bf:03:6b:19:21:b4:1d:54:e6:ce:
         5f:23:3a:f1:7a:ee:ac:3f:f8:2a:24:0f:91:b1:b6:dc:61:19:
         2f:ff:24:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSftTAmI06MSJcCJuGbH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjUwNjExMDAwMDQxWhcNMjUwNjEyMDAwMDQxWjAzMTEwLwYDVQQD
EygzZWUwNGIxMDg5OGIyMTAzZjBjNzFlYzAxNDU1Nzk3M2MzN2VhMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0SDeoqywTCak/V6LKEwbsMe8Zzs
VbYusP+GMvMejaHcBN1rCjTpx7HKs6NLH6S0tM+N6Zd5/6JSTcjfnrAg4kdOt8/5
97+v/3z9kFhjIrdfkP3qqBDGDaNt2cTq9gMXVY0X4SVygn2tuLPUexCXMGz6W824
VS+PQP2G2H4jFNOVZFzglx57poQuhGju1G0h56Jam9h08DX116GbN4u1AGFwWD24
bbvSM1U0P4W+LIpG6C5baP5RdXzfaL7rh1WYECcEZvv2abu18JOUbG6/YgfshR9y
kxlQu/jEtpC1U02KGrO87FwbZiQKfq3m4md5NB8CfQQKrxHw2OFu/y8wDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7gSxCJiyED8McewBRVeXPDfqEHMB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOjhlwYo0
7f53+ZdfRGqSw55M2P9vSzEOow01keM1Oo8BKxUEby5cGrwLJXJfaPWr8bonAiLy
mx4dNDiaoZjptnVcqBGxDfrrXMBzAuU+BijgShtizOwws3K2JbGUkVZh7CVRiEy2
14LHOir/0e9KaIQ6d0D21soHDoc9YKeisHDP55/dprBtcHGKq4zQHFuMbrCb503l
Ic8jOqCUQELy7I1aIFKrBNg3OOFdjWOCtb77EY9Sv3p3E2xiWUnj3BFN+B1eC3J4
PfClHw8UHOU+PCEjaIB4fRFjDr45g+R2QcO/A2sZIbQdVObOXyM68XrurD/4KiQP
kbG23GEZL/8kcw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:51:26 2025 by rpki-client