Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          qbSfwEV2yRdmsn5B7ACEI2+3Cxa8mshnxc1jp+uqhvw=
Subject key identifier:   07:65:2C:02:D1:9D:F6:53:FA:A7:B5:A0:7C:88:83:3A:A4:EF:70:2C
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       01975E38A7BBDA7A00086AB2406D8817F9CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          0DEF
Signing time:             Wed 11 Jun 2025 09:01:00 +0000
Manifest this update:     Wed 11 Jun 2025 09:01:00 +0000
Manifest next update:     Thu 12 Jun 2025 09:01:00 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: IAHwyTYZnC19Fm5kaePChznHe9bC3eMqvPuwRSClAeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:a7:bb:da:7a:00:08:6a:b2:40:6d:88:17:f9:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Jun 11 09:01:00 2025 GMT
            Not After : Jun 12 09:01:00 2025 GMT
        Subject: CN=07652c02d19df653faa7b5a07c88833aa4ef702c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2a:a3:a3:c5:c6:de:56:d7:7f:f4:f8:31:45:
                    27:3b:c5:a5:7b:13:99:3d:8d:3c:24:f5:bf:10:30:
                    1d:c6:74:01:68:62:a2:d6:ca:e8:39:7e:cc:33:ab:
                    6c:98:3c:41:ee:5f:bf:c3:4f:7f:f9:50:b0:eb:28:
                    99:41:76:5e:5a:66:1f:ca:69:1e:63:48:23:16:92:
                    6a:a0:d0:47:fa:7e:d6:09:3e:0e:53:fb:3c:d6:aa:
                    c8:44:15:9a:3c:37:7c:7f:53:e6:7c:4e:57:2f:86:
                    f4:55:b1:00:4f:9d:33:7c:dc:c1:5c:46:42:a3:f4:
                    3d:40:50:90:7b:bd:51:a8:e3:d2:ec:f9:52:ea:f2:
                    40:43:31:75:94:50:0f:2c:e2:ad:42:38:86:8b:6d:
                    60:49:da:54:ba:21:1a:05:b1:9c:69:75:da:eb:2e:
                    3b:5e:29:c5:8d:8f:9e:19:ae:f5:2f:25:cc:99:15:
                    57:03:76:28:b9:fd:62:db:f1:2b:44:5e:73:68:ad:
                    91:f2:2e:51:8e:1e:e8:73:d6:ec:92:6f:10:34:40:
                    20:3d:9c:3e:e2:00:07:0b:6d:a3:1f:ff:f9:52:95:
                    6b:b4:92:d7:a7:59:b9:f2:d4:71:59:57:9a:4c:0c:
                    0c:9c:7b:78:23:d5:73:e2:47:06:2c:f6:1f:6a:c8:
                    c3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:65:2C:02:D1:9D:F6:53:FA:A7:B5:A0:7C:88:83:3A:A4:EF:70:2C
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:3c:24:88:56:a4:a7:dc:1f:8b:84:97:9a:d1:54:2e:87:50:
         01:68:33:78:02:b5:59:7d:0d:38:71:e4:04:f6:d5:e3:2a:d8:
         25:c2:1f:bd:37:a6:26:87:6a:b3:22:d4:4a:8c:ce:af:d9:b4:
         ea:6a:d9:7e:b9:6a:be:17:dd:4e:29:72:cf:46:e1:bc:d8:0a:
         4e:8d:e7:e7:2f:dd:5b:37:b5:f5:c2:f5:ed:e7:ad:45:14:db:
         f9:f9:e6:bf:d1:55:be:de:40:df:50:08:ab:cb:8a:2c:ce:3a:
         7b:b8:74:f9:ee:52:9b:58:bf:82:27:1b:44:9b:93:d1:ca:11:
         ff:5c:f2:36:e2:bb:c1:4a:f6:8e:bc:4b:9e:37:8e:13:d3:7d:
         9e:d2:71:cd:23:4e:b3:d0:d6:7e:bf:1f:48:b6:4f:a2:3b:f4:
         68:52:e7:fe:0c:11:c2:27:06:ca:e4:0c:15:59:cf:78:16:98:
         05:88:60:72:99:e9:8b:cf:f3:9a:d9:99:4b:5e:60:75:1d:35:
         ed:48:bd:8e:ad:7b:2c:29:a6:1d:02:cb:47:04:f6:a0:db:8b:
         9b:74:e5:ea:1f:ee:03:ee:c4:8a:b6:9b:30:03:4f:00:8f:6e:
         65:92:bb:b5:2b:e3:f1:78:08:aa:e6:d0:c0:ff:0c:2e:8a:66:
         22:8e:44:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOKe72noACGqyQG2IF/nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjUwNjExMDkwMTAwWhcNMjUwNjEyMDkwMTAwWjAzMTEwLwYDVQQD
EygwNzY1MmMwMmQxOWRmNjUzZmFhN2I1YTA3Yzg4ODMzYWE0ZWY3MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiqjo8XG3lbXf/T4MUUnO8WlexOZ
PY08JPW/EDAdxnQBaGKi1sroOX7MM6tsmDxB7l+/w09/+VCw6yiZQXZeWmYfymke
Y0gjFpJqoNBH+n7WCT4OU/s81qrIRBWaPDd8f1PmfE5XL4b0VbEAT50zfNzBXEZC
o/Q9QFCQe71RqOPS7PlS6vJAQzF1lFAPLOKtQjiGi21gSdpUuiEaBbGcaXXa6y47
XinFjY+eGa71LyXMmRVXA3Youf1i2/ErRF5zaK2R8i5Rjh7oc9bskm8QNEAgPZw+
4gAHC22jH//5UpVrtJLXp1m58tRxWVeaTAwMnHt4I9Vz4kcGLPYfasjDVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdlLALRnfZT+qe1oHyIgzqk73AsMB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALTwkiFak
p9wfi4SXmtFULodQAWgzeAK1WX0NOHHkBPbV4yrYJcIfvTemJodqsyLUSozOr9m0
6mrZfrlqvhfdTilyz0bhvNgKTo3n5y/dWze19cL17eetRRTb+fnmv9FVvt5A31AI
q8uKLM46e7h0+e5Sm1i/gicbRJuT0coR/1zyNuK7wUr2jrxLnjeOE9N9ntJxzSNO
s9DWfr8fSLZPojv0aFLn/gwRwicGyuQMFVnPeBaYBYhgcpnpi8/zmtmZS15gdR01
7Ui9jq17LCmmHQLLRwT2oNuLm3Tl6h/uA+7EirabMANPAI9uZZK7tSvj8XgIqubQ
wP8MLopmIo5Etw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:48:54 2025 by rpki-client